/
apache.spec
4375 lines (3456 loc) · 160 KB
/
apache.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
%define _build_pkgcheck_set %{nil}
%define _build_pkgcheck_srpm %{nil}
%define defaultmaxmodules 256
%define defaultserverlimit 2048
%define TAG OpenMandriva Lx
%define BASEPRODUCT Apache
%define all_services httpd.service httpd-worker.service httpd-prefork.service
Summary: The most widely used Web server on the Internet
Name: apache
Version: 2.4.39
Release: 1
Group: System/Servers
License: Apache License
URL: http://httpd.apache.org
Source0: http://archive.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: http://archive.apache.org/dist/httpd/httpd-%{version}.tar.gz.asc
Source2: webapp.script
Source3: apache2_transparent_png_icons.tar.bz2
Source9: htcacheclean.service
Source10: htcacheclean.sysconfig
Source11: OpenMandriva.tar.xz
Source15: httpd.service
Source100: buildconf
Patch0: httpd-2.0.45-deplibs.patch
Patch1: httpd-2.4.29-find-lex.patch
Patch8: httpd-2.1.10-apxs.patch
# speedups by Allen Pulsifer
Patch16: httpd-2.2.4-fix_extra_htaccess_check.diff
Patch18: httpd-2.2.10-ldap_auth_now_modular_in-apr-util-dbd-ldap_fix.diff
Patch19: httpd-2.2.21-linux3.diff
Patch105: httpd-2.2.17-filter.patch
Patch106: httpd-2.4.1-mdv_config.diff
Patch107: httpd-2.4.1-linkage_fix.diff
Patch108: httpd-2.4.1-buildfix.diff
BuildRequires: autoconf automake libtool
# For _pre_useradd macro and friends
BuildRequires: rpm-helper
BuildRequires: flex-devel
BuildRequires: pkgconfig(apr-1) >= 1.5.0
BuildRequires: pkgconfig(apr-util-1) >= 1.5.3
BuildRequires: pkgconfig(expat)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: sasl-devel
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(lua) >= 5.1
BuildRequires: lynx
BuildRequires: openldap-devel
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libpcre)
BuildRequires: pkgconfig(jansson)
BuildRequires: perl
BuildRequires: pkgconfig
BuildRequires: pkgconfig(zlib)
BuildRequires: pkgconfig(uuid)
# So people who "urpmi httpd" get what they expect
Provides: httpd = %EVRD
%description
This package contains the main binary of apache, a powerful, full-featured,
efficient and freely-available Web server. Apache is also the most popular Web
server on the Internet.
This version of apache is fully modular, and many modules are available in
pre-compiled formats, like PHP and mod_auth_external.
This package defaults to a maximum of %{defaultmaxmodules} dynamically loadable modules.
This package defaults to a ServerLimit of %{defaultserverlimit}.
You can change these values at RPM build time by using for example:
--define 'maxmodules 512' --define 'serverlimit 2048'
The package was built to support a maximum of %{?!maxmodules:%{defaultmaxmodules}}%{?maxmodules:%{maxmodules}} dynamically loadable modules.
The package was built with a ServerLimit of %{?!serverlimit:%{defaultserverlimit}}%{?serverlimit:%{serverlimit}}.
%package mpm-prefork
Summary: Implements a non-threaded, pre-forking web server (stable)
Group: System/Servers
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-units
Requires: apache-base = %{version}-%{release}
Requires: apache-modules = %{version}-%{release}
Provides: webserver
Provides: apache = %{version}-%{release}
Provides: apache-mpm = %{version}-%{release}
%description mpm-prefork
This Multi-Processing Module (MPM) implements a non-threaded, pre-forking web
server that handles requests in a manner similar to Apache 1.3. It is
appropriate for sites that need to avoid threading for compatibility with
non-thread-safe libraries. It is also the best MPM for isolating each request,
so that a problem with a single request will not affect any other.
This MPM is very self-regulating, so it is rarely necessary to adjust its
configuration directives. Most important is that MaxClients be big enough to
handle as many simultaneous requests as you expect to receive, but small enough
to assure that there is enough physical RAM for all processes.
This package defaults to a maximum of %{defaultmaxmodules} dynamically loadable modules.
This package defaults to a ServerLimit of %{defaultserverlimit}.
You can change these values at RPM build time by using for example:
--define 'maxmodules 512' --define 'serverlimit 2048'
The package was built to support a maximum of %{?!maxmodules:%{defaultmaxmodules}}%{?maxmodules:%{maxmodules}} dynamically loadable modules.
The package was built with a ServerLimit of %{?!serverlimit:%{defaultserverlimit}}%{?serverlimit:%{serverlimit}}.
%package mpm-worker
Summary: Implements a hybrid multi-threaded multi-process web server (experimental)
Group: System/Servers
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-units
Requires: apache-base = %{version}-%{release}
Requires: apache-modules = %{version}-%{release}
Provides: webserver
Provides: apache = %{version}-%{release}
Conflicts: apache-mod_php apache-mod_perl apache-mod_python
%description mpm-worker
This Multi-Processing Module (MPM) implements a hybrid multi-process
multi-threaded server. By using threads to serve requests, it is able to serve
a large number of requests with less system resources than a process-based
server. Yet it retains much of the stability of a process-based server by
keeping multiple processes available, each with many threads.
The most important directives used to control this MPM are ThreadsPerChild,
which controls the number of threads deployed by each child process and
MaxClients, which controls the maximum total number of threads that may be
launched.
This package contains the main binary of apache, a powerful, full-featured,
efficient and freely-available Web server. Apache is also the most popular Web
server on the Internet.
This version of apache is fully modular, and many modules are available in
pre-compiled formats, like PHP and mod_auth_external.
This package defaults to a maximum of %{defaultmaxmodules} dynamically loadable modules.
You can change these values at RPM build time by using for example:
--define 'maxmodules 512'
The package was built to support a maximum of %{?!maxmodules:%{defaultmaxmodules}}%{?maxmodules:%{maxmodules}} dynamically loadable modules.
%package mpm-event
Summary: Implements a hybrid multi-threaded multi-process web server
Group: System/Servers
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-units
Requires: apache-base = %{version}-%{release}
Requires: apache-modules = %{version}-%{release}
Provides: webserver
Provides: apache = %{version}-%{release}
Conflicts: apache-mod_php apache-mod_perl apache-mod_python
%description mpm-event
The event Multi-Processing Module (MPM) is designed to allow more requests to
be served simultaneously by passing off some processing work to supporting
threads, freeing up the main threads to work on new requests. It is based on
the worker MPM, which implements a hybrid multi-process multi-threaded server.
Run-time configuration directives are identical to those provided by worker.
This package contains the main binary of apache, a powerful, full-featured,
efficient and freely-available Web server. Apache is also the most popular Web
server on the Internet.
This version of apache is fully modular, and many modules are available in
pre-compiled formats, like PHP and mod_auth_external.
This package defaults to a maximum of %{defaultmaxmodules} dynamically loadable modules.
You can change these values at RPM build time by using for example:
--define 'maxmodules 512'
The package was built to support a maximum of %{?!maxmodules:%{defaultmaxmodules}}%{?maxmodules:%{maxmodules}} dynamically loadable modules.
%package base
Summary: Common files and utilities for apache
Group: System/Servers
Requires(pre): rpm-helper
Requires(postun): rpm-helper
Requires: apache = %{version}-%{release}
Provides: apache-conf = %{version}-%{release}
Obsoletes: apache-conf
%description base
This package contains the apache utilities such as Apache Bench (ab) for stress
testing your apache installation and several tools for managing user databases,
access control, the apache logs and more.
%package modules
Summary: Meta package
Group: System/Servers
Requires: apache-mpm = %{version}-%{release}
Requires: apache-mod_actions = %{version}-%{release}
Requires: apache-mod_alias = %{version}-%{release}
Requires: apache-mod_auth_basic = %{version}-%{release}
Requires: apache-mod_auth_digest = %{version}-%{release}
Requires: apache-mod_authn_anon = %{version}-%{release}
Requires: apache-mod_authn_file = %{version}-%{release}
Requires: apache-mod_authz_dbm = %{version}-%{release}
Requires: apache-mod_authz_groupfile = %{version}-%{release}
Requires: apache-mod_authz_host = %{version}-%{release}
Requires: apache-mod_authz_owner = %{version}-%{release}
Requires: apache-mod_authz_user = %{version}-%{release}
Requires: apache-mod_autoindex = %{version}-%{release}
Requires: apache-mod_cgid = %{version}-%{release}
Requires: apache-mod_dir = %{version}-%{release}
Requires: apache-mod_env = %{version}-%{release}
Requires: apache-mod_expires = %{version}-%{release}
Requires: apache-mod_filter = %{version}-%{release}
Requires: apache-mod_headers = %{version}-%{release}
Requires: apache-mod_http2 = %{version}-%{release}
Requires: apache-mod_imagemap = %{version}-%{release}
Requires: apache-mod_include = %{version}-%{release}
Requires: apache-mod_info = %{version}-%{release}
Requires: apache-mod_log_config = %{version}-%{release}
Requires: apache-mod_mime = %{version}-%{release}
Requires: apache-mod_mime_magic = %{version}-%{release}
Requires: apache-mod_negotiation = %{version}-%{release}
Requires: apache-mod_rewrite = %{version}-%{release}
Requires: apache-mod_setenvif = %{version}-%{release}
Requires: apache-mod_status = %{version}-%{release}
Requires: apache-mod_substitute = %{version}-%{release}
Requires: apache-mod_unique_id = %{version}-%{release}
Requires: apache-mod_usertrack = %{version}-%{release}
Requires: apache-mod_version = %{version}-%{release}
Requires: apache-mod_vhost_alias = %{version}-%{release}
# new 2.3+ modules
Requires: apache-mod_authz_core = %{version}-%{release}
Requires: apache-mod_authz_host = %{version}-%{release}
Requires: apache-mod_unixd = %{version}-%{release}
# new 2.4+ modules
Requires: apache-mod_md = %{version}-%{release}
# obsolete 2.2 modules
Obsoletes: apache-mod_authz_default
Obsoletes: apache-mod_authn_alias
Obsoletes: apache-mod_authn_default
%description modules
This is a meta package that pulls in the apache modules used as default in the
apache-2.4 series in OpenMandriva.
%package mod_authn_file
Summary: User authentication using text files
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authn_core = %{EVRD}
%description mod_authn_file
This module provides authentication front-ends such as mod_auth_digest
and mod_auth_basic to authenticate users by looking up users in plain text
password files. Similar functionality is provided by mod_authn_dbm.
When using mod_auth_basic or mod_auth_digest, this module is invoked via
the AuthBasicProvider or AuthDigestProvider with the file value.
%package mod_authn_dbm
Summary: User authentication using DBM files
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authn_core = %{EVRD}
%description mod_authn_dbm
This module provides authentication front-ends such as mod_auth_digest and
mod_auth_basic to authenticate users by looking up users in dbm password
files. Similar functionality is provided by mod_authn_file.
When using mod_auth_basic or mod_auth_digest, this module is invoked via
the AuthBasicProvider or AuthDigestProvider with the dbm value.
%package mod_authn_anon
Summary: Allows "anonymous" user access to authenticated areas
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authn_core = %{EVRD}
%description mod_authn_anon
This module provides authentication front-ends such as mod_auth_basic to
authenticate users similar to anonymous-ftp sites, i.e. have a 'magic' user
id 'anonymous' and the email address as a password. These email addresses
can be logged.
Combined with other (database) access control methods, this allows for
effective user tracking and customization according to a user profile
while still keeping the site open for 'unregistered' users. One advantage
of using Auth-based user tracking is that, unlike magic-cookies and funny
URL pre/postfixes, it is completely browser independent and it allows users
to share URLs.
When using mod_auth_basic, this module is invoked via the AuthBasicProvider
directive with the anon value.
%package mod_authn_dbd
Summary: User authentication using an SQL database
Group: System/Servers
Requires: apache-mod_dbd
Requires: %{name}-mod_authn_core = %{EVRD}
%description mod_authn_dbd
This module provides authentication front-ends such as mod_auth_digest
and mod_auth_basic to authenticate users by looking up users in SQL
tables. Similar functionality is provided by, for example, mod_authn_file.
This module relies on mod_dbd to specify the backend database driver and
connection parameters, and manage the database connections.
When using mod_auth_basic or mod_auth_digest, this module is invoked via
the AuthBasicProvider or AuthDigestProvider with the dbd value.
%package mod_authn_socache
Summary: Manages a cache of authentication credentials to relieve the load on backends
Group: System/Servers
Requires: %{name}-mod_authn_core = %{EVRD}
%description mod_authn_socache
Maintains a cache of authentication credentials, so that a new backend
lookup is not required for every authenticated request.
%package mod_authn_core
Summary: Core Authentication
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_authn_core
This module provides core authentication capabilities to allow or deny
access to portions of the web site. mod_authn_core provides directives that
are common to all authentication providers.
%package mod_authz_host
Summary: Group authorizations based on host (name or IP address)
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_host
The authorization providers implemented by mod_authz_host are registered using
the Require directive. The directive can be referenced within a <Directory>,
<Files>, or <Location> section as well as .htaccess files to control access
to particular parts of the server. Access can be controlled based on the
client hostname or IP address.
In general, access restriction directives apply to all access methods (GET,
PUT, POST, etc). This is the desired behavior in most cases. However, it is
possible to restrict some methods, while leaving other methods unrestricted,
by enclosing the directives in a <Limit> section.
%package mod_authz_groupfile
Summary: Group authorization using plaintext files
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_groupfile
This module provides authorization capabilities so that authenticated
users can be allowed or denied access to portions of the web site by group
membership. Similar functionality is provided by mod_authz_dbm.
%package mod_authz_user
Summary: User Authorization
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_user
This module provides authorization capabilities so that authenticated
users can be allowed or denied access to portions of the web site.
mod_authz_user grants access if the authenticated user is listed in a
Require user directive. Alternatively Require valid-user can be used to
grant access to all successfully authenticated users.
%package mod_authz_dbm
Summary: Group authorization using DBM files
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_dbm
This module provides authorization capabilities so that authenticated
users can be allowed or denied access to portions of the web site by group
membership. Similar functionality is provided by mod_authz_groupfile.
%package mod_authz_owner
Summary: Authorization based on file ownership
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_owner
This module authorizes access to files by comparing the userid used for
HTTP authentication (the web userid) with the file-system owner or group
of the requested file. The supplied username and password must be already
properly verified by an authentication module, such as mod_auth_basic or
mod_auth_digest. mod_authz_owner recognizes two arguments for the Require
directive, file-owner and file-group, as follows:
file-owner
The supplied web-username must match the system's name for the owner of the
file being requested. That is, if the operating system says the requested
file is owned by jones, then the username used to access it through the
web must be jones as well.
file-group
The name of the system group that owns the file must be present in a
group database, which is provided, for example, by mod_authz_groupfile
or mod_authz_dbm, and the web-username must be a member of that group. For
example, if the operating system says the requested file is owned by (system)
group accounts, the group accounts must appear in the group database and
the web-username used in the request must be a member of that group.
%package mod_authz_dbd
Summary: Group Authorization and Login using SQL
Group: System/Servers
Conflicts: apache-modules < 2.4.0
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authz_dbd
This module provides authorization capabilities so that authenticated
users can be allowed or denied access to portions of the web site by group
membership. Similar functionality is provided by mod_authz_groupfile and
mod_authz_dbm, with the exception that this module queries a SQL database
to determine whether a user is a member of a group.
This module can also provide database-backed user login/logout
capabilities. These are likely to be of most value when used in conjunction
with mod_authn_dbd.
This module relies on mod_dbd to specify the backend database driver and
connection parameters, and manage the database connections.
%package mod_authz_core
Summary: Core Authorization
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_authz_core
This module provides core authorization capabilities so that
authenticated users can be allowed or denied access to portions of the
web site. mod_authz_core provides the functionality to register various
authorization providers. It is usually used in conjunction with an
authentication provider module such as mod_authn_file and an authorization
module such as mod_authz_user. It also allows for advanced logic to be
applied to the authorization processing.
%package mod_authnz_ldap
Summary: LDAP HTTP Basic authentication
Group: System/Servers
Conflicts: apache-mod_proxy < 2.4.0
Requires: %{name}-mod_authn_core = %{EVRD}
Requires: %{name}-mod_authz_core = %{EVRD}
%description mod_authnz_ldap
This module provides authentication front-ends such as mod_auth_basic to
authenticate users through an ldap directory.
mod_authnz_ldap supports the following features:
* Known to support the OpenLDAP SDK (both 1.x and 2.x), Novell LDAP SDK and
the iPlanet (Netscape) SDK.
* Complex authorization policies can be implemented by representing the policy
with LDAP filters.
* Uses extensive caching of LDAP operations via mod_ldap.
* Support for LDAP over SSL (requires the Netscape SDK) or TLS (requires the
OpenLDAP 2.x SDK or Novell LDAP SDK).
When using mod_auth_basic, this module is invoked via the AuthBasicProvider
directive with the ldap value.
%package mod_access_compat
Summary: Group authorizations based on host (name or IP address)
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_access_compat
The directives provided by mod_access_compat are used in <Directory>,
<Files>, and <Location> sections as well as .htaccess files to control access
to particular parts of the server. Access can be controlled based on the
client hostname, IP address, or other characteristics of the client request,
as captured in environment variables. The Allow and Deny directives are
used to specify which clients are or are not allowed access to the server,
while the Order directive sets the default access state, and configures
how the Allow and Deny directives interact with each other.
Both host-based access restrictions and password-based authentication may
be implemented simultaneously. In that case, the Satisfy directive is used
to determine how the two sets of restrictions interact.
%package mod_auth_basic
Summary: Basic authentication
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_auth_basic
This module allows the use of HTTP Basic Authentication to restrict access
by looking up users in the given providers. HTTP Digest Authentication is
provided by mod_auth_digest. This module should usually be combined with at
least one authentication module such as mod_authn_file and one authorization
module such as mod_authz_user.
%package mod_auth_form
Summary: Form authentication
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_auth_form
Form authentication depends on the mod_session modules, and these modules
make use of HTTP cookies, and as such can fall victim to Cross Site Scripting
attacks, or expose potentially private information to clients. Please ensure
that the relevant risks have been taken into account before enabling the
session functionality on your server.
This module allows the use of an HTML login form to restrict access by
looking up users in the given providers. HTML forms require significantly
more configuration than the alternatives, however an HTML login form can
provide a much friendlier experience for end users.
HTTP basic authentication is provided by mod_auth_basic, and HTTP digest
authentication is provided by mod_auth_digest. This module should be
combined with at least one authentication module such as mod_authn_file
and one authorization module such as mod_authz_user.
Once the user has been successfully authenticated, the user's login details
will be stored in a session provided by mod_session.
%package mod_auth_digest
Summary: User authentication using MD5 Digest Authentication
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_auth_digest
This module implements HTTP Digest Authentication (RFC2617), and provides
a more secure alternative to mod_auth_basic.
%package mod_allowmethods
Summary: Easily restrict what HTTP methods can be used on the server
Group: System/Servers
%description mod_allowmethods
This module makes it easy to restrict what HTTP methods can used on an
server. The most common configuration would be:
%package mod_file_cache
Summary: Caches a static list of files in memory
Group: System/Servers
%description mod_file_cache
This module should be used with care. You can easily create a broken site
using mod_file_cache, so read this document carefully.
Caching frequently requested files that change very infrequently is a
technique for reducing server load. mod_file_cache provides two techniques for
caching frequently requested static files. Through configuration directives,
you can direct mod_file_cache to either open then mmap() a file, or to
pre-open a file and save the file's open file handle. Both techniques reduce
server load when processing requests for these files by doing part of the
work (specifically, the file I/O) for serving the file when the server is
started rather than during each request.
Notice: You cannot use this for speeding up CGI programs or other files
which are served by special content handlers. It can only be used for
regular files which are usually served by the Apache core content handler.
This module is an extension of and borrows heavily from the mod_mmap_static
module in Apache 1.3.
%package mod_cache
Summary: RFC 2616 compliant HTTP caching filter
Group: System/Servers
Suggests: apache-mod_cache_disk
%description mod_cache
This module should be used with care, as when the CacheQuickHandler
directive is in its default value of on, the Allow and Deny directives
will be circumvented. You should not enable quick handler caching for any
content to which you wish to limit access by client host name, address or
environment variable.
mod_cache implements an RFC 2616 compliant HTTP content caching filter,
with support for the caching of content negotiated responses containing
the Vary header.
RFC 2616 compliant caching provides a mechanism to verify whether stale or
expired content is still fresh, and can represent a significant performance
boost when the origin server supports conditional requests by honouring
the If-None-Match HTTP request header. Content is only regenerated from
scratch when the content has changed, and not when the cached entry expires.
As a filter, mod_cache can be placed in front of content originating from
any handler, including flat files (served from a slow disk cached on a fast
disk), the output of a CGI script or dynamic content generator, or content
proxied from another server.
In the default configuration, mod_cache inserts the caching filter as far
forward as possible within the filter stack, utilising the quick handler to
bypass all per request processing when returning content to the client. In
this mode of operation, mod_cache may be thought of as a caching proxy
server bolted to the front of the webserver, while running within the
webserver itself.
When the quick handler is switched off using the CacheQuickHandler directive,
it becomes possible to insert the CACHE filter at a point in the filter
stack chosen by the administrator. This provides the opportunity to cache
content before that content is personalised by the mod_include filter,
or optionally compressed by the mod_deflate filter.
Under normal operation, mod_cache will respond to and can be controlled by
the Cache-Control and Pragma headers sent from a client in a request, or from
a server within a response. Under exceptional circumstances, mod_cache can
be configured to override these headers and force site specific behaviour,
however such behaviour will be limited to this cache only, and will not
affect the operation of other caches that may exist between the client and
server, and as a result is not recommended unless strictly necessary.
RFC 2616 allows for the cache to return stale data while the existing
stale entry is refreshed from the origin server, and this is supported
by mod_cache when the CacheLock directive is suitably configured. Such
responses will contain a Warning HTTP header with a 110 response code.
RFC 2616 also allows a cache to return stale data when the attempt made to
refresh the stale data returns an error 500 or above, and this behaviour
is supported by default by mod_cache. Such responses will contain a Warning
HTTP header with a 111 response code.
mod_cache requires the services of one or more storage management modules. One
storage management module is included in the base Apache distribution:
mod_cache_disk
Implements a disk based storage manager. Headers and bodies are stored
separately on disk, in a directory structure derived from the md5 hash of the
cached URL. Multiple content negotiated responses can be stored concurrently,
however the caching of partial content is not supported by this module. The
htcacheclean tool is provided to list cached URLs, remove cached URLs,
or to maintain the size of the disk cache within size and inode limits.
Further details, discussion, and examples, are provided in the Caching Guide.
%package mod_cache_disk
Summary: Disk based storage module for the HTTP caching filter
Group: System/Servers
Obsoletes: apache-mod_disk_cache
Suggests: apache-htcacheclean = %{version}-%{release}
%description mod_cache_disk
mod_cache_disk implements a disk based storage manager for mod_cache.
The headers and bodies of cached responses are stored separately on disk,
in a directory structure derived from the md5 hash of the cached URL.
Multiple content negotiated responses can be stored concurrently, however
the caching of partial content is not yet supported by this module.
Atomic cache updates to both header and body files are achieved without
the need for locking by storing the device and inode numbers of the body
file within the header file. This has the side effect that cache entries
manually moved into the cache will be ignored.
The htcacheclean tool is provided to list cached URLs, remove cached URLs,
or to maintain the size of the disk cache within size and/or inode limits. The
tool can be run on demand, or can be daemonized to offer continuous monitoring
of directory sizes.
%package mod_cache_socache
Summary: Shared Object cache module for HTTPD
Group: System/Servers
%description mod_cache_socache
mod_cache_socache implements a shared object cache (socache) based storage
manager for mod_cache.
The headers and bodies of cached responses are combined, and stored underneath
a single key in the shared object cache. A number of implementations of shared
object caches are available to choose from.
Multiple content negotiated responses can be stored concurrently, however the
caching of partial content is not yet supported by this module.
%package mod_socache_shmcb
Summary: shmcb based shared object cache provider
Group: System/Servers
%description mod_socache_shmcb
mod_socache_shmcb is a shared object cache provider which provides for
creation and access to a cache backed by a high-performance cyclic buffer
inside a shared memory segment.
shmcb:/path/to/datafile(512000)
Details of other shared object cache providers can be found here.
%package mod_socache_dbm
Summary: DBM based shared object cache provider
Group: System/Servers
%description mod_socache_dbm
mod_socache_dbm is a shared object cache provider which provides for creation
and access to a cache backed by a DBM database.
dbm:/path/to/datafile
Details of other shared object cache providers can be found here.
%package mod_socache_memcache
Summary: Memcache based shared object cache provider
Group: System/Servers
%description mod_socache_memcache
mod_socache_memcache is a shared object cache provider which provides for
creation and access to a cache backed by the memcached high-performance,
distributed memory object caching system.
Details of other shared object cache providers can be found here.
%package mod_watchdog
Summary: provides infrastructure for other modules to periodically run tasks
Group: System/Servers
%description mod_watchdog
mod_watchdog defines programmatic hooks for other modules to periodically run
tasks. These modules can register handlers for mod_watchdog hooks. Currently,
the following modules in the Apache distribution use this functionality:
* mod_heartbeat
* mod_heartmonitor
To allow a module to use mod_watchdog functionality, mod_watchdog itself
must be statically linked to the server core or, if a dynamic module,
be loaded before the calling module.
%package mod_dbd
Summary: Manages SQL database connections
Group: System/Servers
Requires: apr-util-dbd-ldap
Suggests: apr-util-dbd-freetds
Suggests: apr-util-dbd-mysql
Suggests: apr-util-dbd-odbc
Suggests: apr-util-dbd-pgsql
Suggests: apr-util-dbd-sqlite3
%description mod_dbd
mod_dbd manages SQL database connections using APR. It provides database
connections on request to modules requiring SQL database functions, and
takes care of managing databases with optimal efficiency and scalability
for both threaded and non-threaded MPMs. For details, see the APR website
and this overview of the Apache DBD Framework by its original developer.
%package mod_bucketeer
Summary: Buckets manipulation filter
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_bucketeer
Buckets manipulation filter
%package mod_dumpio
Summary: Dumps all I/O to error log as desired
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_dumpio
mod_dumpio allows for the logging of all input received by Apache and/or
all output sent by Apache to be logged (dumped) to the error.log file.
The data logging is done right after SSL decoding (for input) and right
before SSL encoding (for output). As can be expected, this can produce
extreme volumes of data, and should only be used when debugging problems.
%package mod_echo
Summary: A simple echo server to illustrate protocol modules
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_echo
This module provides an example protocol module to illustrate the concept. It
provides a simple echo server. Telnet to it and type stuff, and it will
echo it.
%package mod_case_filter
Summary: CaseFilter module
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_case_filter
CaseFilter module
%package mod_case_filter_in
Summary: CaseFilterInFilter module
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_case_filter_in
CaseFilterInFilter module
%package mod_buffer
Summary: Support for request buffering
Group: System/Servers
%description mod_buffer
This module provides the ability to buffer the input and output filter stacks.
Under certain circumstances, content generators might create content in small
chunks. In order to promote memory reuse, in memory chunks are always 8k in
size, regardless of the size of the chunk itself. When many small chunks are
generated by a request, this can create a large memory footprint while the
request is being processed, and an unnecessarily large amount of data on
the wire. The addition of a buffer collapses the response into the fewest
chunks possible.
When httpd is used in front of an expensive content generator, buffering the
response may allow the backend to complete processing and release resources
sooner, depending on how the backend is designed.
The buffer filter may be added to either the input or the output filter
stacks, as appropriate, using the SetInputFilter, SetOutputFilter,
AddOutputFilter or AddOutputFilterByType directives.
Using buffer with mod_include
AddOutputFilterByType INCLUDES;BUFFER text/html The buffer filters read the
request/response into RAM and then repack the request/response into the fewest
memory buckets possible, at the cost of CPU time. When the request/response
is already efficiently packed, buffering the request/response could cause
the request/response to be slower than not using a buffer at all. These
filters should be used with care, and only where necessary.
%package mod_data
Summary: Convert response body into an RFC2397 data URL
Group: System/Servers
%description mod_data
This module provides the ability to convert a response into an RFC2397
data URL.
Data URLs can be embedded inline within web pages using something like
the mod_include module, to remove the need for clients to make separate
connections to fetch what may potentially be many small images. Data URLs
may also be included into pages generated by scripting languages such as PHP.
An example of a data URL
data:image/gif;base64,R0lGODdhMAAwAPAAAAAAAP///ywAAAAAMAAw
AAAC8IyPqcvt3wCcDkiLc7C0qwyGHhSWpjQu5yqmCYsapyuvUUlvONmOZtfzgFz
ByTB10QgxOR0TqBQejhRNzOfkVJ+5YiUqrXF5Y5lKh/DeuNcP5yLWGsEbtLiOSp
a/TPg7JpJHxyendzWTBfX0cxOnKPjgBzi4diinWGdkF8kjdfnycQZXZeYGejmJl
ZeGl9i2icVqaNVailT6F5iJ90m6mvuTS4OK05M0vDk0Q4XUtwvKOzrcd3iq9uis
F81M1OIcR7lEewwcLp7tuNNkM3uNna3F2JQFo97Vriy/Xl4/f1cf5VWzXyym7PH
hhx4dbgYKAAA7
The filter takes no parameters, and can be added to the filter stack using
the SetOutputFilter directive, or any of the directives supported by the
mod_filter module.
Configuring the filter
<Location /data/images>
SetOutputFilter DATA </Location>
%package mod_ratelimit
Summary: Bandwidth Rate Limiting for Clients
Group: System/Servers
%description mod_ratelimit
Provides a filter named RATE_LIMIT to limit client bandwidth. The connection
speed to be simulated is specified, in KiB/s, using the environment variable
rate-limit.
%package mod_reqtimeout
Summary: Set timeout and minimum data rate for receiving requests
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_reqtimeout
This module allows to set timeouts for the reading request and reading body
phases. It is implemented as an input connection filter that sets the socket
timeout so that the total request time does not exceed the timeout value.
mod_reqtimeout can be used to mitigate slowloris type attacks.
%package mod_ext_filter
Summary: Pass the response body through an external program before delivery
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_ext_filter
mod_ext_filter presents a simple and familiar programming model for
filters. With this module, a program which reads from stdin and writes to
stdout (i.e., a Unix-style filter command) can be a filter for Apache. This
filtering mechanism is much slower than using a filter which is specially
written for the Apache API and runs inside of the Apache server process,
but it does have the following benefits: * the programming model is much
simpler * any programming/scripting language can be used, provided that it
allows the program to read from standard input and write to standard output
* existing programs can be used unmodified as Apache filters
Even when the performance characteristics are not suitable for production
use, mod_ext_filter can be used as a prototype environment for filters.
%package mod_request
Summary: Filters to handle and make available HTTP request bodies
Group: System/Servers
%description mod_request
Under normal circumstances, request handlers such as the default handler
for static files will discard the request body when it is not needed by
the request handler. As a result, filters such as mod_include are limited
to making GET requests only when including other URLs as subrequests, even
if the original request was a POST request, as the discarded request body
is no longer available once filter processing is taking place.
When this directive has a value greater than zero, request handlers that
would otherwise discard request bodies will instead set the request body
aside for use by filters up to the maximum size specified. In the case of the
mod_include filter, an attempt to POST a request to the static shtml file will
cause any subrequests to be POST requests, instead of GET requests as before.
This feature makes it possible to break up complex web pages and web
applications into small individual components, and combine the components
and the surrounding web page structure together using mod_include. The
components can take the form of CGI programs, scripted languages, or URLs
reverse proxied into the URL space from another server using mod_proxy.
Note: Each request set aside has to be set aside in temporary RAM until the
request is complete. As a result, care should be taken to ensure sufficient
RAM is available on the server to support the intended load. Use of this
directive should be limited to where needed on targeted parts of your URL
space, and with the lowest possible value that is still big enough to hold
a request body.
If the request size sent by the client exceeds the maximum size allocated
by this directive, the server will return 413 Request Entity Too Large.
%package mod_include
Summary: Server-parsed html documents (Server Side Includes)
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_include
This module provides a filter which will process files before they are
sent to the client. The processing is controlled by specially formatted
SGML comments, referred to as elements. These elements allow conditional
text, the inclusion of other files or programs, as well as the setting and
printing of environment variables.
%package mod_filter
Summary: Context-sensitive smart filter configuration module
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_filter
This module enables smart, context-sensitive configuration of output
content filters. For example, apache can be configured to process different
content-types through different filters, even when the content-type is not
known in advance (e.g. in a proxy).
mod_filter works by introducing indirection into the filter chain. Instead of
inserting filters in the chain, we insert a filter harness which in turn
dispatches conditionally to a filter provider. Any content filter may be
used as a provider to mod_filter; no change to existing filter modules is
required (although it may be possible to simplify them).
%package mod_reflector
Summary: Reflect a request body as a response via the output filter stack
Group: System/Servers
%description mod_reflector
This module allows request bodies to be reflected back to the client,
in the process passing the request through the output filter stack. A
suitably configured chain of filters can be used to transform the request
into a response. This module can be used to turn an output filter into an
HTTP service.
%package mod_substitute
Summary: Perform search and replace operations on response bodies
Group: System/Servers
Conflicts: apache-modules < 2.4.0
%description mod_substitute
mod_substitute provides a mechanism to perform both regular expression and
fixed string substitutions on response bodies.
%package mod_sed
Summary: Filter Input (request) and Output (response) content using sed syntax
Group: System/Servers
%description mod_sed
mod_sed is an in-process content filter. The mod_sed filter implements the
sed editing commands implemented by the Solaris 10 sed program as described
in the manual page. However, unlike sed, mod_sed doesn't take data from