httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pque...@apache.org
Subject svn commit: r645594 [22/28] - in /httpd/sandbox/amsterdam/d: ./ build/ docs/conf/ docs/conf/extra/ docs/man/ docs/manual/ docs/manual/developer/ docs/manual/faq/ docs/manual/howto/ docs/manual/misc/ docs/manual/mod/ docs/manual/platform/ docs/manual/pr...
Date Mon, 07 Apr 2008 16:31:24 GMT
Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authnz_ldap.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authnz_ldap.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authnz_ldap.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authnz_ldap.c Mon Apr  7 09:28:58 2008
@@ -42,6 +42,8 @@
 #error mod_authnz_ldap requires APR-util to have LDAP support built in. To fix add --with-ldap to ./configure.
 #endif
 
+static char *default_attributes[3] = { "member", "uniqueMember", NULL };
+
 typedef struct {
     apr_pool_t *pool;               /* Pool that this config is allocated from */
 #if APR_HAS_THREADS
@@ -71,8 +73,6 @@
     apr_array_header_t *groupattr;  /* List of Group attributes identifying user members. Default:"member uniqueMember" */
     int group_attrib_is_dn;         /* If true, the group attribute is the DN, otherwise,
                                         it's the exact string passed by the HTTP client */
-    apr_array_header_t *subgroupattrs; /* List of attributes used to find subgroup references
-                                          within a group directory entry. Default:"member uniqueMember" */
     char **sgAttributes;            /* Array of strings constructed (post-config) from subgroupattrs. Last entry is NULL. */
     apr_array_header_t *subgroupclasses; /* List of object classes of sub-groups. Default:"groupOfNames groupOfUniqueNames" */
     int maxNestingDepth;            /* Maximum recursive nesting depth permitted during subgroup processing. Default: 10 */
@@ -288,8 +288,6 @@
 */
     sec->groupattr = apr_array_make(p, GROUPATTR_MAX_ELTS,
                                     sizeof(struct mod_auth_ldap_groupattr_entry_t));
-    sec->subgroupattrs = apr_array_make(p, GROUPATTR_MAX_ELTS,
-                                    sizeof(struct mod_auth_ldap_groupattr_entry_t));
     sec->subgroupclasses = apr_array_make(p, GROUPATTR_MAX_ELTS,
                                     sizeof(struct mod_auth_ldap_groupattr_entry_t));
 
@@ -302,7 +300,7 @@
     sec->group_attrib_is_dn = 1;
     sec->secure = -1;   /*Initialize to unset*/
     sec->maxNestingDepth = 10;
-    sec->sgAttributes = NULL;
+    sec->sgAttributes = apr_pcalloc(p, sizeof (char *) * GROUPATTR_MAX_ELTS + 1);
 
     sec->user_is_dn = 0;
     sec->remote_user_attribute = NULL;
@@ -401,7 +399,7 @@
     util_ldap_connection_close(ldc);
 
     /* sanity check - if server is down, retry it up to 5 times */
-    if (result == LDAP_SERVER_DOWN) {
+    if (AP_LDAP_IS_SERVER_DOWN(result)) {
         if (failures++ <= 5) {
             goto start_over;
         }
@@ -602,7 +600,9 @@
     }
 
     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                  "[%" APR_PID_T_FMT "] auth_ldap authorize: authorization denied", getpid());
+                  "[%" APR_PID_T_FMT "] auth_ldap authorize user: authorization denied for user %s to %s",
+                  getpid(), r->user, r->uri);
+
     return AUTHZ_DENIED;
 }
 
@@ -662,24 +662,6 @@
     }
 
     /*
-     * If there are no elements in the sub group attribute array, the default
-     * should be member and uniquemember; populate the array now.
-     */
-    if (sec->subgroupattrs->nelts == 0) {
-        struct mod_auth_ldap_groupattr_entry_t *grp;
-#if APR_HAS_THREADS
-        apr_thread_mutex_lock(sec->lock);
-#endif
-        grp = apr_array_push(sec->subgroupattrs);
-        grp->name = "member";
-        grp = apr_array_push(sec->subgroupattrs);
-        grp->name = "uniqueMember";
-#if APR_HAS_THREADS
-        apr_thread_mutex_unlock(sec->lock);
-#endif
-    }
-
-    /*
      * If there are no elements in the sub group classes array, the default
      * should be groupOfNames and groupOfUniqueNames; populate the array now.
      */
@@ -741,8 +723,8 @@
         if (req->dn == NULL || strlen(req->dn) == 0) {
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
                           "[%" APR_PID_T_FMT "] auth_ldap authorize: require group: "
-                          "user's DN has not been defined; failing authorization",
-                          getpid());
+                          "user's DN has not been defined; failing authorization for user %s",
+                          getpid(), r->user);
             return AUTHZ_DENIED;
         }
     }
@@ -773,8 +755,8 @@
             case LDAP_COMPARE_TRUE: {
                 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
                               "[%" APR_PID_T_FMT "] auth_ldap authorize: require group: "
-                              "authorization successful (attribute %s) [%s][%s]",
-                              getpid(), ent[i].name, ldc->reason, ldap_err2string(result));
+                              "authorization successful (attribute %s) [%s][%d - %s]",
+                              getpid(), ent[i].name, ldc->reason, result, ldap_err2string(result));
                 return AUTHZ_GRANTED;
             }
             case LDAP_COMPARE_FALSE: {
@@ -783,30 +765,17 @@
                                "failed [%s][%d - %s], checking sub-groups",
                                getpid(), t, ldc->reason, result, ldap_err2string(result));
 
-                if(sec->sgAttributes == NULL) {
-                    struct mod_auth_ldap_groupattr_entry_t *sg_ent = (struct mod_auth_ldap_groupattr_entry_t *) sec->subgroupattrs->elts;
-                    char **sg_attrs;
-                    int sga_index;
-
-                    /* Allocate a null-terminated array of attribute strings. */
-                    sg_attrs = apr_pcalloc(sec->pool, (sec->subgroupattrs->nelts+1) * sizeof(char *));
-                    for(sga_index = 0; sga_index < sec->subgroupattrs->nelts; sga_index++) {
-                        sg_attrs[sga_index] = apr_pstrdup(sec->pool, sg_ent[sga_index].name);
-                    }
-                    sg_attrs[sec->subgroupattrs->nelts] = NULL;
-                    sec->sgAttributes = sg_attrs;
-                }
-
                 result = util_ldap_cache_check_subgroups(r, ldc, sec->url, t, ent[i].name,
                                                          sec->group_attrib_is_dn ? req->dn : req->user,
-                                                         sec->sgAttributes, sec->subgroupclasses,
+                                                         sec->sgAttributes[0] ? sec->sgAttributes : default_attributes,
+                                                         sec->subgroupclasses,
                                                          0, sec->maxNestingDepth);
                 if(result == LDAP_COMPARE_TRUE) {
                     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
                                    "[%" APR_PID_T_FMT "] auth_ldap authorise: require group (sub-group): "
                                    "authorisation successful (attribute %s) [%s][%d - %s]",
                                    getpid(), ent[i].name, ldc->reason, result, ldap_err2string(result));
-                     return OK;
+                     return AUTHZ_GRANTED;
                 }
                 else {
                     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
@@ -819,14 +788,15 @@
             default: {
                 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
                               "[%" APR_PID_T_FMT "] auth_ldap authorize: require group \"%s\": "
-                              "authorization failed [%s][%s]",
-                              getpid(), t, ldc->reason, ldap_err2string(result));
+                              "authorization failed [%s][%d - %s]",
+                              getpid(), t, ldc->reason, result, ldap_err2string(result));
             }
         }
     }
 
     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                  "[%" APR_PID_T_FMT "] auth_ldap authorize: authorization denied", getpid());
+                  "[%" APR_PID_T_FMT "] auth_ldap authorize group: authorization denied for user %s to %s",
+                  getpid(), r->user, r->uri);
 
     return AUTHZ_DENIED;
 }
@@ -932,7 +902,8 @@
 
 
     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                  "[%" APR_PID_T_FMT "] auth_ldap authorise: authorisation denied", getpid());
+                  "[%" APR_PID_T_FMT "] auth_ldap authorize dn: authorization denied for user %s to %s",
+                  getpid(), r->user, r->uri);
 
     return AUTHZ_DENIED;
 }
@@ -1046,7 +1017,8 @@
     }
 
     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                  "[%" APR_PID_T_FMT "] auth_ldap authorise: authorisation denied", getpid());
+                  "[%" APR_PID_T_FMT "] auth_ldap authorize attribute: authorization denied for user %s to %s",
+                  getpid(), r->user, r->uri);
 
     return AUTHZ_DENIED;
 }
@@ -1181,7 +1153,8 @@
     }
 
     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                  "[%" APR_PID_T_FMT "] auth_ldap authorise: authorization denied", getpid());
+                  "[%" APR_PID_T_FMT "] auth_ldap authorize filter: authorization denied for user %s to %s",
+                  getpid(), r->user, r->uri);
 
     return AUTHZ_DENIED;
 }
@@ -1333,15 +1306,17 @@
 
 static const char *mod_auth_ldap_add_subgroup_attribute(cmd_parms *cmd, void *config, const char *arg)
 {
-    struct mod_auth_ldap_groupattr_entry_t *new;
+    int i = 0;
 
     authn_ldap_config_t *sec = config;
 
-    if (sec->subgroupattrs->nelts > GROUPATTR_MAX_ELTS)
+    for (i = 0; sec->sgAttributes[i]; i++) {
+        ;
+    }
+    if (i == GROUPATTR_MAX_ELTS)
         return "Too many AuthLDAPSubGroupAttribute values";
 
-    new = apr_array_push(sec->subgroupattrs);
-    new->name = apr_pstrdup(cmd->pool, arg);
+    sec->sgAttributes[i] = apr_pstrdup(cmd->pool, arg);
 
     return NULL;
 }
@@ -1449,18 +1424,18 @@
 
     AP_INIT_ITERATE("AuthLDAPSubGroupAttribute", mod_auth_ldap_add_subgroup_attribute, NULL, OR_AUTHCFG,
                     "Attribute labels used to define sub-group (or nested group) membership in groups - "
-                    "defaults to member and uniqueMember (one per directive)"),
+                    "defaults to member and uniqueMember"),
 
     AP_INIT_ITERATE("AuthLDAPSubGroupClass", mod_auth_ldap_add_subgroup_class, NULL, OR_AUTHCFG,
                      "LDAP objectClass values used to identify sub-group instances - "
-                     "defaults to groupOfNames and groupOfUniqueNames (one per directive)"),
+                     "defaults to groupOfNames and groupOfUniqueNames"),
 
     AP_INIT_TAKE1("AuthLDAPMaxSubGroupDepth", mod_auth_ldap_set_subgroup_maxdepth, NULL, OR_AUTHCFG,
                       "Maximum subgroup nesting depth to be evaluated - defaults to 10 (top-level group = 0)"),
 
     AP_INIT_ITERATE("AuthLDAPGroupAttribute", mod_auth_ldap_add_group_attribute, NULL, OR_AUTHCFG,
                     "A list of attribute labels used to identify the user members of groups - defaults to "
-                    "member and uniquemember (one per directive)"),
+                    "member and uniquemember"),
 
     AP_INIT_FLAG("AuthLDAPGroupAttributeIsDN", ap_set_flag_slot,
                  (void *)APR_OFFSETOF(authn_ldap_config_t, group_attrib_is_dn), OR_AUTHCFG,
@@ -1607,20 +1582,25 @@
 static void register_hooks(apr_pool_t *p)
 {
     /* Register authn provider */
-    ap_register_provider(p, AUTHN_PROVIDER_GROUP, "ldap", "0",
-                         &authn_ldap_provider);
+    ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "ldap", "0",
+                              &authn_ldap_provider, AP_AUTH_INTERNAL_PER_CONF);
 
     /* Register authz providers */
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-user", "0",
-                         &authz_ldapuser_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-group", "0",
-                         &authz_ldapgroup_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-dn", "0",
-                         &authz_ldapdn_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-attribute", "0",
-                         &authz_ldapattribute_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-filter", "0",
-                         &authz_ldapfilter_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-user", "0",
+                              &authz_ldapuser_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-group", "0",
+                              &authz_ldapgroup_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-dn", "0",
+                              &authz_ldapdn_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-attribute", "0",
+                              &authz_ldapattribute_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ldap-filter", "0",
+                              &authz_ldapfilter_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 
     ap_hook_post_config(authnz_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
 

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_core.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_core.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_core.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_core.c Mon Apr  7 09:28:58 2008
@@ -29,7 +29,6 @@
 #define APR_WANT_BYTEFUNC
 #include "apr_want.h"
 
-#define CORE_PRIVATE
 #include "ap_config.h"
 #include "httpd.h"
 #include "http_config.h"
@@ -483,8 +482,9 @@
                      APR_HASH_KEY_STRING, prvdraliasrec);
 
         /* Register the fake provider so that we get called first */
-        ap_register_provider(cmd->pool, AUTHZ_PROVIDER_GROUP, provider_alias, "0",
-                             &authz_alias_provider);
+        ap_register_auth_provider(cmd->pool, AUTHZ_PROVIDER_GROUP,
+                                  provider_alias, "0", &authz_alias_provider,
+                                  AP_AUTH_INTERNAL_PER_CONF);
     }
 
     cmd->override = old_overrides;
@@ -802,11 +802,18 @@
     return req_authz;
 }
 
+static apr_array_header_t *authz_ap_list_provider_names(apr_pool_t *ptemp)
+{   
+    return ap_list_provider_names(ptemp, AUTHZ_PROVIDER_GROUP, "0");
+}
+
 static void register_hooks(apr_pool_t *p)
 {
     APR_REGISTER_OPTIONAL_FN(authz_some_auth_required);
+    APR_REGISTER_OPTIONAL_FN(authz_ap_list_provider_names);
 
-    ap_hook_auth_checker(authorize_user, NULL, NULL, APR_HOOK_MIDDLE);
+    ap_hook_check_authz(authorize_user, NULL, NULL, APR_HOOK_MIDDLE,
+                        AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_core_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbd.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbd.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbd.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbd.c Mon Apr  7 09:28:58 2008
@@ -164,15 +164,16 @@
             for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
                  rv != -1;
                  rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
-                if (rv == 0) {
-                    newuri = apr_dbd_get_entry(dbd->driver, row, 0);
-                }
-                else {
+                if (rv != 0) {
                     message = apr_dbd_error(dbd->driver, dbd->handle, rv);
                     ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                           "authz_dbd in get_row; action=%s user=%s [%s]",
                           action, r->user, message?message:noerror);
                 }
+                else if (newuri == NULL) {
+                    newuri = apr_dbd_get_entry(dbd->driver, row, 0);
+                }
+                /* we can't break out here or row won't get cleaned up */
             }
         }
         else {
@@ -185,13 +186,9 @@
     if (newuri != NULL) {
         r->status = HTTP_MOVED_TEMPORARILY;
         apr_table_set(r->err_headers_out, "Location", newuri);
-        rv = HTTP_MOVED_TEMPORARILY;
     }
-    else {
-        rv = OK;
-    }
-    authz_dbd_run_client_login(r, rv, action);
-    return rv;
+    authz_dbd_run_client_login(r, OK, action);
+    return OK;
 }
 
 static int authz_dbd_group_query(request_rec *r, authz_dbd_cfg *cfg,
@@ -313,12 +310,15 @@
 
 static void authz_dbd_hooks(apr_pool_t *p)
 {
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-group", "0",
-                         &authz_dbdgroup_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-login", "0",
-                         &authz_dbdlogin_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-logout", "0",
-                         &authz_dbdlogout_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-group", "0",
+                              &authz_dbdgroup_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-login", "0",
+                              &authz_dbdlogin_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "dbd-logout", "0",
+                              &authz_dbdlogout_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_dbd_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbm.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbm.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbm.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_dbm.c Mon Apr  7 09:28:58 2008
@@ -272,10 +272,12 @@
 {
     authz_owner_get_file_group = APR_RETRIEVE_OPTIONAL_FN(authz_owner_get_file_group);
 
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "dbm-group", "0",
-                         &authz_dbmgroup_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "dbm-file-group", "0",
-                         &authz_dbmfilegroup_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "dbm-group", "0",
+                              &authz_dbmgroup_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "dbm-file-group", "0",
+                              &authz_dbmfilegroup_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_dbm_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_default.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_default.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_default.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_default.c Mon Apr  7 09:28:58 2008
@@ -89,7 +89,8 @@
 
 static void register_hooks(apr_pool_t *p)
 {
-    ap_hook_auth_checker(check_user_access,NULL,NULL,APR_HOOK_LAST);
+    ap_hook_check_authz(check_user_access, NULL, NULL, APR_HOOK_LAST,
+                        AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_default_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_groupfile.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_groupfile.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_groupfile.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_groupfile.c Mon Apr  7 09:28:58 2008
@@ -266,10 +266,12 @@
 {
     authz_owner_get_file_group = APR_RETRIEVE_OPTIONAL_FN(authz_owner_get_file_group);
 
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "group", "0",
-                         &authz_group_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "file-group", "0",
-                         &authz_filegroup_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "group", "0",
+                              &authz_group_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "file-group", "0",
+                              &authz_filegroup_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_groupfile_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_host.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_host.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_host.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_host.c Mon Apr  7 09:28:58 2008
@@ -241,14 +241,14 @@
 
 static void register_hooks(apr_pool_t *p)
 {
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "env", "0",
-                         &authz_env_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "ip", "0",
-                         &authz_ip_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "host", "0",
-                         &authz_host_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "all", "0",
-                         &authz_all_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "env", "0",
+                              &authz_env_provider, AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ip", "0",
+                              &authz_ip_provider, AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "host", "0",
+                              &authz_host_provider, AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "all", "0",
+                              &authz_all_provider, AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_host_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_owner.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_owner.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_owner.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_owner.c Mon Apr  7 09:28:58 2008
@@ -167,8 +167,9 @@
 {
     APR_REGISTER_OPTIONAL_FN(authz_owner_get_file_group);
 
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "file-owner", "0",
-                         &authz_fileowner_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "file-owner", "0",
+                              &authz_fileowner_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_owner_module =

Modified: httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_user.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_user.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_user.c (original)
+++ httpd/sandbox/amsterdam/d/modules/aaa/mod_authz_user.c Mon Apr  7 09:28:58 2008
@@ -81,10 +81,11 @@
 
 static void register_hooks(apr_pool_t *p)
 {
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "user", "0",
-                         &authz_user_provider);
-    ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "valid-user", "0",
-                         &authz_validuser_provider);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "user", "0",
+                              &authz_user_provider, AP_AUTH_INTERNAL_PER_CONF);
+    ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "valid-user", "0",
+                              &authz_validuser_provider,
+                              AP_AUTH_INTERNAL_PER_CONF);
 }
 
 module AP_MODULE_DECLARE_DATA authz_user_module =

Modified: httpd/sandbox/amsterdam/d/modules/cache/cache_storage.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/cache_storage.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/cache_storage.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/cache_storage.c Mon Apr  7 09:28:58 2008
@@ -14,8 +14,6 @@
  * limitations under the License.
  */
 
-#define CORE_PRIVATE
-
 #include "mod_cache.h"
 
 extern APR_OPTIONAL_FN_TYPE(ap_cache_generate_key) *cache_generate_key;
@@ -285,6 +283,13 @@
                 apr_table_unset(r->headers_in, "If-None-Match");
                 apr_table_unset(r->headers_in, "If-Range");
                 apr_table_unset(r->headers_in, "If-Unmodified-Since");
+
+                /*
+                 * Do not do Range requests with our own conditionals: If
+                 * we get 304 the Range does not matter and otherwise the
+                 * entity changed and we want to have the complete entity
+                 */
+                apr_table_unset(r->headers_in, "Range");
 
                 etag = apr_table_get(h->resp_hdrs, "ETag");
                 lastmod = apr_table_get(h->resp_hdrs, "Last-Modified");

Modified: httpd/sandbox/amsterdam/d/modules/cache/cache_util.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/cache_util.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/cache_util.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/cache_util.c Mon Apr  7 09:28:58 2008
@@ -14,8 +14,6 @@
  * limitations under the License.
  */
 
-#define CORE_PRIVATE
-
 #include "mod_cache.h"
 
 #include <ap_provider.h>
@@ -234,6 +232,14 @@
     /* These come from the cached entity. */
     cc_cresp = apr_table_get(h->resp_hdrs, "Cache-Control");
     expstr = apr_table_get(h->resp_hdrs, "Expires");
+
+    if (ap_cache_liststr(NULL, cc_cresp, "no-cache", NULL)) {
+        /*
+         * The cached entity contained Cache-Control: no-cache, so treat as
+         * stale causing revalidation
+         */
+        return 0;
+    }
 
     if ((agestr = apr_table_get(h->resp_hdrs, "Age"))) {
         age_c = apr_atoi64(agestr);

Modified: httpd/sandbox/amsterdam/d/modules/cache/config.m4
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/config.m4?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/config.m4 (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/config.m4 Mon Apr  7 09:28:58 2008
@@ -4,7 +4,7 @@
 
 APACHE_MODPATH_INIT(cache)
 
-APACHE_MODULE(file_cache, File cache, , , no)
+APACHE_MODULE(file_cache, File cache, , , most)
 
 dnl #  list of object files for mod_cache
 cache_objs="dnl
@@ -18,9 +18,10 @@
 cache_cache.lo dnl
 cache_pqueue.lo dnl
 cache_hash.lo dnl
+cache_util.lo dnl
 "
-APACHE_MODULE(cache, dynamic file caching, $cache_objs, , no)
-APACHE_MODULE(disk_cache, disk caching module, , , no)
-APACHE_MODULE(mem_cache, memory caching module, $mem_cache_objs, , no)
+APACHE_MODULE(cache, dynamic file caching, $cache_objs, , most)
+APACHE_MODULE(disk_cache, disk caching module, , , most)
+APACHE_MODULE(mem_cache, memory caching module, $mem_cache_objs, , )
 
 APACHE_MODPATH_FINISH

Modified: httpd/sandbox/amsterdam/d/modules/cache/mod_cache.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/mod_cache.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/mod_cache.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/mod_cache.c Mon Apr  7 09:28:58 2008
@@ -14,8 +14,6 @@
  * limitations under the License.
  */
 
-#define CORE_PRIVATE
-
 #include "mod_cache.h"
 
 module AP_MODULE_DECLARE_DATA cache_module;
@@ -613,6 +611,12 @@
             cache->provider->remove_entity(cache->stale_handle);
             /* Treat the request as if it wasn't conditional. */
             cache->stale_handle = NULL;
+            /*
+             * Restore the original request headers as they may be needed
+             * by further output filters like the byterange filter to make
+             * the correct decisions.
+             */
+            r->headers_in = cache->stale_headers;
         }
     }
 

Modified: httpd/sandbox/amsterdam/d/modules/cache/mod_cache.h
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/mod_cache.h?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/mod_cache.h (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/mod_cache.h Mon Apr  7 09:28:58 2008
@@ -26,8 +26,6 @@
 #ifndef MOD_CACHE_H
 #define MOD_CACHE_H 
 
-#define CORE_PRIVATE
-
 #include "apr_hooks.h"
 #include "apr.h"
 #include "apr_lib.h"

Modified: httpd/sandbox/amsterdam/d/modules/cache/mod_disk_cache.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/mod_disk_cache.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/mod_disk_cache.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/mod_disk_cache.c Mon Apr  7 09:28:58 2008
@@ -102,7 +102,7 @@
      }
 }
 
-static void mkdir_structure(disk_cache_conf *conf, const char *file, apr_pool_t *pool)
+static apr_status_t mkdir_structure(disk_cache_conf *conf, const char *file, apr_pool_t *pool)
 {
     apr_status_t rv;
     char *p;
@@ -116,11 +116,12 @@
         rv = apr_dir_make(file,
                           APR_UREAD|APR_UWRITE|APR_UEXECUTE, pool);
         if (rv != APR_SUCCESS && !APR_STATUS_IS_EEXIST(rv)) {
-            /* XXX */
+            return rv;
         }
         *p = '/';
         ++p;
     }
+    return APR_SUCCESS;
 }
 
 /* htcacheclean may remove directories underneath us.
@@ -141,7 +142,9 @@
             /* 1000 micro-seconds aka 0.001 seconds. */
             apr_sleep(1000);
 
-            mkdir_structure(conf, dest, pool);
+            rv = mkdir_structure(conf, dest, pool);
+            if (rv != APR_SUCCESS)
+                continue;
 
             rv = apr_file_rename(src, dest, pool);
         }
@@ -165,7 +168,7 @@
          */
         rv = apr_file_rename(dobj->tempfile, dobj->datafile, r->pool);
         if (rv != APR_SUCCESS) {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, r->server,
+            ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
                          "disk_cache: rename tempfile to datafile failed:"
                          " %s -> %s", dobj->tempfile, dobj->datafile);
             apr_file_remove(dobj->tempfile, r->pool);
@@ -472,7 +475,8 @@
 #endif
     rc = apr_file_open(&dobj->fd, dobj->datafile, flags, 0, r->pool);
     if (rc != APR_SUCCESS) {
-        /* XXX: Log message */
+        ap_log_error(APLOG_MARK, APLOG_ERR, rc, r->server,
+                 "disk_cache: Cannot open info header file %s",  dobj->datafile);
         return DECLINED;
     }
 
@@ -484,7 +488,8 @@
     /* Read the bytes to setup the cache_info fields */
     rc = file_cache_recall_mydata(dobj->hfd, info, dobj, r);
     if (rc != APR_SUCCESS) {
-        /* XXX log message */
+        ap_log_error(APLOG_MARK, APLOG_ERR, rc, r->server,
+                 "disk_cache: Cannot read header file %s",  dobj->hdrsfile);
         return DECLINED;
     }
 
@@ -749,7 +754,8 @@
 
     /* This case should not happen... */
     if (!dobj->hfd) {
-        /* XXX log message */
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+                 "disk_cache: recalling headers; but no header fd for %s", dobj->name);
         return APR_NOTFOUND;
     }
 
@@ -846,13 +852,16 @@
                 dobj->prefix = NULL;
             }
 
-            mkdir_structure(conf, dobj->hdrsfile, r->pool);
+            rv = mkdir_structure(conf, dobj->hdrsfile, r->pool);
 
             rv = apr_file_mktemp(&dobj->tfd, dobj->tempfile,
                                  APR_CREATE | APR_WRITE | APR_BINARY | APR_EXCL,
                                  r->pool);
 
             if (rv != APR_SUCCESS) {
+                ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
+                    "disk_cache: could not create temp file %s",
+                    dobj->tempfile);
                 return rv;
             }
 
@@ -874,10 +883,10 @@
             rv = safe_file_rename(conf, dobj->tempfile, dobj->hdrsfile,
                                   r->pool);
             if (rv != APR_SUCCESS) {
-                ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, r->server,
+                ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
                     "disk_cache: rename tempfile to varyfile failed: %s -> %s",
                     dobj->tempfile, dobj->hdrsfile);
-                apr_file_remove(dobj->tempfile, r->pool);
+                    apr_file_remove(dobj->tempfile, r->pool);
                 return rv;
             }
 
@@ -896,6 +905,9 @@
                          APR_BUFFERED | APR_EXCL, r->pool);
 
     if (rv != APR_SUCCESS) {
+       ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
+           "disk_cache: could not create temp file %s",
+           dobj->tempfile);
         return rv;
     }
 
@@ -916,6 +928,9 @@
 
     rv = apr_file_writev(dobj->hfd, (const struct iovec *) &iov, 2, &amt);
     if (rv != APR_SUCCESS) {
+       ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
+           "disk_cache: could not write info to header file %s",
+           dobj->hdrsfile);
         return rv;
     }
 
@@ -935,6 +950,9 @@
                                         r->err_headers_out);
         rv = store_table(dobj->hfd, headers_out);
         if (rv != APR_SUCCESS) {
+           ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
+               "disk_cache: could not write out-headers to header file %s",
+               dobj->hdrsfile);
             return rv;
         }
     }
@@ -948,6 +966,9 @@
                                                  r->server);
         rv = store_table(dobj->hfd, headers_in);
         if (rv != APR_SUCCESS) {
+           ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
+               "disk_cache: could not write in-headers to header file %s",
+               dobj->hdrsfile);
             return rv;
         }
     }
@@ -960,12 +981,12 @@
      */
     rv = apr_file_remove(dobj->hdrsfile, r->pool);
     if (rv != APR_SUCCESS) {
-        mkdir_structure(conf, dobj->hdrsfile, r->pool);
+        rv = mkdir_structure(conf, dobj->hdrsfile, r->pool);
     }
 
     rv = safe_file_rename(conf, dobj->tempfile, dobj->hdrsfile, r->pool);
     if (rv != APR_SUCCESS) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, rv, r->server,
+        ap_log_error(APLOG_MARK, APLOG_WARNING, rv, r->server,
                      "disk_cache: rename tempfile to hdrsfile failed: %s -> %s",
                      dobj->tempfile, dobj->hdrsfile);
         apr_file_remove(dobj->tempfile, r->pool);

Modified: httpd/sandbox/amsterdam/d/modules/cache/mod_file_cache.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/mod_file_cache.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/mod_file_cache.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/mod_file_cache.c Mon Apr  7 09:28:58 2008
@@ -86,8 +86,6 @@
 #include <sys/types.h>
 #endif
 
-#define CORE_PRIVATE
-
 #include "httpd.h"
 #include "http_config.h"
 #include "http_log.h"

Modified: httpd/sandbox/amsterdam/d/modules/cache/mod_mem_cache.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/cache/mod_mem_cache.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/cache/mod_mem_cache.c (original)
+++ httpd/sandbox/amsterdam/d/modules/cache/mod_mem_cache.c Mon Apr  7 09:28:58 2008
@@ -35,7 +35,6 @@
  * of 0 means the object is not in the cache and no worker threads are accessing
  * it.
  */
-#define CORE_PRIVATE
 #include "mod_cache.h"
 #include "cache_pqueue.h"
 #include "cache_cache.h"

Modified: httpd/sandbox/amsterdam/d/modules/dav/fs/repos.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/dav/fs/repos.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/dav/fs/repos.c (original)
+++ httpd/sandbox/amsterdam/d/modules/dav/fs/repos.c Mon Apr  7 09:28:58 2008
@@ -1773,13 +1773,15 @@
         return apr_pstrdup(ctx->pool, "");
 
     if (ctx->finfo.filetype != 0) {
-        return apr_psprintf(ctx->pool, "\"%lx-%lx-%lx\"",
-                           (unsigned long) ctx->finfo.inode,
-                           (unsigned long) ctx->finfo.size,
-                           (unsigned long) ctx->finfo.mtime);
+        return apr_psprintf(ctx->pool, "\"%" APR_UINT64_T_HEX_FMT "-%"
+                            APR_UINT64_T_HEX_FMT "-%" APR_UINT64_T_HEX_FMT "\"",
+                            (apr_uint64_t) ctx->finfo.inode,
+                            (apr_uint64_t) ctx->finfo.size,
+                            (apr_uint64_t) ctx->finfo.mtime);
     }
 
-    return apr_psprintf(ctx->pool, "\"%lx\"", (unsigned long) ctx->finfo.mtime);
+    return apr_psprintf(ctx->pool, "\"%" APR_UINT64_T_HEX_FMT "\"",
+                       (apr_uint64_t) ctx->finfo.mtime);
 }
 
 static const dav_hooks_repository dav_hooks_repository_fs =

Modified: httpd/sandbox/amsterdam/d/modules/dav/main/mod_dav.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/dav/main/mod_dav.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/dav/main/mod_dav.c (original)
+++ httpd/sandbox/amsterdam/d/modules/dav/main/mod_dav.c Mon Apr  7 09:28:58 2008
@@ -314,7 +314,7 @@
 {
     r->status = status;
 
-    ap_set_content_type(r, "text/html");
+    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
 
     /* begin the response now... */
     ap_rvputs(r,
@@ -2630,6 +2630,11 @@
         /* ### how best to report this... */
         return dav_error_response(r, lookup.rnew->status,
                                   "Destination URI had an error.");
+    }
+
+    if (dav_get_provider(lookup.rnew) == NULL) {
+        return dav_error_response(r, HTTP_METHOD_NOT_ALLOWED,
+                                  "DAV not enabled for Destination URI.");
     }
 
     /* Resolve destination resource */

Modified: httpd/sandbox/amsterdam/d/modules/dav/main/util.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/dav/main/util.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/dav/main/util.c (original)
+++ httpd/sandbox/amsterdam/d/modules/dav/main/util.c Mon Apr  7 09:28:58 2008
@@ -1404,6 +1404,39 @@
     return NULL;
 }
 
+/* If-* header checking */
+static int dav_meets_conditions(request_rec *r, int resource_state)
+{
+    const char *if_match, *if_none_match;
+    int retVal;
+
+    /* If-Match '*' fix. Resource existence not checked by ap_meets_conditions.
+     * If-Match '*' request should succeed only if the resource exists. */
+    if ((if_match = apr_table_get(r->headers_in, "If-Match")) != NULL) {
+        if (if_match[0] == '*' && resource_state != DAV_RESOURCE_EXISTS)
+            return HTTP_PRECONDITION_FAILED;
+    }
+
+    retVal = ap_meets_conditions(r);
+
+    /* If-None-Match '*' fix. If-None-Match '*' request should succeed 
+     * if the resource does not exist. */
+    if (retVal == HTTP_PRECONDITION_FAILED) {
+        /* Note. If if_none_match != NULL, if_none_match is the culprit.
+         * Since, in presence of If-None-Match, 
+         * other If-* headers are undefined. */
+        if ((if_none_match =
+            apr_table_get(r->headers_in, "If-None-Match")) != NULL) {
+            if (if_none_match[0] == '*'
+                && resource_state != DAV_RESOURCE_EXISTS) {
+                return OK;
+            }
+        }
+    }
+
+    return retVal;
+}
+
 /*
 ** dav_validate_request:  Validate if-headers (and check for locks) on:
 **    (1) r->filename @ depth;
@@ -1433,6 +1466,9 @@
     const dav_hooks_repository *repos_hooks = resource->hooks;
     dav_buffer work_buf = { 0 };
     dav_response *new_response;
+    int resource_state;
+    const char *etag;
+    int set_etag = 0;
 
 #if DAV_DEBUG
     if (depth && response == NULL) {
@@ -1449,10 +1485,29 @@
     if (response != NULL)
         *response = NULL;
 
+    /* Set the ETag header required by dav_meets_conditions() */
+    etag = apr_table_get(r->headers_out, "ETag");
+    if (!etag) {
+        etag = (*resource->hooks->getetag)(resource);
+        if (etag && *etag) {
+            apr_table_set(r->headers_out, "ETag", etag);
+            set_etag = 1;
+        }
+    }
     /* Do the standard checks for conditional requests using
      * If-..-Since, If-Match etc */
-    if ((result = ap_meets_conditions(r)) != OK) {
-        /* ### fix this up... how? */
+    resource_state = dav_get_resource_state(r, resource);
+    result = dav_meets_conditions(r, resource_state);
+    if (set_etag) {
+        /*
+         * If we have set an ETag to headers out above for
+         * dav_meets_conditions() revert this here as we do not want to set
+         * the ETag in responses to requests with methods where this might not
+         * be desired.
+         */
+        apr_table_unset(r->headers_out, "ETag");
+    }
+    if (result != OK) {
         return dav_new_error(r->pool, result, 0, NULL);
     }
 

Modified: httpd/sandbox/amsterdam/d/modules/echo/mod_echo.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/echo/mod_echo.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/echo/mod_echo.c (original)
+++ httpd/sandbox/amsterdam/d/modules/echo/mod_echo.c Mon Apr  7 09:28:58 2008
@@ -14,7 +14,6 @@
  * limitations under the License.
  */
 
-#define CORE_PRIVATE
 #include "ap_config.h"
 #include "ap_mmn.h"
 #include "httpd.h"

Propchange: httpd/sandbox/amsterdam/d/modules/examples/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Mon Apr  7 09:28:58 2008
@@ -0,0 +1,23 @@
+.deps
+.libs
+*.la
+modules.mk
+Makefile
+*.lo
+*.slo
+*.so
+*.x
+Debug
+Release
+*.plg
+*.aps
+*.dep
+*.mak
+*.rc
+BuildLog.htm
+*.stc
+*.stt
+*.sto
+*.vcproj
+*.vcproj.*
+

Modified: httpd/sandbox/amsterdam/d/modules/experimental/NWGNUmakefile
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/experimental/NWGNUmakefile?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/experimental/NWGNUmakefile (original)
+++ httpd/sandbox/amsterdam/d/modules/experimental/NWGNUmakefile Mon Apr  7 09:28:58 2008
@@ -151,19 +151,15 @@
 #
 # If there is an NLM target, put it here
 #
-# We are referencing example.nlm twice to get around a known issue with the
+# We are referencing substitute.nlm twice to get around a known issue with the
 # makefiles.  Normally if there is only one element to be built within a
 # directory, the makefile for the single element would be called NWGNUmakefile.
 # But if there are multiples, the parent NWGNUmakefile must reference more
 # than one submakefile. Because the experimental directory might vary in the
 # number of submakefiles, but for the moment only contains one, we reference
 # it twice to allow it parent NWGNUmakefile to work properly.  If another
-# submakefile is added, the extra reference to example.nlm should be removed.
+# submakefile is added, the extra reference to substitute.nlm should be removed.
 TARGET_nlm = \
-	$(OBJDIR)/example.nlm \
-	$(OBJDIR)/case_flt.nlm \
-	$(OBJDIR)/case_flt_in.nlm \
-	$(OBJDIR)/substitute.nlm \
 	$(EOLIST)
 
 #

Modified: httpd/sandbox/amsterdam/d/modules/experimental/config.m4
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/experimental/config.m4?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/experimental/config.m4 (original)
+++ httpd/sandbox/amsterdam/d/modules/experimental/config.m4 Mon Apr  7 09:28:58 2008
@@ -1,9 +1,4 @@
 
 APACHE_MODPATH_INIT(experimental)
 
-APACHE_MODULE(example, example and demo module, , , no)
-APACHE_MODULE(case_filter, example uppercase conversion filter, , , no)
-APACHE_MODULE(case_filter_in, example uppercase conversion input filter, , , no)
-APACHE_MODULE(substitute, response content rewrite-like filtering, , , most)
-
 APACHE_MODPATH_FINISH

Modified: httpd/sandbox/amsterdam/d/modules/filters/NWGNUmakefile
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/NWGNUmakefile?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/NWGNUmakefile (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/NWGNUmakefile Mon Apr  7 09:28:58 2008
@@ -155,6 +155,7 @@
 	$(OBJDIR)/extfiltr.nlm \
 	$(OBJDIR)/charsetl.nlm \
 	$(OBJDIR)/mod_filter.nlm \
+	$(OBJDIR)/substitute.nlm \
 	$(EOLIST)
 
 # If the zlib libraries source exists then build the mod_deflate module

Modified: httpd/sandbox/amsterdam/d/modules/filters/config.m4
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/config.m4?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/config.m4 (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/config.m4 Mon Apr  7 09:28:58 2008
@@ -7,6 +7,7 @@
 APACHE_MODULE(ext_filter, external filter module, , , most)
 APACHE_MODULE(include, Server Side Includes, , , yes)
 APACHE_MODULE(filter, Smart Filtering, , , yes)
+APACHE_MODULE(substitute, response content rewrite-like filtering, , , most)
 
 if test "$ac_cv_ebcdic" = "yes"; then
 # mod_charset_lite can be very useful on an ebcdic system,

Modified: httpd/sandbox/amsterdam/d/modules/filters/mod_charset_lite.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/mod_charset_lite.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/mod_charset_lite.c (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/mod_charset_lite.c Mon Apr  7 09:28:58 2008
@@ -26,7 +26,7 @@
 
 #include "httpd.h"
 #include "http_config.h"
-#define CORE_PRIVATE
+
 #include "http_core.h"
 #include "http_log.h"
 #include "http_main.h"
@@ -76,6 +76,8 @@
     const char *charset_default; /* how to ship on wire */
     /** module does ap_add_*_filter()? */
     enum {IA_INIT, IA_IMPADD, IA_NOIMPADD} implicit_add;
+    /** treat all mimetypes as text? */
+    enum {FX_INIT, FX_FORCE, FX_NOFORCE} force_xlate;
 } charset_dir_t;
 
 /* charset_filter_ctx_t is created for each filter instance; because the same
@@ -138,6 +140,8 @@
         over->charset_source ? over->charset_source : base->charset_source;
     a->implicit_add =
         over->implicit_add != IA_INIT ? over->implicit_add : base->implicit_add;
+    a->force_xlate=
+        over->force_xlate != FX_INIT ? over->force_xlate : base->force_xlate;
     return a;
 }
 
@@ -176,6 +180,12 @@
     else if (!strcasecmp(flag, "NoImplicitAdd")) {
         dc->implicit_add = IA_NOIMPADD;
     }
+    if (!strcasecmp(flag, "TranslateAllMimeTypes")) {
+        dc->force_xlate = FX_FORCE;
+    }
+    else if (!strcasecmp(flag, "NoTranslateAllMimeTypes")) {
+        dc->force_xlate = FX_NOFORCE;
+    }
     else if (!strncasecmp(flag, "DebugLevel=", 11)) {
         dc->debug = atoi(flag + 11);
     }
@@ -189,9 +199,9 @@
     return NULL;
 }
 
-/* find_code_page() is a fixup hook that decides if translation should be
- * enabled; if so, it sets up request data for use by the filter registration
- * hook so that it knows what to do
+/* find_code_page() is a fixup hook that checks if the module is
+ * configured and the input or output potentially need to be translated.
+ * If so, context is initialized for the filters.
  */
 static int find_code_page(request_rec *r)
 {
@@ -200,7 +210,6 @@
     charset_req_t *reqinfo;
     charset_filter_ctx_t *input_ctx, *output_ctx;
     apr_status_t rv;
-    const char *mime_type;
 
     if (dc->debug >= DBGLVL_FLOW) {
         ap_log_rerror(APLOG_MARK,APLOG_DEBUG, 0, r,
@@ -229,7 +238,10 @@
     }
 
     /* catch proxy requests */
-    if (r->proxyreq) return DECLINED;
+    if (r->proxyreq) {
+        return DECLINED;
+    }
+
     /* mod_rewrite indicators */
     if (r->filename
         && (!strncmp(r->filename, "redirect:", 9)
@@ -238,54 +250,10 @@
             || !strncmp(r->filename, "forbidden:", 10))) {
         return DECLINED;
     }
-    /* no translation when server and network charsets are set to the same value */
-    if (!strcasecmp(dc->charset_source, dc->charset_default)) return DECLINED;
 
-    mime_type = r->content_type ? r->content_type : ap_default_type(r);
-
-    /* If mime type isn't text or message, bail out.
-     */
-
-/* XXX When we handle translation of the request body, watch out here as
- *     1.3 allowed additional mime types: multipart and
- *     application/x-www-form-urlencoded
- */
-
-    if (strncasecmp(mime_type, "text/", 5) &&
-#if APR_CHARSET_EBCDIC || AP_WANT_DIR_TRANSLATION
-        /* On an EBCDIC machine, be willing to translate mod_autoindex-
-         * generated output.  Otherwise, it doesn't look too cool.
-         *
-         * XXX This isn't a perfect fix because this doesn't trigger us
-         * to convert from the charset of the source code to ASCII.  The
-         * general solution seems to be to allow a generator to set an
-         * indicator in the r specifying that the body is coded in the
-         * implementation character set (i.e., the charset of the source
-         * code).  This would get several different types of documents
-         * translated properly: mod_autoindex output, mod_status output,
-         * mod_info output, hard-coded error documents, etc.
-         */
-        strcmp(mime_type, DIR_MAGIC_TYPE) &&
-#endif
-        strncasecmp(mime_type, "message/", 8)) {
-        if (dc->debug >= DBGLVL_GORY) {
-            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                          "mime type is %s; no translation selected",
-                          mime_type);
-        }
-        /* We must not bail out here (i.e., the MIME test must be in the filter
-         * itself, not in the fixup, because only then is the final MIME type known.
-         * Examples for late changes to the MIME type include CGI handling (MIME
-         * type is set in the Content-Type header produced by the CGI script), or
-         * PHP (until PHP runs, the MIME type is set to application/x-httpd-php)
-         */
-    }
-
-    if (dc->debug >= DBGLVL_GORY) {
-        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
-                      "charset_source: %s charset_default: %s",
-                      dc && dc->charset_source ? dc->charset_source : "(none)",
-                      dc && dc->charset_default ? dc->charset_default : "(none)");
+    /* no translation when server and network charsets are set to the same value */
+    if (!strcasecmp(dc->charset_source, dc->charset_default)) {
+        return DECLINED;
     }
 
     /* Get storage for the request data and the output filter context.
@@ -302,14 +270,6 @@
 
     reqinfo->output_ctx = output_ctx;
 
-    /* We must not open the xlation table here yet, because the final MIME
-     * type is not known until we are actually called in the output filter.
-     * With POST or PUT request, the case is different, because their MIME
-     * type is set in the request headers, and their data are prerequisites
-     * for actually calling, e.g., the CGI handler later on.
-     */
-    output_ctx->xlate = NULL;
-
     switch (r->method_number) {
     case M_PUT:
     case M_POST:
@@ -832,18 +792,11 @@
         }
     }
 
-    /* Opening the output translation (this used to be done in the fixup hook,
-     * but that was too early: a subsequent type modification, e.g., by a
-     * CGI script, would go unnoticed. Now we do it in the filter itself.)
+    /* Check the mime type to see if translation should be performed.
      */
-    if (!ctx->noop && ctx->xlate == NULL)
-    {
+    if (!ctx->noop && ctx->xlate == NULL) {
         const char *mime_type = f->r->content_type ? f->r->content_type : ap_default_type(f->r);
 
-        /* XXX When we handle translation of the request body, watch out here as
-         *     1.3 allowed additional mime types: multipart and
-         *     application/x-www-form-urlencoded
-         */
         if (strncasecmp(mime_type, "text/", 5) == 0 ||
 #if APR_CHARSET_EBCDIC
         /* On an EBCDIC machine, be willing to translate mod_autoindex-
@@ -858,12 +811,13 @@
          * translated properly: mod_autoindex output, mod_status output,
          * mod_info output, hard-coded error documents, etc.
          */
-        strcmp(mime_type, DIR_MAGIC_TYPE) == 0 ||
+            strcmp(mime_type, DIR_MAGIC_TYPE) == 0 ||
 #endif
-        strncasecmp(mime_type, "message/", 8) == 0) {
+            strncasecmp(mime_type, "message/", 8) == 0 || 
+            dc->force_xlate == FX_FORCE) {
 
             rv = apr_xlate_open(&ctx->xlate,
-                        dc->charset_default, dc->charset_source, f->r->pool);
+                                dc->charset_default, dc->charset_source, f->r->pool);
             if (rv != APR_SUCCESS) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, f->r,
                               "can't open translation %s->%s",
@@ -877,20 +831,21 @@
             }
         }
         else {
-                ctx->noop = 1;
-                if (dc->debug >= DBGLVL_GORY)
-                    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, f->r,
-                                  "mime type is %s; no translation selected",
-                                  mime_type);
+            ctx->noop = 1;
+            if (dc->debug >= DBGLVL_GORY) {
+                ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, f->r,
+                              "mime type is %s; no translation selected",
+                              mime_type);
             }
+        }
     }
 
     if (dc->debug >= DBGLVL_GORY) {
         ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, f->r,
-                     "xlate_out_filter() - "
-                     "charset_source: %s charset_default: %s",
-                     dc && dc->charset_source ? dc->charset_source : "(none)",
-                     dc && dc->charset_default ? dc->charset_default : "(none)");
+                      "xlate_out_filter() - "
+                      "charset_source: %s charset_default: %s",
+                      dc && dc->charset_source ? dc->charset_source : "(none)",
+                      dc && dc->charset_default ? dc->charset_default : "(none)");
     }
 
     if (!ctx->ran) {  /* filter never ran before */
@@ -1147,7 +1102,8 @@
                     add_charset_options,
                     NULL,
                     OR_FILEINFO,
-                    "valid options: ImplicitAdd, NoImplicitAdd, DebugLevel=n"),
+                    "valid options: ImplicitAdd, NoImplicitAdd, TranslateAllMimeTypes, "
+                    "NoTranslateAllMimeTypes, DebugLevel=n"),
     {NULL}
 };
 

Modified: httpd/sandbox/amsterdam/d/modules/filters/mod_deflate.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/mod_deflate.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/mod_deflate.c (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/mod_deflate.c Mon Apr  7 09:28:58 2008
@@ -373,25 +373,20 @@
     return APR_SUCCESS;
 }
 /* PR 39727: we're screwing up our clients if we leave a strong ETag
- * header while transforming content.  A minimal fix that makes us
- * protocol-compliant is to make it a weak ETag.  Whether we can
- * use this ourselves (e.g. in mod_cache) is a different issue.
+ * header while transforming content.  Henrik Nordstrom suggests
+ * appending ";gzip".
  *
- * Henrik Nordstrom suggests instead appending ";gzip", commenting:
- *   "This should allows for easy bidirectional mapping, simplifying most
- *   conditionals as no transformation of the entity body is needed to find
- *   the etag, and the simple format makes it easier to trace should any
- *   misunderstandings occur."
- *
- * We might consider such a strategy in future if we implement support
- * for such a scheme.
+ * Pending a more thorough review of our Etag handling, let's just
+ * implement his suggestion.  It fixes the bug, or at least turns it
+ * from a showstopper to an inefficiency.  And it breaks nothing that
+ * wasn't already broken.
  */
-static void deflate_check_etag(request_rec *r)
+static void deflate_check_etag(request_rec *r, const char *transform)
 {
     const char *etag = apr_table_get(r->headers_out, "ETag");
     if (etag && (((etag[0] != 'W') && (etag[0] !='w')) || (etag[1] != '/'))) {
         apr_table_set(r->headers_out, "ETag",
-                      apr_pstrcat(r->pool, "W/", etag, NULL));
+                      apr_pstrcat(r->pool, etag, "-", transform, NULL));
     }
 }
 static apr_status_t deflate_out_filter(ap_filter_t *f,
@@ -591,7 +586,7 @@
         }
         apr_table_unset(r->headers_out, "Content-Length");
         apr_table_unset(r->headers_out, "Content-MD5");
-        deflate_check_etag(r);
+        deflate_check_etag(r, "gzip");
 
         /* initialize deflate output buffer */
         ctx->stream.next_out = ctx->buffer;
@@ -1084,7 +1079,7 @@
         /* these are unlikely to be set anyway, but ... */
         apr_table_unset(r->headers_out, "Content-Length");
         apr_table_unset(r->headers_out, "Content-MD5");
-        deflate_check_etag(r);
+        deflate_check_etag(r, "gunzip");
 
         /* initialize inflate output buffer */
         ctx->stream.next_out = ctx->buffer;

Modified: httpd/sandbox/amsterdam/d/modules/filters/mod_ext_filter.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/mod_ext_filter.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/mod_ext_filter.c (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/mod_ext_filter.c Mon Apr  7 09:28:58 2008
@@ -22,7 +22,7 @@
 #include "http_config.h"
 #include "http_log.h"
 #include "http_protocol.h"
-#define CORE_PRIVATE
+
 #include "http_core.h"
 #include "apr_buckets.h"
 #include "util_filter.h"

Modified: httpd/sandbox/amsterdam/d/modules/filters/mod_filter.c
URL: http://svn.apache.org/viewvc/httpd/sandbox/amsterdam/d/modules/filters/mod_filter.c?rev=645594&r1=645593&r2=645594&view=diff
==============================================================================
--- httpd/sandbox/amsterdam/d/modules/filters/mod_filter.c (original)
+++ httpd/sandbox/amsterdam/d/modules/filters/mod_filter.c Mon Apr  7 09:28:58 2008
@@ -24,6 +24,7 @@
 #include "http_request.h"
 #include "http_log.h"
 #include "util_filter.h"
+#include "ap_expr.h"
 
 module AP_MODULE_DECLARE_DATA filter_module;
 
@@ -35,46 +36,13 @@
  * (2.0-compatible) ap_filter_rec_t* frec.
  */
 struct ap_filter_provider_t {
-    /** How to match this provider to filter dispatch criterion */
-    enum {
-        STRING_MATCH,
-        STRING_CONTAINS,
-        REGEX_MATCH,
-        INT_EQ,
-        INT_LT,
-        INT_LE,
-        INT_GT,
-        INT_GE,
-        DEFINED
-    } match_type;
-
-    /** negation on match_type */
-    int not;
-
-    /** The dispatch match itself - union member depends on match_type */
-    union {
-        const char *string;
-        ap_regex_t *regex;
-        int         number;
-    } match;
+    ap_parse_node_t *expr;
 
     /** The filter that implements this provider */
     ap_filter_rec_t *frec;
 
     /** The next provider in the list */
     ap_filter_provider_t *next;
-
-    /** Dispatch criteria for filter providers */
-    enum {
-        HANDLER,
-        REQUEST_HEADERS,
-        RESPONSE_HEADERS,
-        SUBPROCESS_ENV,
-        CONTENT_TYPE
-    } dispatch;
-
-    /** Match value for filter providers */
-    const char* value;
 };
 
 /** we need provider_ctx to save ctx values set by providers in filter_init */
@@ -137,7 +105,12 @@
 
     harness_ctx *fctx = apr_pcalloc(f->r->pool, sizeof(harness_ctx));
     for (p = filter->providers; p; p = p->next) {
-        if (p->frec->filter_init_func) {
+        if (p->frec->filter_init_func == filter_init) {
+            ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, f->c,
+                          "Chaining of FilterProviders not supported");
+            return HTTP_INTERNAL_SERVER_ERROR;
+        }
+        else if (p->frec->filter_init_func) {
             f->ctx = NULL;
             if ((err = p->frec->filter_init_func(f)) != OK) {
                 ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, f->c,
@@ -157,13 +130,13 @@
     f->ctx = fctx;
     return OK;
 }
-
 static int filter_lookup(ap_filter_t *f, ap_filter_rec_t *filter)
 {
     ap_filter_provider_t *provider;
     const char *str = NULL;
     char *str1;
     int match;
+    int err = 0;
     unsigned int proto_flags;
     request_rec *r = f->r;
     harness_ctx *ctx = f->ctx;
@@ -173,90 +146,14 @@
 
     /* Check registered providers in order */
     for (provider = filter->providers; provider; provider = provider->next) {
-        match = 1;
-        switch (provider->dispatch) {
-        case REQUEST_HEADERS:
-            str = apr_table_get(r->headers_in, provider->value);
-            break;
-        case RESPONSE_HEADERS:
-            str = apr_table_get(r->headers_out, provider->value);
-            break;
-        case SUBPROCESS_ENV:
-            str = apr_table_get(r->subprocess_env, provider->value);
-            break;
-        case CONTENT_TYPE:
-            str = r->content_type;
-            break;
-        case HANDLER:
-            str = r->handler;
-            break;
-        }
-
-        /* treat nulls so we don't have to check every strcmp individually
-         * Not sure if there's anything better to do with them
-         */
-        if (!str) {
-            if (provider->match_type == DEFINED && provider->match.string) {
-                match = 0;
-            }
-        }
-        /* we can't check for NULL in provider as that kills integer 0
-         * so we have to test each string/regexp case in the switch
-         */
-        else {
-            switch (provider->match_type) {
-            case STRING_MATCH:
-                if (strcasecmp(str, provider->match.string)) {
-                    match = 0;
-                }
-                break;
-            case STRING_CONTAINS:
-                str1 = apr_pstrdup(r->pool, str);
-                ap_str_tolower(str1);
-                if (!strstr(str1, provider->match.string)) {
-                    match = 0;
-                }
-                break;
-            case REGEX_MATCH:
-                if (ap_regexec(provider->match.regex, str, 0, NULL, 0)
-                    == AP_REG_NOMATCH) {
-                    match = 0;
-                }
-                break;
-            case INT_EQ:
-                if (atoi(str) != provider->match.number) {
-                    match = 0;
-                }
-                break;
-            /* Integer comparisons should be [var] OP [match]
-             * We need to set match = 0 if the condition fails
-             */
-            case INT_LT:
-                if (atoi(str) >= provider->match.number) {
-                    match = 0;
-                }
-                break;
-            case INT_LE:
-                if (atoi(str) > provider->match.number) {
-                    match = 0;
-                }
-                break;
-            case INT_GT:
-                if (atoi(str) <= provider->match.number) {
-                    match = 0;
-                }
-                break;
-            case INT_GE:
-                if (atoi(str) < provider->match.number) {
-                    match = 0;
-                }
-                break;
-            case DEFINED:        /* we already handled this:-) */
-                break;
-            }
+        match = ap_expr_eval(r, provider->expr, &err, NULL, ap_expr_string, NULL);
+        if (err) {
+            /* log error but accept match value ? */
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+                          "Error evaluating filter dispatch condition");
         }
 
-        if (match != provider->not) {
+        if (match) {
             /* condition matches this provider */
 #ifndef NO_PROTOCOL
             /* check protocol
@@ -492,27 +389,17 @@
     return NULL;
 }
 
-static const char *filter_provider(cmd_parms *cmd, void *CFG, const char *args)
+static const char *filter_provider(cmd_parms *cmd, void *CFG,
+				   const char *fname, const char *pname,
+				   const char *expr)
 {
     mod_filter_cfg *cfg = CFG;
-    int flags;
     ap_filter_provider_t *provider;
-    const char *rxend;
     const char *c;
-    char *str;
-    const char *eq;
     ap_filter_rec_t* frec;
     ap_filter_rec_t* provider_frec;
-
-    /* insist on exactly four arguments */
-    const char *fname = ap_getword_conf(cmd->pool, &args) ;
-    const char *pname = ap_getword_conf(cmd->pool, &args) ;
-    const char *condition = ap_getword_conf(cmd->pool, &args) ;
-    const char *match = ap_getword_conf(cmd->pool, &args) ;
-    eq = ap_getword_conf(cmd->pool, &args) ;
-    if ( !*fname || !*pname || !*match || !*condition || *eq ) {
-        return "usage: FilterProvider filter provider condition match" ;
-    }
+    ap_parse_node_t *node;
+    int err = 0;
 
     /* fname has been declared with DeclareFilter, so we can look it up */
     frec = apr_hash_get(cfg->live_filters, fname, APR_HASH_KEY_STRING);
@@ -533,121 +420,19 @@
     /* if provider has been registered, we can look it up */
     provider_frec = ap_get_output_filter_handle(pname);
     if (!provider_frec) {
-        provider_frec = apr_hash_get(cfg->live_filters, pname,
-                                     APR_HASH_KEY_STRING);
-    }
-    if (!provider_frec) {
         return apr_psprintf(cmd->pool, "Unknown filter provider %s", pname);
     }
-
-    provider = apr_palloc(cmd->pool, sizeof(ap_filter_provider_t));
-    if (*match == '!') {
-        provider->not = 1;
-        ++match;
-    }
-    else {
-        provider->not = 0;
+    node = ap_expr_parse(cmd->pool, expr, &err);
+    if (err) {
+        return "Error parsing FilterProvider expression.";
     }
 
-    switch (*match++) {
-    case '<':
-        if (*match == '=') {
-            provider->match_type = INT_LE;
-            ++match;
-        }
-        else {
-            provider->match_type = INT_LT;
-        }
-        provider->match.number = atoi(match);
-        break;
-    case '>':
-        if (*match == '=') {
-            provider->match_type = INT_GE;
-            ++match;
-        }
-        else {
-            provider->match_type = INT_GT;
-        }
-        provider->match.number = atoi(match);
-        break;
-    case '=':
-        provider->match_type = INT_EQ;
-        provider->match.number = atoi(match);
-        break;
-    case '/':
-        provider->match_type = REGEX_MATCH;
-        rxend = ap_strchr_c(match, '/');
-        if (!rxend) {
-              return "Bad regexp syntax";
-        }
-        flags = AP_REG_NOSUB;        /* we're not mod_rewrite:-) */
-        for (c = rxend+1; *c; ++c) {
-            switch (*c) {
-            case 'i': flags |= AP_REG_ICASE; break;
-            }
-        }
-        provider->match.regex = ap_pregcomp(cmd->pool,
-                                            apr_pstrndup(cmd->pool,
-                                                         match,
-                                                         rxend-match),
-                                            flags);
-        if (provider->match.regex == NULL) {
-            return "Bad regexp";
-        }
-        break;
-    case '*':
-        provider->match_type = DEFINED;
-        provider->match.number = -1;
-        break;
-    case '$':
-        provider->match_type = STRING_CONTAINS;
-        str = apr_pstrdup(cmd->pool, match);
-        ap_str_tolower(str);
-        provider->match.string = str;
-        break;
-    default:
-        provider->match_type = STRING_MATCH;
-        provider->match.string = apr_pstrdup(cmd->pool, match-1);
-        break;
-    }
+    provider = apr_palloc(cmd->pool, sizeof(ap_filter_provider_t));
+    provider->expr = node;
     provider->frec = provider_frec;
     provider->next = frec->providers;
     frec->providers = provider;
 
-    /* determine what a filter will dispatch this provider on */
-    eq = ap_strchr_c(condition, '=');
-    if (eq) {
-        str = apr_pstrdup(cmd->pool, eq+1);
-        if (!strncasecmp(condition, "env=", 4)) {
-            provider->dispatch = SUBPROCESS_ENV;
-        }
-        else if (!strncasecmp(condition, "req=", 4)) {
-            provider->dispatch = REQUEST_HEADERS;
-        }
-        else if (!strncasecmp(condition, "resp=", 5)) {
-            provider->dispatch = RESPONSE_HEADERS;
-        }
-        else {
-            return "FilterProvider: unrecognized dispatch table";
-        }
-    }
-    else {
-        if (!strcasecmp(condition, "handler")) {
-            provider->dispatch = HANDLER;
-        }
-        else {
-            provider->dispatch = RESPONSE_HEADERS;
-        }
-        str = apr_pstrdup(cmd->pool, condition);
-        ap_str_tolower(str);
-    }
-
-    if (   (provider->dispatch == RESPONSE_HEADERS)
-        && !strcasecmp(str, "content-type")) {
-        provider->dispatch = CONTENT_TYPE;
-    }
-    provider->value = str;
-
     return NULL;
 }
 
@@ -850,8 +635,8 @@
     AP_INIT_TAKE12("FilterDeclare", filter_declare, NULL, OR_OPTIONS,
         "filter-name [filter-type]"),
     /** we don't have a TAKE4, so we have to use RAW_ARGS */
-    AP_INIT_RAW_ARGS("FilterProvider", filter_provider, NULL, OR_OPTIONS,
-        "filter-name provider-name dispatch-criterion dispatch-match"),
+    AP_INIT_TAKE3("FilterProvider", filter_provider, NULL, OR_OPTIONS,
+        "filter-name provider-name match-expression"),
     AP_INIT_ITERATE("FilterChain", filter_chain, NULL, OR_OPTIONS,
         "list of filter names with optional [+-=!@]"),
     AP_INIT_TAKE2("FilterTrace", filter_debug, NULL, RSRC_CONF | ACCESS_CONF,



Mime
View raw message