httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <hart...@hyperreal.com>
Subject Enhancement/fixes to apache 0.8.8 (fwd)
Date Mon, 21 Aug 1995 23:20:01 GMT
Forwarded message:

> From moy@parc.xerox.com  Mon Aug 21 13:05:31 1995
> Date: Mon, 21 Aug 1995 13:03:35 PDT
> Sender: Ed Moy <moy@parc.xerox.com>
> From: Edward Moy <moy@parc.xerox.com>
> X-Sender: moy@bolivar
> To: apache-bugs@apache.org
> Subject: Enhancement/fixes to apache 0.8.8
> Message-ID: <Pine.SUN.3.90.950821130036.15804A-100000@bolivar>
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> 
> I've made some useful patches to Apache 0.8.8, which I hope you will
> included in a future release.  The changes are summarized below.  Then the
> context diff is attached.
> 
> Edward Moy
> Xerox Palo Alto Research Center
> 3333 Coyote Hill Rd.
> Palo Alto, CA  94304
> 
> moy@parc.xerox.com
> 
> ----------- cut ---------------- cut ---------------- cut ------------
> Patches to Apache 0.8.8
> ------- -- ------ -----
> 
> Created a new module, mod_auth_pw.c, that uses the standard getpwname() and
> getgrname() function calls.  With NIS configured correctly, this accesses
> the central NIS databases.  Two new commands are defined, AuthPWUser and
> AuthPWGroup.
> 
> Modified all of the authentication modules, along with http_config.c, to
> allow multiple means of authentication.  Thus, if one method of user
> authentication fails, it is passed to another authentication modules (e.g.,
> one can use the mod_auth_pw.c authentication and, in addition, assign
> separate user/passwords using one of the other auth modules.  Also, one
> can, for instance, require password authentication using mod_auth_pw.c and
> define one's own require groups using one of the other auth modules.)
> 
> Patched http_request.c to allow .htaccess to override central config files
> if OVERRIDE_CONF is defined.  (In a recent netnews message, a user of
> Apache 0.6.5 converted to 0.8.8 and his .htaccess file stopped working.  I
> believe defining OVERRIDE_CONF will make it work as he expects).
> 
> Further, in http_request.c, overrides now always apply to the directory
> trees, so the .htacess as well as central config files can protect the
> whole directory tree.
> 
> The "allow/deny from ip_address" form now can take a bit mask:
> "allow/deny from ip_address:bit_mask", where bit_mask is either
> octet style (aaa.bbb.ccc.ddd) or hexidecimal (0xnnnnnnnn).  Actually, the
> bit mask is always used internally not.  So if 1.2.3 is defined, a bit
> mask of 0xffffff00 is automatically used.  1.2.3:0xfffffc00 uses a
> different bit mask.  (Note: the bit mask 255.255 corresponds to 0xffff0000,
> while the bit mask 0xffff is 0x0000ffff.)
> 
> All functions and globals in modules (except the module structure itself)
> are declared static to avoid name conflicts and to insure modularity.
> 
> util.c and util_script.c were modified to use pointers and registers rather
> than arrays for efficiency.
> 
> The getparent() routine in util.c has built-in squashing of slashes (much
> like no2slash.
> 
> The is_url() routing in util.c now requires that some text exist before
> the colon for it to return true.
> 
> The dbmmanage script was heavily modified to support the new commands,
> addgroup (add one or more groups to an existing user), delgroup (remove
> one or more groups from an existing user), passwd (change the password of
> and existing user, keeping all groups intact) and makegroup (make a new
> group, or add to an existing group, one or more users, creating the users
> as needed).
> 
> dbmmanage now uses a random salt for the password.
> 
> Future possibilities (I may do them when I have the time)
> ------ -------------
> 
> It might be useful to allow users to define their own error and access
> files (will still logging to the central files as well), so that they can
> see their own errors without having to come to the administrator or without
> leaving the log files readable by everyone.  This might require a new
> method in the module definition.
> 
> In the imap module, "ellipse" and "point" (which point is closest to the
> mouse click) would be nice types.


I put the BIG patch file in httpd/incoming/EdwardMoy_patches
                                                     [rob]

Mime
View raw message