httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maik Mueller <maik...@hw1464.wdf.sap-ag.de>
Subject Re: Patches and Enhancements for a SSL-Proxy Based on Apache 2.0 (mod_ssl, mod_proxy, mod_headers)
Date Thu, 13 Feb 2003 09:13:51 GMT
Hi Erik,
> Hi Maik,
> Just post it here or to the docs-list (docs@httpd.apache.org) as a unified
> diff patch (diff -u). But please be aware, that we are generating the
> whole
> documentation from XML source. Therefore you should patch these instead of
> the HTML files.
Yes, I have already learned that.
I did a unified diff patch for the httpd-2.0.43 documentation and with
httpd-2.0.44 I again had to start at zero.

However, I'm not a document developer. Text layout is not my business. I
belief there are other guys who can do that much better than I. I only want
to provide them with the technical information to write a technically
correct documentation.

Here's the diff with my proposed changes:
--- httpd-2.0.44/docs/manual/mod/mod_headers.html.en    Fri Feb  7 17:42:09
2003
+++ /usr/local/apache2/manual/mod/mod_headers.html.en.orig      Sat Jan 18
16:20:55 2003
@@ -143,30 +143,6 @@
          MyHeader: D=3775428 t=991424704447256 mytext
        </code></p></div>
       </li>
-
-      <li>
-        <p>Use Apache with mod_proxy as a SSL proxy with SSL Client
Authentication.
-        The proxy requests SSL Client Authentication to identify the Web
client or
-        usually the user in front of the Web client. However, in many cases
the server
-        in the back-end is interested in the SSL connection information of
the client -
-        proxy connection.</p>
-        <p>With mod_headers you are able to export this information using
the
-        <code class="directive">RequestHeader</code> directive. In the
following example
-        we send the client certificate as <code>SSL_CLIENT_CERT</code>, the
used encryption key
-        size as <code>SSL_CIPHER_USEKEYSIZE</code> and the used cipher as
<code>SSL_CIPHER</code>
-        to the back-end system. If the client certificate uses a chain with
one or two intermediate CAs,
-        this CA certificates are placed in
<code>SSL_CLIENT_CERT_CHAIN_0</code> and
-        <code>SSL_CLIENT_CERT_CHAIN_1</code>:</p>
-        <div class="example"><pre><code>
-RequestHeader set SSL_CLIENT_CERT         %{SSL_CLIENT_CERT}E
env=SSL_CLIENT_S_DN
-RequestHeader set SSL_CLIENT_CERT_CHAIN_0 %{SSL_CLIENT_CERT_CHAIN_0}E
env=SSL_CLIENT_CERT_CHAIN_0
-RequestHeader set SSL_CLIENT_CERT_CHAIN_1 %{SSL_CLIENT_CERT_CHAIN_1}E
env=SSL_CLIENT_CERT_CHAIN_1
-RequestHeader set SSL_CIPHER_USEKEYSIZE   %{SSL_CIPHER_USEKEYSIZE}e
env=SSL_CIPHER_USEKEYSIZE
-RequestHeader set SSL_CIPHER_SUITE        %{SSL_CIPHER}e
env=SSL_CIPHER
-        </code></pre></div>
-        <p>The conditional clause (env=...) ensures that the request header
is only set
-       if the corresponding environment variable exists and avoids empty
headers.</p>
-      </li>
     </ol>
 </div>
 <div class="top"><a href="#page-header"><img alt="top"
src="../images/up.gif" /></a></div>
@@ -239,15 +215,8 @@
         of the request. The value is preceded by <code>D=</code>.</td></tr>

     <tr><td><code>%{FOOBAR}e</code></td>
-        <td>The content of the <a href="../env.html">environment
+        <td>The contents of the <a href="../env.html">environment
         variable</a> <code>FOOBAR</code>.</td></tr>
-
-    <tr><td><code>%{FOOBAR}E</code></td>
-        <td>The base64 encoded content of the <a
href="../env.html">environment
-        variable</a> <code>FOOBAR</code>.
-        If the environment variable already contains a base64 encoded body
(e. g. SSL_CLIENT_CERT)
-        the body will be set as the value of the header variable.
-    </td></tr>
     </table>

     <p>When the <code class="directive">Header</code> directive is used
with the
@@ -312,44 +281,7 @@
     ignored. For <code>add</code>, <code>append</code> and
     <code>set</code> a <var>value</var> is given as the third argument.
If
     <var>value</var> contains spaces, it should be surrounded by double
-    quotes. For unset, no <var>value</var> should be given.
-    <em>value</em> may be a character
-    string, a string containing format specifiers or a combination
-    of both. The following format specifiers are supported in
-    <em>value</em>:</p>
-
-    <table class="bordered">
-    <tr><td><code>%t</code></td>
-        <td>The time the request was received in Universal Coordinated Time
-        since the epoch (Jan. 1, 1970) measured in microseconds. The value
-        is preceded by <code>t=</code>.</td></tr>
-
-    <tr><td><code>%D</code></td>
-        <td>The time from when the request was received to the time the
-        headers are sent on the wire. This is a measure of the duration
-        of the request. The value is preceded by <code>D=</code>.</td></tr>
-
-    <tr><td><code>%{FOOBAR}e</code></td>
-        <td>The content of the <a href="../env.html">environment
-        variable</a> <code>FOOBAR</code>.</td></tr>
-
-    <tr><td><code>%{FOOBAR}E</code></td>
-        <td>The base64 encoded content of the <a
href="../env.html">environment
-        variable</a> <code>FOOBAR</code>.
-        If the environment variable already contains a base64 encoded body
(e. g. SSL_CLIENT_CERT)
-        the body will be set as the value of the header variable.
-    </td></tr>
-    </table>
-
-    <p>When the <code class="directive">RequestHeader</code> directive
is
used with the
-    <code>add</code>, <code>append</code>, or <code>set</code>
-    argument, a fourth argument may be used to specify conditions
-    under which the action will be taken. If the <a
href="../env.html">environment variable</a> specified in the
-    <code>env=...</code> argument exists (or if the environment
-    variable does not exist and <code>env=!...</code> is specified)
-    then the action specified by the <code
class="directive">RequestHeader</code> directive
-    will take effect. Otherwise, the directive will have no effect
-    on the request.</p>
+    quotes. For unset, no <var>value</var> should be given.</p>

     <p>The <code class="directive">RequestHeader</code> directive is
processed
     just before the request is run by its handler in the fixup phase.
@@ -361,4 +293,4 @@
 <div id="footer">
 <p class="apache">Maintained by the <a
href="http://httpd.apache.org/docs-project/">Apache HTTP Server
Documentation Project</a></p>
 <p class="menu"><a href="../mod/">Modules</a> | <a
href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a>
|
<a href="../glossary.html">Glossary</a> | <a
href="../sitemap.html">Sitemap</a></p></div>
-</body></html>
+</body></html>


Mime
View raw message