1 <?xml version='1.0' encoding='UTF-8' ?>
2 <!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="new_api_2_4.xml.meta">
25 <title>API Changes in Apache HTTP Server 2.4 since 2.2</title>
28 <p>This document describes changes to the Apache HTTPD API from
29 version 2.2 to 2.4, that may be of interest to module/application
30 developers and core hacks. At the time of writing, the 2.4 API
31 is not finalised, and this document may serve to highlight
32 points that call for further review.</p>
33 <p>API changes fall into two categories: APIs that are altogether new,
34 and existing APIs that are expanded or changed. The latter are
35 further divided into those where all changes are back-compatible
36 (so existing modules can ignore them), and those that might
37 require attention by maintainers. As with the transition from
38 HTTPD 2.0 to 2.2, existing modules and applications will require
39 recompiling and may call for some attention, but most should not
40 require any substantial updating (although some may be able to
41 take advantage of API changes to offer significant improvements).</p>
42 <p>For the purpose of this document, the API is split according
43 to the public header files. These headers are themselves the
44 reference documentation, and can be used to generate a browsable
45 HTML reference with <code>make docs</code>.</p>
48 <section id="api_changes">
49 <title>Changed APIs</title>
51 <section id="ap_expr">
52 <title>ap_expr (NEW!)</title>
53 <p>Introduces a new API to parse and evaluate boolean and algebraic
54 expressions, including provision for a standard syntax and
55 customised variants.</p>
58 <section id="ap_listen">
59 <title>ap_listen (changed; back-compatible)</title>
60 <p>Introduces new API to enable apache child processes to serve different purposes.</p>
64 <title>ap_mpm (changed)</title>
65 <p><code>ap_mpm_run</code> is replaced by a new <code>mpm</code> hook.
66 Also <code>ap_graceful_stop_signalled</code> is lost, and
67 <code>ap_mpm_register_timed_callback</code> is new.</p>
70 <section id="ap_regex">
71 <title>ap_regex (changed)</title>
72 <p>In addition to the existing regexp wrapper, a new higher-level API
73 <code>ap_rxplus</code> is now provided. This provides the capability to
74 compile Perl-style expressions like <code>s/regexp/replacement/flags</code>
75 and to execute them against arbitrary strings. Support for regexp
79 <section id="ap_slotmem">
80 <title>ap_slotmem (NEW!)</title>
81 <p>Introduces an API for modules to allocate and manage memory slots
82 (normally) for shared memory.</p>
85 <section id="ap_socache">
86 <title>ap_socache (NEW!)</title>
87 <p>API to manage a shared object cache.</p>
90 <section id="heartbeat">
91 <title>heartbeat (NEW!)</title>
92 <p>common structures for heartbeat modules (should this be public API?)</p>
95 <section id="ap_parse_htaccess">
96 <title>ap_parse_htaccess (changed)</title>
97 <p>The function signature for <code>ap_parse_htaccess</code> has been
98 changed. A <code>apr_table_t</code> of individual directives allowed
99 for override must now be passed (override remains).</p>
102 <section id="http_config">
103 <title>http_config (changed)</title>
105 <li>Introduces per-module, per-directory loglevels, including macro wrappers.</li>
106 <li>New AP_DECLARE_MODULE macro to declare all modules.</li>
107 <li>New APLOG_USE_MODULE macro necessary for per-module loglevels in
108 multi-file modules.</li>
109 <li>New API to retain data across module unload/load</li>
110 <li>New check_config hook</li>
111 <li>New ap_process_fnmatch_configs() to process wildcards</li>
112 <li>Change ap_configfile_t, ap_cfg_getline(), ap_cfg_getc() to return error
113 code, new ap_pcfg_strerror().</li>
114 <li>Any config directive permitted in ACCESS_CONF context must now
115 correctly handle being called from an .htaccess file via the new
116 <directive module="core">AllowOverrideList</directive> directive.
117 ap_check_cmd_context() accepts a new flag NOT_IN_HTACCESS to detect
122 <section id="http_core">
123 <title>http_core (changed)</title>
125 <li>REMOVED ap_default_type, ap_requires, all 2.2 authnz API</li>
126 <li>Introduces Optional Functions for logio and authnz</li>
127 <li>New function ap_get_server_name_for_url to support ipv6 literals.</li>
128 <li>New function ap_register_errorlog_handler to register errorlog
129 format string handlers.</li>
130 <li>Arguments of error_log hook have changed. Declaration has moved to
131 <code>http_core.h</code>.</li>
132 <li>New function ap_state_query to determine if the server is in the
133 initial configuration preflight phase or not. This is both easier to
134 use and more correct than the old method of creating a pool userdata
135 entry in the process pool.</li>
136 <li>New function ap_get_conn_socket to get the socket descriptor for a
137 connection. This should be used instead of accessing the core
138 connection config directly.</li>
143 <title>httpd (changed)</title>
145 <li>Introduce per-directory, per-module loglevel</li>
146 <li>New loglevels APLOG_TRACEn</li>
147 <li>Introduce errorlog ids for requests and connections</li>
148 <li>Support for mod_request kept_body</li>
149 <li>Support buffering filter data for async requests</li>
150 <li>New CONN_STATE values</li>
151 <li>Function changes: ap_escape_html updated; ap_unescape_all,
152 ap_escape_path_segment_buffer</li>
153 <li>Modules that load other modules later than the EXEC_ON_READ config
154 reading stage need to call ap_reserve_module_slots() or
155 ap_reserve_module_slots_directive() in their pre_config hook.</li>
156 <li>The useragent IP address per request can now be specified
157 independently of the client IP address of the connection for
158 the benefit of load balancers</li>
162 <section id="http_log">
163 <title>http_log (changed)</title>
165 <li>Introduce per-directory, per-module loglevel</li>
166 <li>New loglevels APLOG_TRACEn</li>
167 <li>ap_log_*error become macro wrappers (fully back-compatible if
168 APLOG_MARK macro is used)</li>
169 <li>piped logging revamped</li>
170 <li>module_index added to error_log hook</li>
171 <li>new function: ap_log_command_line</li>
175 <section id="http_request">
176 <title>http_request (changed)</title>
178 <li>New auth_internal API and auth_provider API</li>
179 <li>New EOR bucket type</li>
180 <li>New function ap_process_async_request</li>
181 <li>New flags AP_AUTH_INTERNAL_PER_CONF and AP_AUTH_INTERNAL_PER_URI</li>
182 <li>New access_checker_ex hook to apply additional access control and/or
183 bypass authentication.</li>
184 <li>New functions ap_hook_check_access_ex, ap_hook_check_access,
185 ap_hook_check_authn, ap_hook_check_authz which accept
186 AP_AUTH_INTERNAL_PER_* flags</li>
187 <li>DEPRECATED direct use of ap_hook_access_checker, access_checker_ex,
188 ap_hook_check_user_id, ap_hook_auth_checker</li>
190 <p>When possible, registering all access control hooks (including
191 authentication and authorization hooks) using AP_AUTH_INTERNAL_PER_CONF
192 is recommended. If all modules' access control hooks are registered
193 with this flag, then whenever the server handles an internal
194 sub-request that matches the same set of access control configuration
195 directives as the initial request (which is the common case), it can
196 avoid invoking the access control hooks another time.</p>
197 <p>If your module requires the old behavior and must perform access
198 control checks on every sub-request with a different URI from the
199 initial request, even if that URI matches the same set of access
200 control configuration directives, then use AP_AUTH_INTERNAL_PER_URI.</p>
203 <section id="mod_auth">
204 <title>mod_auth (NEW!)</title>
205 <p>Introduces the new provider framework for authn and authz</p>
208 <section id="mod_cache">
209 <title>mod_cache (changed)</title>
210 <p>Introduces a commit_entity() function to the cache provider interface,
211 allowing atomic writes to cache. Add a cache_status() hook to report
212 the cache decision. Remove all private structures and functions from the
213 public mod_cache.h header file.</p>
216 <section id="mod_core">
217 <title>mod_core (NEW!)</title>
218 <p>This introduces low-level APIs to send arbitrary headers,
219 and exposes functions to handle HTTP OPTIONS and TRACE.</p>
222 <section id="mod_cache_disk">
223 <title>mod_cache_disk (changed)</title>
224 <p>Changes the disk format of the disk cache to support atomic cache
225 updates without locking. The device/inode pair of the body file is
226 embedded in the header file, allowing confirmation that the header
227 and body belong to one another.</p>
230 <section id="mod_disk_cache">
231 <title>mod_disk_cache (renamed)</title>
232 <p>The mod_disk_cache module has been renamed to mod_cache_disk in
233 order to be consistent with the naming of other modules within the
237 <section id="mod_request">
238 <title>mod_request (NEW!)</title>
239 <p>The API for <module>mod_request</module>, to make input data
240 available to multiple application/handler modules where required,
241 and to parse HTML form data.</p>
244 <section id="mpm_common">
245 <title>mpm_common (changed)</title>
247 <li>REMOVES: accept, lockfile, lock_mech, set_scoreboard (locking uses the new ap_mutex API)</li>
248 <li>NEW API to drop privileges (delegates this platform-dependent
249 function to modules)</li>
250 <li>NEW Hooks: mpm_query, timed_callback, and get_name</li>
251 <li>CHANGED interfaces: monitor hook,
252 ap_reclaim_child_processes, ap_relieve_child_processes</li>
256 <section id="scoreboard">
257 <title>scoreboard (changed)</title>
258 <p>ap_get_scoreboard_worker is gratuitously made non-back-compatible
259 as an alternative version is introduced. Additional proxy_balancer
260 support. Child status stuff revamped.</p>
263 <section id="util_cookies">
264 <title>util_cookies (NEW!)</title>
265 <p>Introduces a new API for managing HTTP Cookies.</p>
268 <section id="util_ldap">
269 <title>util_ldap (changed)</title>
270 <p>I have yet to get a handle on this update.</p>
273 <section id="util_mutex">
274 <title>util_mutex (NEW!)</title>
275 <p>A wrapper for APR proc and global mutexes in httpd.</p>
278 <section id="util_script">
279 <title>util_script (changed)</title>
280 <p>NEW: ap_args_to_table</p>
283 <section id="util_time">
284 <title>util_time (changed)</title>
285 <p>NEW: ap_recent_ctime_ex</p>
290 <section id="upgrading">
291 <title>Specific information on upgrading modules from 2.2</title>
293 <section id="upgrading_logging">
294 <title>Logging</title>
295 <p>In order to take advantage of per-module loglevel configuration, any
296 source file that calls the <code>ap_log_*</code> functions should declare
297 which module it belongs to. If the module's module_struct is called
298 <code>foo_module</code>, the following code can be used to remain
299 backward compatible with HTTPD 2.0 and 2.2:</p>
301 #include <http_log.h><br/>
303 #ifdef APLOG_USE_MODULE<br/>
304 APLOG_USE_MODULE(foo);<br/>
307 <p>Note: This is absolutely required for C++-language modules. It
308 can be skipped for C-language modules, though that breaks
309 module-specific log level support for files without it.</p>
310 <p>The number of parameters of the <code>ap_log_*</code> functions and the
311 definition of <code>APLOG_MARK</code> has changed. Normally, the change
312 is completely transparent. However, changes are required if a
313 module uses <code>APLOG_MARK</code> as a parameter to its own functions
314 or if a module calls <code>ap_log_*</code> without passing
315 <code>APLOG_MARK</code>. A module which uses wrappers
316 around <code>ap_log_*</code> typically uses both of these constructs.</p>
318 <p>The easiest way to change code which passes <code>APLOG_MARK</code> to
319 its own functions is to define and use a different macro that expands to
320 the parameters required by those functions, as <code>APLOG_MARK</code>
321 should only be used when calling <code>ap_log_*</code>
322 directly. In this way, the code will remain compatible with HTTPD 2.0
325 <p>Code which calls <code>ap_log_*</code> without passing
326 <code>APLOG_MARK</code> will necessarily differ between 2.4 and earlier
327 releases, as 2.4 requires a new third argument,
328 <code>APLOG_MODULE_INDEX</code>.</p>
331 /* code for httpd 2.0/2.2 */<br />
332 ap_log_perror(file, line, APLOG_ERR, 0, p, "Failed to allocate dynamic lock structure");<br />
334 /* code for httpd 2.4 */<br />
335 ap_log_perror(file, line, APLOG_MODULE_INDEX, APLOG_ERR, 0, p, "Failed to allocate dynamic lock structure");<br />
339 <p>A <code>server_rec</code> pointer must be passed to
340 <code>ap_log_error()</code> when called after startup. This
341 was always appropriate, but there are even more limitations with
342 a <code>NULL</code> <code>server_rec</code> in 2.4 than in
343 previous releases. Beginning with 2.3.12, the global variable
344 <code>ap_server_conf</code> can always be used as
345 the <code>server_rec</code> parameter, as it will be
346 <code>NULL</code> only when it is valid to pass <code>NULL</code>
347 to <code>ap_log_error()</code>. <code>ap_server_conf</code>
348 should be used only when a more appropriate <code>server_rec</code>
349 is not available.</p>
351 <p>Consider the following changes to take advantage of the new
352 <code>APLOG_TRACE1..8</code> log levels:</p>
354 <li>Check current use of <code>APLOG_DEBUG</code> and
355 consider if one of the <code>APLOG_TRACEn</code> levels is
356 more appropriate.</li>
357 <li>If your module currently has a mechanism for configuring
358 the amount of debug logging which is performed, consider
359 eliminating that mechanism and relying on the use of
360 different <code>APLOG_TRACEn</code> levels. If expensive
361 trace processing needs to be bypassed depending on the
362 configured log level, use the <code>APLOGtrace<em>n</em></code>
363 and <code>APLOGrtrace<em>n</em></code> macros to first check
364 if tracing is enabled.</li>
367 <p>Modules sometimes add process id and/or thread id to their log
368 messages. These ids are now logged by default, so it may not
369 be necessary for the module to log them explicitly. (Users may
370 remove them from the error log format, but they can be
371 instructed to add it back if necessary for problem diagnosis.)</p>
374 <section id="upgrading_byfunction">
375 <title>If your module uses these existing APIs...</title>
378 <dt><code>ap_default_type()</code></dt>
379 <dd>This is no longer available; Content-Type must be configured
380 explicitly or added by the application.</dd>
382 <dt><code>ap_get_server_name()</code></dt>
383 <dd>If the returned server name is used in a URL,
384 use <code>ap_get_server_name_for_url()</code> instead. This new
385 function handles the odd case where the server name is an IPv6
386 literal address.</dd>
388 <dt><code>ap_get_server_version()</code></dt>
389 <dd>For logging purposes, where detailed information is
390 appropriate, use <code>ap_get_server_description()</code>.
391 When generating output, where the amount of information
392 should be configurable by ServerTokens, use
393 <code>ap_get_server_banner()</code>.</dd>
395 <dt><code>ap_graceful_stop_signalled()</code></dt>
396 <dd>Replace with a call
397 to <code>ap_mpm_query(AP_MPMQ_MPM_STATE)</code> and checking for
398 state <code>AP_MPMQ_STOPPING</code>.</dd>
400 <dt><code>ap_max_daemons_limit</code>, <code>ap_my_generation</code>,
401 and <code>ap_threads_per_child</code></dt>
402 <dd>Use <code>ap_mpm_query()</code> query codes
403 <code>AP_MPMQ_MAX_DAEMON_USED</code>, <code>AP_MPMQ_GENERATION</code>,
404 and <code>AP_MPMQ_MAX_THREADS</code>, respectively.</dd>
406 <dt><code>ap_mpm_query()</code></dt>
407 <dd>Ensure that it is not used until after the register-hooks
408 hook has completed. Otherwise, an MPM built as a DSO
409 would not have had a chance to enable support for this
412 <dt><code>ap_server_conf->process->pool</code>
417 <li>If your module uses this to determine which pass of the
418 startup hooks is being run,
419 use <code>ap_state_query(AP_SQ_MAIN_STATE)</code>.</li>
420 <li>If your module uses this to maintain data across the
421 unloading and reloading of your module, use
422 <code>ap_retained_data_create()</code> and
423 <code>ap_retained_data_get()</code>.</li>
427 <dt><code>apr_global_mutex_create()</code>,
428 <code>apr_proc_mutex_create()</code></dt>
429 <dd>Optional: See <code>ap_mutex_register()</code>,
430 <code>ap_global_mutex_create()</code>, and
431 <code>ap_proc_mutex_create()</code>; these allow your
432 mutexes to be configurable with
433 the <directive module="core">Mutex</directive> directive;
434 you can also remove any configuration mechanisms in your
435 module for such mutexes
438 <dt><code>CORE_PRIVATE</code></dt>
439 <dd>This is now unnecessary and ignored.</dd>
441 <dt><code>dav_new_error()</code>
442 and <code>dav_new_error_tag()</code></dt>
443 <dd>Previously, these assumed that <code>errno</code> contained
444 information describing the failure. Now,
445 an <code>apr_status_t</code> parameter must be provided. Pass
446 0/APR_SUCCESS if there is no such error information, or a valid
447 <code>apr_status_t</code> value otherwise.</dd>
449 <dt><code>mpm_default.h</code>, <code>DEFAULT_LOCKFILE</code>,
450 <code>DEFAULT_THREAD_LIMIT</code>, <code>DEFAULT_PIDLOG</code>,
452 <dd>The header file and most of the default configuration
453 values set in it are no longer visible to modules. (Most can
454 still be overridden at build time.) <code>DEFAULT_PIDLOG</code>
455 and <code>DEFAULT_REL_RUNTIMEDIR</code> are now universally
456 available via <code>ap_config.h</code>.</dd>
458 <dt><code>unixd_config</code></dt>
459 <dd>This has been renamed to ap_unixd_config.</dd>
461 <dt><code>conn_rec->remote_ip and conn_rec->remote_addr</code></dt>
462 <dd>In order to distinguish between the client IP address of the
463 connection, and the useragent IP address of the request potentially
464 overridden by a load balancer or proxy, the above variables have
465 been renamed. If a module makes reference to either of the above
466 variables, they need to be replaced with one of the following two
467 options as appropriate for the module:
469 <li>When you require the IP address of the user agent, which
470 might be connected directly to the server, or might optionally be
471 separated from the server by a transparent load balancer or
472 proxy, use request_rec->useragent_ip and
473 request_rec->useragent_addr.</li>
474 <li>When you require the IP address of the client that is
475 connected directly to the server, which might be the useragent or
476 might be the load balancer or proxy itself, use
477 conn_rec->client_ip and conn_rec->client_addr.</li>
483 <section id="upgrading_byfeature">
484 <title>If your module interfaces with this feature...</title>
487 <dd>Optional: If your module logs an error
488 when <code>ap_unixd_config.suexec_enabled</code> is 0,
489 also log the value of the new
490 field <code>suexec_disabled_reason</code>, which contains an
491 explanation of why it is not available.</dd>
493 <dt>Extended status data in the scoreboard</dt>
494 <dd>In previous releases, <code>ExtendedStatus</code> had to be
495 set to <code>On</code>, which in turn required that
496 mod_status was loaded. In 2.4, just
497 set <code>ap_extended_status</code> to <code>1</code> in a
498 pre-config hook and the extended status data will be
504 <section id="upgrading_newfeatures">
505 <title>Does your module...</title>
507 <dt>Parse query args</dt>
508 <dd>Consider if <code>ap_args_to_table()</code> would be
511 <dt>Parse form data...</dt>
512 <dd>Use <code>ap_parse_form_data()</code>.</dd>
514 <dt>Check for request header fields <code>Content-Length</code>
515 and <code>Transfer-Encoding</code> to see if a body was
517 <dd>Use <code>ap_request_has_body()</code>.</dd>
519 <dt>Implement cleanups which clear pointer variables</dt>
520 <dd>Use <code>ap_pool_cleanup_set_null()</code>.</dd>