<name>Protocols</name>
<description>Protocols available for a server/virtual host</description>
<syntax>Protocols <var>protocol</var> ...</syntax>
+ <default>Protocols http/1.1</default>
<contextlist><context>server config</context><context>virtual host</context></contextlist>
<compatibility>Only available from Apache 2.4.17 and later.</compatibility>
server/virtual host. The list determines the allowed protocols
a client may negotiate for this server/host.</p>
- <p>You only need to set protocols if you want to limit the available
- protocols for a server/host. By default, all supported protocols
- are available to a client.</p>
+ <p>You need to set protocols if you want to extend the available
+ protocols for a server/host. By default, only the http/1.1 protocol
+ (which includes the compatibility with 1.0 and 0.9 clients) is
+ allowed.</p>
- <p>For example, if you want to support only HTTP/1.1 for a server, even
- though HTTP/2 is available, just specify this protocol only:</p>
+ <p>For example, if you want to support HTTP/2 for a server with TLS,
+ specify:</p>
<highlight language="config">
- Protocols http/1.1
+ Protocols h2 http/1.1
</highlight>
<p>Valid protocols are <code>http/1.1</code> for http and https connections,
<name>ProtocolsHonorOrder</name>
<description>Protocols available for a server/virtual host</description>
<syntax>ProtocolsHonorOrder On|Off</syntax>
- <default>ProtocolsHonorOrder Off</default>
+ <default>ProtocolsHonorOrder On</default>
<contextlist><context>server config</context><context>virtual host</context></contextlist>
<compatibility>Only available from Apache 2.4.17 and later.</compatibility>
<p>This directive specifies if the server should honor the order in which
the <directive>Protocols</directive> directive lists protocols.</p>
- <p>By default, a client supplies a list of supported protocols and the server
- selects an available one from that list in the given order.</p>
+ <p>If configured Off, the client supplied list order of protocols has
+ precedence over the order in the server configuration.</p>
- <p>With <directive>ProtocolsHonorOrder</directive> set to <code>on</code>, the
- client ordering does not matter and only the ordering in the server
- settings influences the outcome of the protocol negotiation.</p>
+ <p>With <directive>ProtocolsHonorOrder</directive> set to <code>on</code>
+ (default), the client ordering does not matter and only the ordering
+ in the server settings influences the outcome of the protocol
+ negotiation.</p>
</usage>
<seealso><directive module="core">Protocols</directive></seealso>
apr_array_header_t *choices)
{
apr_pool_t *pool = r? r->pool : c->pool;
- apr_array_header_t *proposals;
- const char *protocol = NULL, *existing = ap_get_protocol(c);
core_server_config *conf = ap_get_core_module_config(s->module_config);
+ const char *protocol = NULL, *existing = ap_get_protocol(c);;
+ apr_array_header_t *proposals;
if (APLOGcdebug(c)) {
const char *p = apr_array_pstrcat(pool, conf->protocols, ',');
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
"select protocol from %s, choices=%s for server %s",
- p, apr_array_pstrcat(pool, choices, ','),
+ p, choices?
+ apr_array_pstrcat(pool, choices, ',') : "NULL",
s->server_hostname);
}
- proposals = apr_array_make(pool, choices->nelts+1, sizeof(char *));
+ proposals = apr_array_make(pool, choices? choices->nelts+1 : 5,
+ sizeof(char *));
ap_run_protocol_propose(c, r, s, choices, proposals);
if (proposals->nelts > 0) {
int i;
- apr_array_header_t *prefs = ((conf->protocols_honor_order > 0
- && conf->protocols->nelts > 0)?
- conf->protocols : choices);
+ apr_array_header_t *prefs = NULL;
+
+ /* Default for protocols_honor_order is 'on' or != 0 */
+ if (conf->protocols_honor_order == 0 && choices && choices->nelts > 0) {
+ prefs = choices;
+ }
+ else {
+ prefs = conf->protocols;
+ }
/* If the existing protocol has not been proposed, but is a choice,
* add it to the proposals implicitly.
*/
- if (!ap_array_str_contains(proposals, existing)
+ if (choices
+ && !ap_array_str_contains(proposals, existing)
&& ap_array_str_contains(choices, existing)) {
APR_ARRAY_PUSH(proposals, const char*) = existing;
}
-
+
/* Select the most preferred protocol */
if (APLOGcdebug(c)) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
- "select protocol, proposals=%s preferences=%s",
+ "select protocol, proposals=%s preferences=%s configured=%s",
apr_array_pstrcat(pool, proposals, ','),
- apr_array_pstrcat(pool, prefs, ','));
+ apr_array_pstrcat(pool, prefs, ','),
+ apr_array_pstrcat(pool, conf->protocols, ','));
}
- for (i = 0; i < proposals->nelts; ++i) {
- const char *p = APR_ARRAY_IDX(proposals, i, const char *);
- if (conf->protocols->nelts > 0
- && !ap_array_str_contains(conf->protocols, p)) {
- /* not a permitted protocol here */
- continue;
- }
- else if (!protocol
- || (protocol_cmp(prefs, protocol, p) < 0)) {
- /* none selected yet or this on has preference */
- protocol = p;
+ if (conf->protocols->nelts <= 0) {
+ /* nothing configured, by default, we only allow http/1.1 here.
+ * For now...
+ */
+ return (ap_array_str_contains(proposals, AP_PROTOCOL_HTTP1)?
+ AP_PROTOCOL_HTTP1 : NULL);
+ }
+ else {
+ for (i = 0; i < proposals->nelts; ++i) {
+ const char *p = APR_ARRAY_IDX(proposals, i, const char *);
+ if (conf->protocols->nelts <= 0 && !strcmp(AP_PROTOCOL_HTTP1, p)) {
+ /* nothing configured, by default, we only allow http/1.1 here.
+ * For now...
+ */
+ continue;
+ }
+ if (!ap_array_str_contains(conf->protocols, p)) {
+ /* not a configured protocol here */
+ continue;
+ }
+ else if (!protocol
+ || (protocol_cmp(prefs, protocol, p) < 0)) {
+ /* none selected yet or this one has preference */
+ protocol = p;
+ }
}
}
}
protocol? protocol : "(none)");
}
- return protocol? protocol : existing;
+ return protocol;
}
AP_DECLARE(apr_status_t) ap_switch_protocol(conn_rec *c, request_rec *r,
projects / apache / commitdiff