From b2b160f243ebb02c6e10f79539dd8329a7c198a3 Mon Sep 17 00:00:00 2001 From: Yann Ylavic Date: Tue, 26 Apr 2016 08:55:57 +0000 Subject: [PATCH] Follow up to r1740928: update docs (contexts) and minor MMN. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1740967 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/mod_ssl.xml | 79 +++++++++++++++++++++---------------- include/ap_mmn.h | 6 ++- 2 files changed, 51 insertions(+), 34 deletions(-) diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 9dd5a96e5b..e673dbf8c3 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -1741,7 +1741,8 @@ SSLStrictSNIVHostCheck on SSLProxyMachineCertificatePath Directory of PEM-encoded client certificates and keys to be used by the proxy SSLProxyMachineCertificatePath directory -server config +server config virtual host +proxy section Not applicable @@ -1769,7 +1770,8 @@ SSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/ SSLProxyMachineCertificateFile File of concatenated PEM-encoded client certificates and keys to be used by the proxy SSLProxyMachineCertificateFile filename -server config +server config virtual host +proxy section Not applicable @@ -1797,7 +1799,8 @@ SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem SSLProxyMachineCertificateChainFile File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate SSLProxyMachineCertificateChainFile filename -server config +server config virtual host +proxy section Not applicable @@ -1830,8 +1833,9 @@ SSLProxyMachineCertificateChainFile /usr/local/apache2/conf/ssl.crt/proxyCA.pem Type of remote server Certificate verification SSLProxyVerify level SSLProxyVerify none -server config -virtual host +server config virtual host +proxy section +Not applicable @@ -1870,8 +1874,9 @@ SSLProxyVerify require Certificate verification SSLProxyVerifyDepth number SSLProxyVerifyDepth 1 -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -1899,8 +1904,9 @@ SSLProxyVerifyDepth 10 SSLProxyCheckPeerExpire on|off SSLProxyCheckPeerExpire on -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -1922,8 +1928,9 @@ SSLProxyCheckPeerExpire on SSLProxyCheckPeerCN on|off SSLProxyCheckPeerCN on -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -1951,8 +1958,9 @@ SSLProxyCheckPeerCN on SSLProxyCheckPeerName on|off SSLProxyCheckPeerName on -server config -virtual host +server config virtual host +proxy section +Not applicable Apache HTTP Server 2.4.5 and later @@ -1981,8 +1989,9 @@ but not for foo.bar.example.org). SSL Proxy Engine Operation Switch SSLProxyEngine on|off SSLProxyEngine off -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -2014,9 +2023,9 @@ proxy SSL/TLS requests.

Configure usable SSL protocol flavors for proxy usage SSLProxyProtocol [+|-]protocol ... SSLProxyProtocol all -SSLv3 -server config -virtual host -Options +server config virtual host +proxy section +Not applicable @@ -2036,11 +2045,10 @@ for additional information. proxy handshake SSLProxyCipherSuite cipher-spec SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP -server config -virtual host -directory -.htaccess -AuthConfig +server config virtual host +proxy section +Not applicable +

Equivalent to SSLCipherSuite, but for the proxy connection. Please refer to SSLCipherSuite @@ -2053,8 +2061,9 @@ for additional information.

Directory of PEM-encoded CA Certificates for Remote Server Auth SSLProxyCACertificatePath directory-path -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -2080,8 +2089,9 @@ SSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/ File of concatenated PEM-encoded CA Certificates for Remote Server Auth SSLProxyCACertificateFile file-path -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -2104,8 +2114,9 @@ SSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-serve Directory of PEM-encoded CA CRLs for Remote Server Auth SSLProxyCARevocationPath directory-path -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -2131,8 +2142,9 @@ SSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/ File of concatenated PEM-encoded CA CRLs for Remote Server Auth SSLProxyCARevocationFile file-path -server config -virtual host +server config virtual host +proxy section +Not applicable

@@ -2156,8 +2168,9 @@ SSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server Enable CRL-based revocation checking for Remote Server Auth SSLProxyCARevocationCheck chain|leaf|none SSLProxyCARevocationCheck none -server config -virtual host +server config virtual host +proxy section +Not applicable

diff --git a/include/ap_mmn.h b/include/ap_mmn.h index e153a5523c..340e986e33 100644 --- a/include/ap_mmn.h +++ b/include/ap_mmn.h @@ -519,6 +519,10 @@ * ap_mpm_unregister_poll_callback. Add * AP_MPMQ_CAN_POLL. * 20160315.1 (2.5.0-dev) Add AP_IMPLEMENT_OPTIONAL_HOOK_RUN_FIRST. + * 20160315.2 (2.5.0-dev) Add optional proxy_{hook,run}_section_post_config(), + * ap_proxy_connection_create_ex() and section_config + * to struct proxy_{worker,balancer} in mod_proxy.h, + * and optional ssl_engine_set() to mod_ssl.h. */ #define MODULE_MAGIC_COOKIE 0x41503235UL /* "AP25" */ @@ -526,7 +530,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20160315 #endif -#define MODULE_MAGIC_NUMBER_MINOR 1 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 2 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a -- 2.50.1