#===============================================================================
#
# get the version of apache
#
./httpd -v

./apachectl -V 4

Server version: IBM_HTTP_Server/6.1.0.11 Apache/2.0.47
Server built:   Jun 28 2007 11:45:18
Build level:    IHS60/webIHS0725.02
Server's Module Magic Number: 20020903:4
Architecture:   32-bit
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D HTTPD_ROOT="/opt/IBMIHS"
 -D SUEXEC_BIN="/opt/IBMIHS/bin/suexec"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"
Apache vulnerability fixes included:
  CVE-2002-1156  CVE-2002-0840  CVE-2003-0132  CVE-2003-0134
  CVE-2003-0189  CVE-2003-0245  CVE-2003-0254  CVE-2003-0253
  CVE-2003-0192  CVE-2003-0789  CVE-2003-0542  CVE-2004-0174
  CVE-2004-0493  CVE-2004-0747  CVE-2004-0786  CVE-2004-0809
  CVE-2004-0942  CVE-2003-0020  CVE-2005-2088  CVE-2005-2728
  CVE-2005-2491  CVE-2005-2970  CVE-2005-3352  CVE-2006-3747

#===============================================================================
Apache 2.0 
A Look Under the Hood 
by Cliff Woolley 


 probably work, take a closer look or you might miss what Apache 2.0 is all about. 

WHY 2.0?

 architecture allows the administrator a good deal of flexibility, but modules aren't really able to work together. Apache 1.3 uses a separate process to handle each connection, which allows it to be extremely reliable but less scalable.

llowing them to interact in ways never before possible. In this article, we'll explore the changes under the hood that make Apache 2.0 what it is and the changes you'll have to make to your own Apache modules to make them work with 2.0. 


COMPILING THE SERVER

uild.

Configuring an Apache Build

The parameters to the ./configure script for Apache 2.0 can be separated into three broad categories: directory structure, modules, and features.

Directory Structure

The two most important parameters for configuring how you want the directories for installation laid out are --prefix and --enable-layout.

You want to start with --enable- layout. In the root of the Apache 2.0 source tree, there should be a file named config.layout. In it, there are many layout styles to choose from. For example, to use the GNU directory layout, you would do:

./configure --enable-layout=GNU

Sometimes one of the predefined layouts is close to what you want, but not quite. If you liked the Apache directory layout but wanted everything to install under www instead of /usr/local, you could type:

./configure --enable-layout=Apache --prefix=/www

You can get more customizable than that, but this should suffice for most users.

Modules

Another important set of parameters of the ./configure script relates to which Apache modules to include (see Table One).

Features

om prefork, threaded, worker, perchild, and a bunch of others. To build a preforking Apache, you'd type:

./configure --with-mpm="prefork"

PORTABILITY (THE CLEAN WAY)

be done to use them, there are really only a handful of features needed to write most portable programs, and most operating systems provide them in some form. 

t. 

.

latform has to make sacrifices to fit into the mold of another. 


ange a bit. To find these changed functions, you'll actually have to flip through the API documentation for APR; the documentation is relatively comprehensive and is being expanded all the time. It's available online at <http://apr.apache.org/>.

Table One: Modules for Apache 2.0

Environment Creation	
(+) mod_env	 Set environment variables for CGI/SSI scripts	
(+) mod_setenvif	 Set environment variables based on HTTP headers	
(Ą) mod_unique_id	 Generate unique identifiers for request	
Directory Handling	
(+) mod_dir	 Directory and directory default file handling	
(+) mod_autoindex	 Automated directory index file generation	
Access Control and Authentication	
(+) mod_access	 Access Control (user, host, network)	
(+) mod_auth	 HTTP Basic Authentication (user, passwd)	
(Ą) mod_auth_dbm	 HTTP Basic Authentication via Unix NDBM files	
(Ą) mod_auth_db	 HTTP Basic Authentication via Berkeley-DB files	
(Ą) mod_auth_anon	 HTTP Basic Authentication for Anonymous-style users	
(Ą) mod_digest	 HTTP Digest Authentication	
HTTP response	
(Ą) mod_headers	 Arbitrary HTTP response headers (configured)	
(Ą) mod_cern_meta	 Arbitrary HTTP response headers (CERN-style files)	
Ą) mod_expires	 Expires HTTP responses 	
(+) mod_asis	 Raw HTTP responses	
Content Type Decisions	
(+) mod_mime	 Content type/encoding determination (configured)	
(Ą) mod_mime_magic	 Content type/encoding determination (automatic)	
(+) mod_negotiation	 Content selection based on the HTTP Accept* headers	
Cache	
(Ą) mod_file_cache 	Caching of open handles to frequently served pages	
Scripting	
(+) mod_include	 Server Side Includes (SSI) support 	
(+) mod_cgi	 Common Gateway Interface (CGI) support	
(+) mod_cgid	 Common Gateway Interface (CGI) support for multi-threaded MPMs	
(+) mod_actions 	Map CGI scripts to act as internal `handlers'	
Internal Content Handlers	
(+) mod_status	 Content handler for server run-time status	
(Ą) mod_info	 Content handler for server configuration summary	
Request Logging	
(+) mod_log_config	 Customizable logging of requests	
(Ą) mod_usertrack 	Logging of user click-trails via HTTP Cookies	
Content Management	
(Ą) mod_dav	 WebDAV (RFC 2518) support for Apache	
(Ą) mod_dav_fs	 mod_dav backend to managing filesystem content	
SSL	
(Ą) mod_ssl 	SSL/TLS encryption support	
Miscellaneous	
(+) mod_imap	 Server-side Image Map support	
(Ą) mod_proxy	 Caching Proxy Module (HTTP, HTTPS, FTP)	
(Ą) mod_so	 Dynamic Shared Object (DSO) bootstrapping	
Development	
(Ą) mod_example	 Apache API demonstration (developers only)	
URL Mapping	
(+) mod_alias	 Simple URL translation and redirection	
(Ą) mod_rewrite	 Advanced URL translation and redirection	
(+) mod_userdir	 Selection of resource directories by username	
(Ą) mod_spelling	 Correction of misspelled URLs	
(Ą) mod_vhost_alias	 Dynamically configured mass virtual hosting	

let you rerun ./configure with all the same parameters you used the last time. 

tication modules) might work under multiple protocols, it is useful to have modules split out into separate directories based on their purpose. So under the modules/ directory, you will now find subdirectories. 


ACHIEVING SCALABILITY

equests can eat up a relatively large amount of system resources, particularly memory.

Apache Figure 1 <http://www.linux-mag.com/2002-01/img2/apache_04.jpg> 

tailored to a particular platform to take advantage of low-level process-management or service-management features of the OS that just don't quite fit well into APR (see Figure One, . 

ds and in the choice of a constant or variable number of these worker threads in each process. It's also quite likely that third-party vendors will write custom MPMs for Apache 2.0 to implement proprietary performance enhancements.

ng connection before they can realize they need to terminate. 

hreads as they become available. The perchild MPM throws away all preconceived notions of how connections should be handled. It uses a fixed number of processes with a variable number of threads per process to handle connections. 

t for PHP and SSI pages and other module-generated responses as well. That's sure to be a useful feature for ISPs and other hosting services.


ACHIEVING SCALABILITY

FILTERED I/O

decision of which filters to insert in the stack can happen at request time. 

n strung together into a list called a brigade. Individual buckets in a brigade can be split up, copied, rearranged, inserted, and deleted, without ever copying their contents around in memory. 

the next filter in the stack.

Apache Figure 2 <http://www.linux-mag.com/2002-01/img2/apache_05.jpg> 

the HTTP filter, for example. 

Apache Figure 3 <http://www.linux-mag.com/2002-01/img2/apache_06.jpg> 

ter," which is responsible for dumping the data out to the network in the most efficient manner possible. 

n't both participate in the request-handling process. 

INTER-MODULE COOPERATION

as quite a headache in 1.3. To fill this void, two extra mechanisms were added to 2.0 -- hooks and optional functions. 

which the modules were loaded into the server. Now the set of callback functions associated with each hook can be ordered independently, and the modules can take care of this ordering on their own without the intervention of the administrator.

gistered, retrieving a pointer to it if so. 

 looking up mod_include's optional function for tag registration. So any module can now define its own SSI tags without having to re-implement the parsing engine, a level of cooperation that was not feasible in version 1.3.

FUTURE DIRECTIONS 

throw out ideas for things that would be nice to have in versions beyond 2.0; more tightly tuned performance is certainly a goal for 2.1. 

ing model, have also been proposed, though changes of that magnitude are likely more distant than 2.1. 

will be found!

  _____  

Cliff Woolley is a graduate student in computer science and a developer on the Apache HTTP Server and Apache Portable Runtime projects. He can be reached at jwoolley@apache.org <mailto:jwoolley@apache.org> 

#===============================================================================