Forwarded message:
> From moy@parc.xerox.com Mon Aug 21 13:05:31 1995
> Date: Mon, 21 Aug 1995 13:03:35 PDT
> Sender: Ed Moy <moy@parc.xerox.com>
> From: Edward Moy <moy@parc.xerox.com>
> X-Sender: moy@bolivar
> To: apache-bugs@apache.org
> Subject: Enhancement/fixes to apache 0.8.8
> Message-ID: <Pine.SUN.3.90.950821130036.15804A-100000@bolivar>
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> I've made some useful patches to Apache 0.8.8, which I hope you will
> included in a future release. The changes are summarized below. Then the
> context diff is attached.
>
> Edward Moy
> Xerox Palo Alto Research Center
> 3333 Coyote Hill Rd.
> Palo Alto, CA 94304
>
> moy@parc.xerox.com
>
> ----------- cut ---------------- cut ---------------- cut ------------
> Patches to Apache 0.8.8
> ------- -- ------ -----
>
> Created a new module, mod_auth_pw.c, that uses the standard getpwname() and
> getgrname() function calls. With NIS configured correctly, this accesses
> the central NIS databases. Two new commands are defined, AuthPWUser and
> AuthPWGroup.
>
> Modified all of the authentication modules, along with http_config.c, to
> allow multiple means of authentication. Thus, if one method of user
> authentication fails, it is passed to another authentication modules (e.g.,
> one can use the mod_auth_pw.c authentication and, in addition, assign
> separate user/passwords using one of the other auth modules. Also, one
> can, for instance, require password authentication using mod_auth_pw.c and
> define one's own require groups using one of the other auth modules.)
>
> Patched http_request.c to allow .htaccess to override central config files
> if OVERRIDE_CONF is defined. (In a recent netnews message, a user of
> Apache 0.6.5 converted to 0.8.8 and his .htaccess file stopped working. I
> believe defining OVERRIDE_CONF will make it work as he expects).
>
> Further, in http_request.c, overrides now always apply to the directory
> trees, so the .htacess as well as central config files can protect the
> whole directory tree.
>
> The "allow/deny from ip_address" form now can take a bit mask:
> "allow/deny from ip_address:bit_mask", where bit_mask is either
> octet style (aaa.bbb.ccc.ddd) or hexidecimal (0xnnnnnnnn). Actually, the
> bit mask is always used internally not. So if 1.2.3 is defined, a bit
> mask of 0xffffff00 is automatically used. 1.2.3:0xfffffc00 uses a
> different bit mask. (Note: the bit mask 255.255 corresponds to 0xffff0000,
> while the bit mask 0xffff is 0x0000ffff.)
>
> All functions and globals in modules (except the module structure itself)
> are declared static to avoid name conflicts and to insure modularity.
>
> util.c and util_script.c were modified to use pointers and registers rather
> than arrays for efficiency.
>
> The getparent() routine in util.c has built-in squashing of slashes (much
> like no2slash.
>
> The is_url() routing in util.c now requires that some text exist before
> the colon for it to return true.
>
> The dbmmanage script was heavily modified to support the new commands,
> addgroup (add one or more groups to an existing user), delgroup (remove
> one or more groups from an existing user), passwd (change the password of
> and existing user, keeping all groups intact) and makegroup (make a new
> group, or add to an existing group, one or more users, creating the users
> as needed).
>
> dbmmanage now uses a random salt for the password.
>
> Future possibilities (I may do them when I have the time)
> ------ -------------
>
> It might be useful to allow users to define their own error and access
> files (will still logging to the central files as well), so that they can
> see their own errors without having to come to the administrator or without
> leaving the log files readable by everyone. This might require a new
> method in the module definition.
>
> In the imap module, "ellipse" and "point" (which point is closest to the
> mouse click) would be nice types.
I put the BIG patch file in httpd/incoming/EdwardMoy_patches
[rob]
> From moy@parc.xerox.com Mon Aug 21 13:05:31 1995
> Date: Mon, 21 Aug 1995 13:03:35 PDT
> Sender: Ed Moy <moy@parc.xerox.com>
> From: Edward Moy <moy@parc.xerox.com>
> X-Sender: moy@bolivar
> To: apache-bugs@apache.org
> Subject: Enhancement/fixes to apache 0.8.8
> Message-ID: <Pine.SUN.3.90.950821130036.15804A-100000@bolivar>
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> I've made some useful patches to Apache 0.8.8, which I hope you will
> included in a future release. The changes are summarized below. Then the
> context diff is attached.
>
> Edward Moy
> Xerox Palo Alto Research Center
> 3333 Coyote Hill Rd.
> Palo Alto, CA 94304
>
> moy@parc.xerox.com
>
> ----------- cut ---------------- cut ---------------- cut ------------
> Patches to Apache 0.8.8
> ------- -- ------ -----
>
> Created a new module, mod_auth_pw.c, that uses the standard getpwname() and
> getgrname() function calls. With NIS configured correctly, this accesses
> the central NIS databases. Two new commands are defined, AuthPWUser and
> AuthPWGroup.
>
> Modified all of the authentication modules, along with http_config.c, to
> allow multiple means of authentication. Thus, if one method of user
> authentication fails, it is passed to another authentication modules (e.g.,
> one can use the mod_auth_pw.c authentication and, in addition, assign
> separate user/passwords using one of the other auth modules. Also, one
> can, for instance, require password authentication using mod_auth_pw.c and
> define one's own require groups using one of the other auth modules.)
>
> Patched http_request.c to allow .htaccess to override central config files
> if OVERRIDE_CONF is defined. (In a recent netnews message, a user of
> Apache 0.6.5 converted to 0.8.8 and his .htaccess file stopped working. I
> believe defining OVERRIDE_CONF will make it work as he expects).
>
> Further, in http_request.c, overrides now always apply to the directory
> trees, so the .htacess as well as central config files can protect the
> whole directory tree.
>
> The "allow/deny from ip_address" form now can take a bit mask:
> "allow/deny from ip_address:bit_mask", where bit_mask is either
> octet style (aaa.bbb.ccc.ddd) or hexidecimal (0xnnnnnnnn). Actually, the
> bit mask is always used internally not. So if 1.2.3 is defined, a bit
> mask of 0xffffff00 is automatically used. 1.2.3:0xfffffc00 uses a
> different bit mask. (Note: the bit mask 255.255 corresponds to 0xffff0000,
> while the bit mask 0xffff is 0x0000ffff.)
>
> All functions and globals in modules (except the module structure itself)
> are declared static to avoid name conflicts and to insure modularity.
>
> util.c and util_script.c were modified to use pointers and registers rather
> than arrays for efficiency.
>
> The getparent() routine in util.c has built-in squashing of slashes (much
> like no2slash.
>
> The is_url() routing in util.c now requires that some text exist before
> the colon for it to return true.
>
> The dbmmanage script was heavily modified to support the new commands,
> addgroup (add one or more groups to an existing user), delgroup (remove
> one or more groups from an existing user), passwd (change the password of
> and existing user, keeping all groups intact) and makegroup (make a new
> group, or add to an existing group, one or more users, creating the users
> as needed).
>
> dbmmanage now uses a random salt for the password.
>
> Future possibilities (I may do them when I have the time)
> ------ -------------
>
> It might be useful to allow users to define their own error and access
> files (will still logging to the central files as well), so that they can
> see their own errors without having to come to the administrator or without
> leaving the log files readable by everyone. This might require a new
> method in the module definition.
>
> In the imap module, "ellipse" and "point" (which point is closest to the
> mouse click) would be nice types.
I put the BIG patch file in httpd/incoming/EdwardMoy_patches
[rob]