The following document was written by Robert S. Thau (email@example.com) on the
release of Apache 1.0. Some details may have changed since then regarding the
functions and names of modules, but the basic ideas are still intact.
The basic idea of the new Apache release is to make a modular
"tinkertoy" server, to which people can easily add code which is
valuable to them (even if it isn't universally useful) without hairing
up a monolithic server. Applications for this idea include database
integration, support for experimental search and scripting extensions,
new authentication modes (digest authentication, for instance, could
be done entirely as a module), and so forth. All modules have the
same interface to the server core, and through it, to each other.
In particular, the following are modules in the current code base:
common log format (other loggers can easily coexist with it), auth and
dbm auth (although both use common code in http_protocol.c to parse
the Authorization: line), directory handling (which can be added or
replaced), handling of aliases and access control, content
negotiation, CGI, includes, aliases, and so forth. (What's left in
the basic server? Not a whole lot). The configuration file commands
which configure these things are defined, for the most part, by the
modules themselves, and not by the server core (each module has, or
can have, a command dispatch table).
Besides carving up the base code into modules, this release makes a
few other fairly pervasive changes. Most of the global variables are
gone; most of the MAX_STRING_LENGTH char arrays are gone (the few that
are left being sprintf() targets, or I/O buffers of various sorts),
and unmunge_name has vanished. The most drastic change is the use of
a "compool" strategy to manage resources allocated for a request ---
the code in alloc.c keeps track of it all and allows it to be freed en
bloc at the end of the request. This strategy seems to be effective
in stanching memory and descriptor leaks.
Additional third-party modules can be found at
A brief code review:
The code here can be divided into the server core (the http_* files,
along with alloc.c and the various utility files), and several modules
(the mod_* files).
The core interfaces to modules through the "module" structure which
describes each one. There's a linked list of these things rooted at
top_module, through which http_config.c dispatches when necessary. The
module structures themselves are defined at the bottom of the mod_foo
files. (Loading new modules dynamically at runtime should be simple;
just push them onto the linked list. The only complication is what to
do with AddModule commands when the config files are reread,
particularly if you find a module has been taken out).
In addition to the core itself (which does have a module structure to
hold its command tables, and the handlers for various phases of
request handling which make it *barely* a web server on its own),
the modules included here are the following:
mod_mime.c --- deduction of MIME types and content-encodings from
filename extensions. This module defines the AddType, AddEncoding,
and TypesConfig config-file directives. This code is off in a
module by itself so that people who want to experiment with other
meta-information schemes can replace it, and still have content
mod_log_config.c --- logging in configurable or common log format.
mod_auth.c --- HTTP authentication. Defines the AuthUserFile and
AuthGroupFile directives (other auth-related commands are handled by
the core itself, so it knows which requests require it to poll the
modules for authentication handlers).
mod_auth_dbm.c --- DBM auth. Untested, and left out of the modules
list in modules.c because of that, but it does at least compile.
mod_access.c --- access checking by DNS name or IP address; defines
the "order", "allow" and "deny" config-file commands. (If this
module is compiled out, the server fails safe --- any attempt to
configure access control will die on a config file syntax error when
the relevant commands go unrecognized).
mod_negotiation.c --- Content negotiation. Defines the
CacheNegotiatedDocs config-file command. Making this a module is
perhaps going overboard, but I wanted to see how far I could push
mod_alias.c --- Alias command and file translation.
mod_userdir.c --- ditto for Userdir.
mod_cgi.c --- Common Gateway Interface. Also defines ScriptAlias,
because scripts are treated slightly differently depending on
whether they are ScriptAliased or not (in particular, ExecCGI is not
required in the former case).
mod_includes.c --- server-side includes.
mod_dir.c --- defines a whole *raft* of commands; handles directories.
mod_asis.c --- ASIS file handling.
mod_dld.c --- the experimental runtime-code-loader described above.
You'll have to alter the makefile and modules.c to make this active
if you want it.
As to the core, here's a brief review of what's where:
http_protocol.c --- functions for dealing directly with the client.
Reading requests, writing replies of various sorts. I've tried to
route all data transfer between server and client through here, so
there's a single piece of code to change if we want to add, say,
HTTP-NG packetization. The major glaring exception is NPH- CGI
scripts; what *will* we do with those for HTTP-NG?
http_request.c --- functions which direct the processing of requests,
including error handling. Generally responsible for making sure
that the right module handlers get invoked, in the right order.
(This includes the "sub-request" mechanism, which is used by
includes and other stuff to ask about the status of particular
Contains the core module structure, its command table, and the
command handlers, also the filename translation routine, and the
like for the core. (Basically, this is all of the core module stuff
which looks more or less like the boilerplate from the other modules).
http_config.c --- Functions to read config files and dispatch to the
command handlers; also, routines to manage configuration vectors,
and to dispatch to modules' handlers for the various phases of
handling a request.
http_log.c --- just the error log. Error handling is split between
http_protocol.c (for generating the default error responses) and
http_request.c (for executive handling, including ErrorDocument
invocation); transaction logging is in the modules.
http_main.c --- System startup, restart, and accepting connections;
also timeout handling (which is pretty grotesque right now; ideas?)
alloc.c --- allocation of all resources which might have to be reclaimed
eventually, including memory, files, and child processes.