Errata

Apache: The Definitive Guide

Errata for Apache: The Definitive Guide, Third Edition

Submit your own errata for this product.

The errata list is a list of errors and their corrections that were found after the product was released.

The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.

Color Key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update

Version Location Description Submitted by Date submitted
Printed Page 3
last footnote

The URL given is https://wwwprod1.telia.com
This may be an invalid URL. In any case, it's a broken link.

Anonymous  May 23, 2019 
Printed Page 46
The "Running Apache Under Unix" section

The following error prevented me from running apache:

"no listening sockets available, shutting down
Unable to open logs"

To fix it I had to add "Listen 80" to the httpd.conf file, not in the book.

Anonymous   
Printed Page 91
middle

it states to exercise the sales-not-vh.butterthlies.com URL but this may be sales.butterthlies.com instead. in either case we get error

either
[root@localhost sales]# ./go
(99)Cannot assign requested address: make_sock: could not bind to address 8.5.1.32:80
no listening sockets available, shutting down

or
[root@localhost sales]# ./go
(98)Address already in use: make_sock: could not bind to address 192.168.123.2:80
no listening sockets available, shutting down

please advise on correction

thanks

Anonymous  Oct 14, 2010 
Printed Page 95
Near the middle

I'm sure the problem is my own fault. Just so you know I'm running Apache 1.3.37. I
understand that when the book was published that latest stable version of Apache at that
time was 1.3.26.

On page 95 we're told to type 'go 1' as soon as I do I get the error 'Syntax error on
line 7 of /usr/www/APACHE3/site.dynamic/conf/httpd1.conf: Invalid command
'VirtualDocumentRoot', ...

I checked, and the files I'm using are the ones i downloaded from O'REIllY. The google
research I did suggested that I need Apache 1.3.7 to properly run mod_vhost_alias..

I'm just a little confused. Do i need to upgrade to 1.3.7? and if so how, or did i miss
something earlier in the book (which is most likely the case).

Anonymous   
Printed Page 101
throughout

The book does not explain the difference between AuthAuthoritative,
AuthDBAuthoritative, and AuthDBMAuthoritative. In fact, it uses the exact same text
to describe each of the three directives, including one that mentions "regardless of
the AuthAuthoritative setting" for each of the three, rather than varying that to be
"regardless of the <x> setting".

Anonymous   
Printed Page 103
"require" section

The book does not explain what "directory" and ".htaccess" options do for the require
directive.

Additionally, under file-group, you mention "The block that protects .../cgi-bin",
but there is no such block in the site.authent/conf/httpd1.conf file being discussed
at the time. Instead, that block is in httpd.conf, which is never mentioned in the
chapter.

Anonymous   
Printed Page 106
"The Config File"

This section suddenly uses two new directives, AuthDigestDomain and AuthDigestFile,
without explaining what they are. The previous section implied that AuthUserFile and
AuthGroupFile were always required when AuthType was used, but that's clearly not the
case.

Anonymous   
Printed Page 106
"The Config File"

The example in both print and electronic form uses the following directive:

AuthDigestFile /usr/www/APACHE3/ok_digest/digest_users

However, this file does not exist. The actual file is

/usr/www/APACHE3/ok_digest/sales

Anonymous   
Printed Page 353
First paragraph

The log excerpt saying "[error] malformed header from script. Bad header=suexec
running: /home/peter/public_html/badcgi.cgi" is not caused by suEXEC determining that
"rm /usr/www/victim/victim1" is unsafe but because it determines that peter doesn't
own the cgi-program or directory that contains it or some other of the 20 steps it
performs before executing a program.

Had suEXEC decided to execute the program the web-page returned would simply contain
"Content-type: text/plain" and two linebreaks. The error-log would contain an error
message from rm saying it tried but couldn't remove /usr/www/victim/victim1.

Our conclusions are based on experiments with Apache 2.0.47, but we believe it
applies to Apache 1.3 as well.

Anonymous   
Printed Page 486
The top half of the page

In the Apache 1.3 module structure, aHandlers is used for the Handler list. But then
in the Apache 2.0 RegisterHooks function, the argument to the ap_hook_handler()
function is RevealHandler, but there is no element with a value of RevealHandler in
the Apache 1.3 module structure. (Every other function argument for the functions in
RegisterHooks has a correspnding value in the 1.3 module structure.)

Anonymous   
Printed Page 496-497
Second half of page 496 onto top code section on page 497

In the Apache 1.3 module structure, aHandlers is used for the Handler list. But then
in the Apache 2.0 RegisterHooks function, the argument to the ap_hook_handler()
function is RevealHandler, but there is no element with a value of RevealHandler in
the Apache 1.3 module structure. (Every other function argument for the functions in
RegisterHooks has a correspnding value in the 1.3 module structure.)

Anonymous   
Printed Page 513-514
"Regular Expression Functions"

Type of Error: Sin of Omission.

The "Regular Expression Functions" sub-section of "Appendix: The Apache
API" fails to document the complete Apache regular expression API,
claiming that "only the functions that allocate memory are wrapped by
Apache API functions."

The following two functions can both be found in main/util.c, and

size_t ap_regerror(int errocde, const regex_t *preg, char *errbug, size_t
errbuf_size)

int ap_regexec(const regex_t *preg, const char *string, size_t nmatch,
regmatch_t pmatch[], int eflags)

ap_regexec in particular is used in modules/standard/mod_alias.c,
modules/standard/mod_include.c, modules/standard/mod_rewrite.c, and
modules/standard/mod_setenvif.c, and is worthy of mention.

A cursory find/grep seems to show that ap_regerror is never actually
used in Apache's source code.

Anonymous