Update transforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1054456 13f79535-47bb-0310-9956-ffa450edef68

4 files changed, 42 insertions, 12 deletions

diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en
index 91c64ccfaf..7bfe45499a 100644
--- a/docs/manual/mod/core.html.en
+++ b/docs/manual/mod/core.html.en
@@ -3884,8 +3884,7 @@ port</td></tr>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="UseCanonicalPhysicalPort" id="UseCanonicalPhysicalPort">UseCanonicalPhysicalPort</a> <a name="usecanonicalphysicalport" id="usecanonicalphysicalport">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures how the server determines its own name and
-port</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures how the server determines its own port</td></tr>
 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>UseCanonicalPhysicalPort On|Off</code></td></tr>
 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>UseCanonicalPhysicalPort Off</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
@@ -3903,20 +3902,27 @@ port</td></tr>
     relying on all configured information to construct a valid port number.</p>
 
     <div class="note"><h3>Note</h3>
-    <p>The ordering of when the physical port is used is as follows:<br /><br />
-     <code>UseCanonicalName On</code></p>
-     <ul>
-      <li>Port provided in <code>Servername</code></li>
+    <p>The ordering of the lookup when the physical port is used is as
+    follows:</p>
+     <dl>
+     <dt><code>UseCanonicalName On</code></dt>
+     <dd>
+     <ol>
+      <li>Port provided in <code class="directive"><a href="#servername">Servername</a></code></li>
       <li>Physical port</li>
       <li>Default port</li>
-     </ul>
-     <code>UseCanonicalName Off | DNS</code>
-     <ul>
+     </ol>
+     </dd>
+     <dt><code>UseCanonicalName Off | DNS</code></dt>
+     <dd>
+     <ol>
       <li>Parsed port from <code>Host:</code> header</li>
       <li>Physical port</li>
-      <li>Port provided in <code>Servername</code></li>
+      <li>Port provided in <code class="directive"><a href="#servername">Servername</a></code></li>
       <li>Default port</li>
-     </ul>
+     </ol>
+     </dd>
+     </dl>
 
     <p>With <code>UseCanonicalPhysicalPort Off</code>, the
     physical ports are removed from the ordering.</p>
diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en
index a042e17658..9206413ff7 100644
--- a/docs/manual/mod/mod_ssl.html.en
+++ b/docs/manual/mod/mod_ssl.html.en
@@ -159,6 +159,10 @@ attribute.  For example, where the server certificate subject DN
 included two OU fields, <code>SSL_SERVER_S_DN_OU_0</code> and
 <code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.</p>
 
+<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
+2.3.11. See the <code>LegacyDNStringFormat</code> option for
+<code class="directive"><a href="#ssloptions">SSLOptions</a></code> for details.</p>
+
 <p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
 and later.</p>
 
@@ -964,6 +968,21 @@ The available <em>option</em>s are:</p>
     checks sometimes maybe not what the user expects, so enable this on a
     per-directory basis only, please.</p>
 </li>
+<li><code>LegacyDNStringFormat</code>
+    <p>
+    This option influences how values of the
+    <code>SSL_{CLIENT,SERVER}_{I,S}_DN</code> variables are formatted. Since
+    version 2.3.11, Apache HTTPD uses a RFC 2253 compatible format by
+    default. This uses commas as delimiters between the attributes, allows the
+    use of non-ASCII characters (which are converted to UTF8), escapes
+    various special characters with backslashes, and sorts the attributes
+    with the "C" attribute last.</p>
+
+    <p>If <code>LegacyDNStringFormat</code> is set, the old format will be
+    used which sorts the "C" attribute first, uses slashes as separators, and
+    does not handle non-ASCII and special characters in any consistent way.
+    </p>
+</li>
 </ul>
 <div class="example"><h3>Example</h3><p><code>
 SSLOptions +FakeBasicAuth -StrictRequire<br />
diff --git a/docs/manual/upgrading.html.en b/docs/manual/upgrading.html.en
index a49935a2b9..d30eecd979 100644
--- a/docs/manual/upgrading.html.en
+++ b/docs/manual/upgrading.html.en
@@ -225,6 +225,11 @@
       <li><code class="module"><a href="./mod/mod_auto_index.html">mod_auto_index</a></code>: will now extract titles and
       display descriptions for .xhtml files, which were previously
       ignored.</li>
+
+      <li><code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>: The default format of the <code>*_DN</code>
+      variables has changed. The old format can still be used with the new
+      <code>LegacyDNStringFormat</code> argument to <code class="directive"><a href="./mod/mod_ssl.html#ssloptions">SSLOptions</a></code>.</li>
+
       <li><code class="program"><a href="./programs/htpasswd.html">htpasswd</a></code> now uses MD5 hash by default on
       all platforms.</li>
 
diff --git a/docs/manual/upgrading.xml.fr b/docs/manual/upgrading.xml.fr
index b5b2192699..a0a1a71717 100644
--- a/docs/manual/upgrading.xml.fr
+++ b/docs/manual/upgrading.xml.fr
@@ -3,7 +3,7 @@
 <?xml-stylesheet type="text/xsl" href="./style/manual.fr.xsl"?>
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->
-<!-- English Revision: 1043126:1053231 (outdated) -->
+<!-- English Revision: 1043126:1054323 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more