[thirdparty/squid.git] / src / SquidConfig.h

/*
 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_

#include "acl/forward.h"
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#if USE_DELAY_POOLS
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#endif
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#if USE_DELAY_POOLS
#include "MessageDelayPools.h"
#endif
#include "Notes.h"
#include "security/forward.h"
#include "SquidTime.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/Disk.h"
#include "store/forward.h"

#include <chrono>

#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr
class CachePeer;
class CustomLog;
class CpuAffinityMap;
class DebugMessages;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;
class HttpUpgradeProtocolAccess;

namespace AnyP
{
class PortCfg;
}

namespace Store {
class DiskConfig {
public:
    DiskConfig() { assert(swapDirs == nullptr); }
    ~DiskConfig() { delete[] swapDirs; }

    RefCount<SwapDir> *swapDirs = nullptr;
    int n_allocated = 0;
    int n_configured = 0;
    /// number of disk processes required to support all cache_dirs
    int n_strands = 0;
};
#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    YesNoNone shmLocking; ///< shared_memory_locking
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;
    time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t ftpClientIdle;
        time_t pconnLifetime; ///< pconn_lifetime in squid.conf
        time_t siteSelect;
        time_t deadPeer;
        time_t request_start_timeout;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
        time_t urlRewrite;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        Security::KeyLog *tlsKeys; ///< one optional tls_key_log
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    Helper::ChildConfig redirectChildren;
    Helper::ChildConfig storeIdChildren;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    wordlist *hostnameAliases;
    char *errHtmlText;

    struct {
        char *host;
        char *file;
        time_t period;
        unsigned short port;
    } Announce;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        // TODO: this should really be a CIDR value
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *mcast_group_list;
    CachePeer *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int announce;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int vary_ignore_expire;
        int surrogate_is_remote;
        int detect_broken_server_pconns;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
#if USE_OPENSSL
        bool logTlsServerHelloDetails;
#endif
    } onoff;

    int64_t shared_transient_entries_limit;

    int pipeline_max_prefetch;

    // these values are actually unsigned
    // TODO: extend the parser to support more nuanced types
    int forward_max_tries;
    int connect_retries;

    std::chrono::nanoseconds paranoid_hit_validation;

    class ACL *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        Acl::Address *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// acceptable PROXY protocol clients
        acl_access *proxyProtocol;

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
        acl_access *on_unsupported_protocol;

        acl_access *ftp_epsv;

        acl_access *forceRequestBodyContinuation;
        acl_access *serverPconnForNonretriable;
        acl_access *collapsedForwardingAccess;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    Store::DiskConfig cacheSwap;

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
    MessageDelayConfig MessageDelay;
#endif

    struct {
        struct {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM

    struct {

        Ip::Address addr;
        int ttl;
        unsigned short port;
        char *encode_key;
    } mcast_miss;
#endif

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///reply_header_add access list
    HeaderWithAclList *reply_header_add;
    /// http_upgrade_request_protocols
    HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
        char *certSignHash;
    } SSL;
#endif

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

    struct {
        Security::ContextPointer sslContext;
#if USE_OPENSSL
        char *foreignIntermediateCertsPath;
        acl_access *cert_error;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
#endif
    } ssl_client;

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    wordlist *loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    struct UrlHelperTimeout {
        int action;
        char *response;
    } onUrlRewriteTimeout;

    char *storeId_extras;

    struct {
        SBufList nameservers;
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;

    struct {
        int connect_limit;
        int connect_gap;
        int connect_timeout;
    } happyEyeballs;

    DebugMessages *debugMessages; ///< cache_log_message
};

extern SquidConfig Config;

class SquidConfig2
{
public:
    void clear() {
        *this = SquidConfig2();
    }

    struct {
        int enable_purge = 0;
    } onoff;
    uid_t effectiveUserID = 0;
    gid_t effectiveGroupID = 0;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SQUIDCONFIG_H_ */
Commit	Line	Data
4d5904f7	1	/*
bf95c10a	2	* Copyright (C) 1996-2022 The Squid Software Foundation and contributors
4d5904f7	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
4d5904f7 FC	7	*/
4d5904f7 FC	8
bbc27441 AJ	9	#ifndef SQUID_SQUIDCONFIG_H_
	10	#define SQUID_SQUIDCONFIG_H_
	11
6f58d7d7	12	#include "acl/forward.h"
8bf217bd	13	#include "base/RefCount.h"
c50b35b5	14	#include "base/YesNoNone.h"
b27668ec	15	#if USE_DELAY_POOLS
4d5904f7 FC	16	#include "ClientDelayConfig.h"
4d5904f7 FC	17	#include "DelayConfig.h"
b27668ec	18	#endif
76d9b994	19	#include "helper/ChildConfig.h"
4d5904f7	20	#include "HttpHeaderTools.h"
4d5904f7	21	#include "ip/Address.h"
b27668ec EB	22	#if USE_DELAY_POOLS
	23	#include "MessageDelayPools.h"
	24	#endif
d7f4a0b7	25	#include "Notes.h"
a465e144	26	#include "security/forward.h"
6ebc477d	27	#include "SquidTime.h"
866be11c CT	28	#if USE_OPENSSL
	29	#include "ssl/support.h"
	30	#endif
b56b37cf	31	#include "store/Disk.h"
e69ca1f1	32	#include "store/forward.h"
4d5904f7	33
b2aca62a EB	34	#include <chrono>
b2aca62a EB	35
cb4f4424	36	#if USE_OPENSSL
d9c7489e FC	37	class sslproxy_cert_sign;
d9c7489e FC	38	class sslproxy_cert_adapt;
a011edee FC	39	#endif
a011edee FC	40
e4a14600 A	41	namespace Mgr
e4a14600 A	42	{
613924ee FC	43	class ActionPasswordList;
613924ee FC	44	} // namespace Mgr
7a5b5df7	45	class CachePeer;
613924ee	46	class CustomLog;
c6983ec7	47	class CpuAffinityMap;
c59baaa8	48	class DebugMessages;
613924ee	49	class external_acl;
4d5904f7	50	class HeaderManglers;
8d9a8184	51	class RefreshPattern;
4d5904f7	52	class RemovalPolicySettings;
1c2b4465	53	class HttpUpgradeProtocolAccess;
4d5904f7	54
e4a14600 A	55	namespace AnyP
e4a14600 A	56	{
4d5904f7 FC	57	class PortCfg;
	58	}
	59
2745fea5 AR	60	namespace Store {
	61	class DiskConfig {
	62	public:
b56b37cf AJ	63	DiskConfig() { assert(swapDirs == nullptr); }
	64	~DiskConfig() { delete[] swapDirs; }
	65
	66	RefCount<SwapDir> *swapDirs = nullptr;
	67	int n_allocated = 0;
	68	int n_configured = 0;
2745fea5	69	/// number of disk processes required to support all cache_dirs
b56b37cf	70	int n_strands = 0;
2745fea5 AR	71	};
	72	#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
	73	}
	74
001d55dc	75	/// the representation of the configuration. POD.
1b2f0924 FC	76	class SquidConfig
1b2f0924 FC	77	{
4d5904f7 FC	78	public:
	79	struct {
	80	/* These should be for the Store::Root instance.
	81	* this needs pluggable parsing to be done smoothly.
	82	*/
	83	int highWaterMark;
	84	int lowWaterMark;
	85	} Swap;
	86
	87	YesNoNone memShared; ///< whether the memory cache is shared among workers
c756d517	88	YesNoNone shmLocking; ///< shared_memory_locking
4d5904f7 FC	89	size_t memMaxSize;
	90
	91	struct {
	92	int64_t min;
	93	int pct;
	94	int64_t max;
	95	} quickAbort;
	96	int64_t readAheadGap;
	97	RemovalPolicySettings *replPolicy;
	98	RemovalPolicySettings *memPolicy;
	99	#if USE_HTTP_VIOLATIONS
	100	time_t negativeTtl;
	101	#endif
	102	time_t maxStale;
	103	time_t negativeDnsTtl;
	104	time_t positiveDnsTtl;
	105	time_t shutdownLifetime;
	106	time_t backgroundPingRate;
00e2479d	107	time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay
4d5904f7 FC	108
	109	struct {
	110	time_t read;
	111	time_t write;
	112	time_t lifetime;
	113	time_t connect;
	114	time_t forward;
	115	time_t peer_connect;
	116	time_t request;
	117	time_t clientIdlePconn;
	118	time_t serverIdlePconn;
f6e8754a	119	time_t ftpClientIdle;
c5c06f02	120	time_t pconnLifetime; ///< pconn_lifetime in squid.conf
4d5904f7 FC	121	time_t siteSelect;
4d5904f7 FC	122	time_t deadPeer;
3248e962	123	time_t request_start_timeout;
4d5904f7 FC	124	int icp_query; /* msec */
	125	int icp_query_max; /* msec */
	126	int icp_query_min; /* msec */
	127	int mcast_icp_query; /* msec */
4d5904f7 FC	128	time_msec_t idns_retransmit;
4d5904f7 FC	129	time_msec_t idns_query;
32fd6d8a	130	time_t urlRewrite;
4d5904f7 FC	131	} Timeout;
	132	size_t maxRequestHeaderSize;
	133	int64_t maxRequestBodySize;
4d5904f7 FC	134	size_t maxRequestBufferSize;
4d5904f7 FC	135	size_t maxReplyHeaderSize;
1328cfb7	136	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	137
	138	struct {
	139	unsigned short icp;
	140	#if USE_HTCP
	141
	142	unsigned short htcp;
	143	#endif
	144	#if SQUID_SNMP
	145
	146	unsigned short snmp;
	147	#endif
	148	} Port;
	149
4d5904f7 FC	150	#if SQUID_SNMP
	151
	152	struct {
	153	char *configFile;
	154	char *agentInfo;
	155	} Snmp;
	156	#endif
	157	#if USE_WCCP
	158
	159	struct {
	160	Ip::Address router;
	161	Ip::Address address;
	162	int version;
	163	} Wccp;
	164	#endif
	165	#if USE_WCCPv2
	166
	167	struct {
	168	Ip::Address_list *router;
	169	Ip::Address address;
	170	int forwarding_method;
	171	int return_method;
	172	int assignment_method;
	173	int weight;
	174	int rebuildwait;
	175	void *info;
	176	} Wccp2;
	177	#endif
	178
4d5904f7 FC	179	char *as_whois_server;
	180
	181	struct {
	182	char *store;
	183	char *swap;
87ddff6e	184	CustomLog *accesslogs;
4d5904f7	185	#if ICAP_CLIENT
87ddff6e	186	CustomLog *icaplogs;
4d5904f7	187	#endif
e227da8d	188	Security::KeyLog *tlsKeys; ///< one optional tls_key_log
4d5904f7 FC	189	int rotateNumber;
	190	} Log;
	191	char *adminEmail;
	192	char *EmailFrom;
	193	char *EmailProgram;
	194	char *effectiveUser;
	195	char *visible_appname_string;
	196	char *effectiveGroup;
	197
	198	struct {
4d5904f7	199	wordlist *redirect;
a8a0b1c2	200	wordlist *store_id;
4d5904f7 FC	201	#if USE_UNLINKD
	202
	203	char *unlinkd;
	204	#endif
	205
	206	char *diskd;
cb4f4424	207	#if USE_OPENSSL
4d5904f7 FC	208
	209	char *ssl_password;
	210	#endif
	211
	212	} Program;
4d5904f7	213
76d9b994 AJ	214	Helper::ChildConfig redirectChildren;
76d9b994 AJ	215	Helper::ChildConfig storeIdChildren;
4d5904f7 FC	216
	217	struct {
	218	char *surrogate_id;
	219	} Accel;
	220	char *appendDomain;
	221	size_t appendDomainLen;
	222	char *pidFilename;
	223	char *netdbFilename;
	224	char *mimeTablePathname;
	225	char *etcHostsPath;
	226	char *visibleHostname;
	227	char *uniqueHostname;
	228	wordlist *hostnameAliases;
	229	char *errHtmlText;
	230
	231	struct {
	232	char *host;
	233	char *file;
	234	time_t period;
	235	unsigned short port;
	236	} Announce;
	237
	238	struct {
	239
	240	Ip::Address udp_incoming;
	241	Ip::Address udp_outgoing;
	242	#if SQUID_SNMP
	243	Ip::Address snmp_incoming;
	244	Ip::Address snmp_outgoing;
	245	#endif
9837567d	246	// TODO: this should really be a CIDR value
4d5904f7 FC	247	Ip::Address client_netmask;
	248	} Addrs;
	249	size_t tcpRcvBufsz;
	250	size_t udpMaxHitObjsz;
4d5904f7	251	wordlist *mcast_group_list;
a3c6762c	252	CachePeer *peers;
4d5904f7 FC	253	int npeers;
	254
	255	struct {
	256	int size;
	257	int low;
	258	int high;
	259	} ipcache;
	260
	261	struct {
	262	int size;
	263	} fqdncache;
	264	int minDirectHops;
	265	int minDirectRtt;
613924ee	266	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	267
	268	struct {
	269	int objectsPerBucket;
	270	int64_t avgObjectSize;
	271	int64_t maxObjectSize;
	272	int64_t minObjectSize;
	273	size_t maxInMemObjSize;
	274	} Store;
	275
	276	struct {
	277	int high;
	278	int low;
	279	time_t period;
	280	} Netdb;
	281
	282	struct {
	283	int log_udp;
	284	int res_defnames;
	285	int anonymizer;
	286	int client_db;
	287	int query_icmp;
	288	int icp_hit_stale;
	289	int buffered_logs;
	290	int common_log;
	291	int log_mime_hdrs;
4d5904f7 FC	292	int announce;
	293	int mem_pools;
	294	int test_reachability;
	295	int half_closed_clients;
	296	int refresh_all_ims;
	297	#if USE_HTTP_VIOLATIONS
	298
	299	int reload_into_ims;
	300	#endif
	301
	302	int offline;
	303	int redir_rewrites_host;
	304	int prefer_direct;
	305	int nonhierarchical_direct;
	306	int strip_query_terms;
	307	int redirector_bypass;
a8a0b1c2	308	int store_id_bypass;
4d5904f7 FC	309	int ignore_unknown_nameservers;
	310	int client_pconns;
	311	int server_pconns;
	312	int error_pconns;
	313	#if USE_CACHE_DIGESTS
	314
	315	int digest_generation;
	316	#endif
	317
4d5904f7	318	int vary_ignore_expire;
4d5904f7	319	int surrogate_is_remote;
4d5904f7	320	int detect_broken_server_pconns;
4d5904f7 FC	321	int relaxed_header_parser;
	322	int check_hostnames;
	323	int allow_underscore;
	324	int via;
96598f93	325	int cache_miss_revalidate;
4d5904f7 FC	326	int emailErrData;
	327	int httpd_suppress_version_string;
	328	int global_internal_static;
55eae904	329	int collapsed_forwarding;
4d5904f7 FC	330
	331	#if FOLLOW_X_FORWARDED_FOR
	332	int acl_uses_indirect_client;
	333	int delay_pool_uses_indirect_client;
	334	int log_uses_indirect_client;
	335	#if LINUX_NETFILTER
	336	int tproxy_uses_indirect_client;
	337	#endif
	338	#endif /* FOLLOW_X_FORWARDED_FOR */
	339
	340	int WIN32_IpAddrChangeMonitor;
	341	int memory_cache_first;
	342	int memory_cache_disk;
	343	int hostStrictVerify;
	344	int client_dst_passthru;
bce61b00	345	int dns_mdns;
2bcab852 CT	346	#if USE_OPENSSL
	347	bool logTlsServerHelloDetails;
	348	#endif
4d5904f7 FC	349	} onoff;
4d5904f7 FC	350
daed75a9	351	int64_t shared_transient_entries_limit;
8f7dbf74	352
079a8480 AJ	353	int pipeline_max_prefetch;
079a8480 AJ	354
8b082ed9 FC	355	// these values are actually unsigned
8b082ed9 FC	356	// TODO: extend the parser to support more nuanced types
4d5904f7 FC	357	int forward_max_tries;
	358	int connect_retries;
	359
b2aca62a EB	360	std::chrono::nanoseconds paranoid_hit_validation;
b2aca62a EB	361
4d5904f7 FC	362	class ACL *aclList;
	363
	364	struct {
	365	acl_access *http;
	366	acl_access *adapted_http;
	367	acl_access *icp;
	368	acl_access *miss;
	369	acl_access *NeverDirect;
	370	acl_access *AlwaysDirect;
	371	acl_access *ASlists;
	372	acl_access *noCache;
70706149 AR	373	acl_access *sendHit;
70706149 AR	374	acl_access *storeMiss;
8ebad780	375	acl_access *stats_collection;
4d5904f7 FC	376	#if SQUID_SNMP
	377
	378	acl_access *snmp;
	379	#endif
	380	#if USE_HTTP_VIOLATIONS
	381	acl_access *brokenPosts;
	382	#endif
	383	acl_access *redirector;
a8a0b1c2	384	acl_access *store_id;
4d5904f7	385	acl_access *reply;
289848ca	386	Acl::Address *outgoing_address;
4d5904f7 FC	387	#if USE_HTCP
	388
	389	acl_access *htcp;
	390	acl_access *htcp_clr;
	391	#endif
	392
cb4f4424	393	#if USE_OPENSSL
4d5904f7 FC	394	acl_access *ssl_bump;
4d5904f7 FC	395	#endif
33b24cf0	396	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	397	acl_access *followXFF;
33b24cf0	398	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	399
2f8abb64	400	/// acceptable PROXY protocol clients
d3d92daa AJ	401	acl_access *proxyProtocol;
d3d92daa AJ	402
0d901ef4 SH	403	/// spoof_client_ip squid.conf acl.
	404	/// nil unless configured
	405	acl_access* spoof_client_ip;
3248e962	406	acl_access *on_unsupported_protocol;
ddf5aa2b CT	407
ddf5aa2b CT	408	acl_access *ftp_epsv;
ec69bdb2 CT	409
ec69bdb2 CT	410	acl_access *forceRequestBodyContinuation;
afc753f3	411	acl_access *serverPconnForNonretriable;
819be284	412	acl_access *collapsedForwardingAccess;
4d5904f7	413	} accessList;
7f0b3324	414	AclDenyInfoList *denyInfoList;
4d5904f7 FC	415
	416	struct {
	417	size_t list_width;
	418	int list_wrap;
	419	char *anon_user;
	420	int passive;
	421	int epsv_all;
	422	int epsv;
	423	int eprt;
	424	int sanitycheck;
	425	int telnet;
	426	} Ftp;
8d9a8184	427	RefreshPattern *Refresh;
4d5904f7	428
2745fea5	429	Store::DiskConfig cacheSwap;
4d5904f7 FC	430
	431	struct {
	432	char *directory;
	433	int use_short_names;
	434	} icons;
	435	char *errorDirectory;
	436	#if USE_ERR_LOCALES
	437	char *errorDefaultLanguage;
	438	int errorLogMissingLanguages;
	439	#endif
	440	char *errorStylesheet;
	441
	442	struct {
	443	int onerror;
	444	} retry;
	445
	446	struct {
	447	int64_t limit;
	448	} MemPools;
	449	#if USE_DELAY_POOLS
	450
	451	DelayConfig Delay;
	452	ClientDelayConfig ClientDelay;
b27668ec	453	MessageDelayConfig MessageDelay;
4d5904f7 FC	454	#endif
	455
	456	struct {
	457	struct {
	458	int average;
	459	int min_poll;
	460	} dns, udp, tcp;
	461	} comm_incoming;
	462	int max_open_disk_fds;
	463	int uri_whitespace;
1328cfb7	464	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	465	#if MULTICAST_MISS_STREAM
	466
	467	struct {
	468
	469	Ip::Address addr;
	470	int ttl;
	471	unsigned short port;
	472	char *encode_key;
	473	} mcast_miss;
	474	#endif
	475
	476	/// request_header_access and request_header_replace
	477	HeaderManglers *request_header_access;
	478	/// reply_header_access and reply_header_replace
	479	HeaderManglers *reply_header_access;
	480	///request_header_add access list
	481	HeaderWithAclList *request_header_add;
cde8f31b NH	482	///reply_header_add access list
cde8f31b NH	483	HeaderWithAclList *reply_header_add;
1c2b4465 CT	484	/// http_upgrade_request_protocols
1c2b4465 CT	485	HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
d7f4a0b7 CT	486	///note
d7f4a0b7 CT	487	Notes notes;
4d5904f7 FC	488	char *coredump_dir;
	489	char *chroot_dir;
	490	#if USE_CACHE_DIGESTS
	491
	492	struct {
	493	int bits_per_entry;
	494	time_t rebuild_period;
	495	time_t rewrite_period;
	496	size_t swapout_chunk_size;
	497	int rebuild_chunk_percentage;
	498	} digest;
	499	#endif
cb4f4424	500	#if USE_OPENSSL
4d5904f7 FC	501
	502	struct {
	503	int unclean_shutdown;
	504	char *ssl_engine;
10a69fc0 CT	505	int session_ttl;
10a69fc0 CT	506	size_t sessionCacheSize;
3c26b00a	507	char *certSignHash;
4d5904f7 FC	508	} SSL;
	509	#endif
	510
4d5904f7 FC	511	struct {
	512	int high_rptm;
	513	int high_pf;
	514	size_t high_memory;
	515	} warnings;
	516	char *store_dir_select_algorithm;
	517	int sleep_after_fork; /* microseconds */
	518	time_t minimum_expiry_time; /* seconds */
	519	external_acl *externalAclHelperList;
	520
4d5904f7	521	struct {
900daee3	522	Security::ContextPointer sslContext;
a465e144	523	#if USE_OPENSSL
866be11c	524	char *foreignIntermediateCertsPath;
4d5904f7	525	acl_access *cert_error;
4d5904f7 FC	526	sslproxy_cert_sign *cert_sign;
4d5904f7 FC	527	sslproxy_cert_adapt *cert_adapt;
4d5904f7	528	#endif
a465e144	529	} ssl_client;
4d5904f7 FC	530
	531	char *accept_filter;
	532	int umask;
	533	int max_filedescriptors;
	534	int workers;
	535	CpuAffinityMap *cpuAffinityMap;
	536
	537	#if USE_LOADABLE_MODULES
	538	wordlist *loadable_module_names;
	539	#endif
	540
	541	int client_ip_max_connections;
	542
b11724bb CT	543	char *redirector_extras;
b11724bb CT	544
ced8def3	545	struct UrlHelperTimeout {
32fd6d8a CT	546	int action;
	547	char *response;
	548	} onUrlRewriteTimeout;
	549
b11724bb CT	550	char *storeId_extras;
b11724bb CT	551
4d5904f7	552	struct {
5a1098fb	553	SBufList nameservers;
4d5904f7 FC	554	int v4_first; ///< Place IPv4 first in the order of DNS results.
	555	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	556	} dns;
55622953 CT	557
	558	struct {
	559	int connect_limit;
	560	int connect_gap;
	561	int connect_timeout;
	562	} happyEyeballs;
c59baaa8 EB	563
c59baaa8 EB	564	DebugMessages *debugMessages; ///< cache_log_message
4d5904f7 FC	565	};
	566
	567	extern SquidConfig Config;
	568
5fed1735 AJ	569	class SquidConfig2
	570	{
	571	public:
871cbc7d AJ	572	void clear() {
	573	*this = SquidConfig2();
	574	}
	575
7957fca1	576	struct {
871cbc7d	577	int enable_purge = 0;
7957fca1	578	} onoff;
871cbc7d AJ	579	uid_t effectiveUserID = 0;
871cbc7d AJ	580	gid_t effectiveGroupID = 0;
7957fca1 FC	581	};
	582
	583	extern SquidConfig2 Config2;
	584
4d5904f7	585	#endif /* SQUID_SQUIDCONFIG_H_ */
f53969cc	586