]>
Commit | Line | Data |
---|---|---|
4d5904f7 | 1 | /* |
bf95c10a | 2 | * Copyright (C) 1996-2022 The Squid Software Foundation and contributors |
4d5904f7 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
4d5904f7 FC |
7 | */ |
8 | ||
bbc27441 AJ |
9 | #ifndef SQUID_SQUIDCONFIG_H_ |
10 | #define SQUID_SQUIDCONFIG_H_ | |
11 | ||
6f58d7d7 | 12 | #include "acl/forward.h" |
8bf217bd | 13 | #include "base/RefCount.h" |
c50b35b5 | 14 | #include "base/YesNoNone.h" |
b27668ec | 15 | #if USE_DELAY_POOLS |
4d5904f7 FC |
16 | #include "ClientDelayConfig.h" |
17 | #include "DelayConfig.h" | |
b27668ec | 18 | #endif |
76d9b994 | 19 | #include "helper/ChildConfig.h" |
4d5904f7 | 20 | #include "HttpHeaderTools.h" |
4d5904f7 | 21 | #include "ip/Address.h" |
b27668ec EB |
22 | #if USE_DELAY_POOLS |
23 | #include "MessageDelayPools.h" | |
24 | #endif | |
d7f4a0b7 | 25 | #include "Notes.h" |
a465e144 | 26 | #include "security/forward.h" |
6ebc477d | 27 | #include "SquidTime.h" |
866be11c CT |
28 | #if USE_OPENSSL |
29 | #include "ssl/support.h" | |
30 | #endif | |
b56b37cf | 31 | #include "store/Disk.h" |
e69ca1f1 | 32 | #include "store/forward.h" |
4d5904f7 | 33 | |
b2aca62a EB |
34 | #include <chrono> |
35 | ||
cb4f4424 | 36 | #if USE_OPENSSL |
d9c7489e FC |
37 | class sslproxy_cert_sign; |
38 | class sslproxy_cert_adapt; | |
a011edee FC |
39 | #endif |
40 | ||
e4a14600 A |
41 | namespace Mgr |
42 | { | |
613924ee FC |
43 | class ActionPasswordList; |
44 | } // namespace Mgr | |
7a5b5df7 | 45 | class CachePeer; |
613924ee | 46 | class CustomLog; |
c6983ec7 | 47 | class CpuAffinityMap; |
c59baaa8 | 48 | class DebugMessages; |
613924ee | 49 | class external_acl; |
4d5904f7 | 50 | class HeaderManglers; |
8d9a8184 | 51 | class RefreshPattern; |
4d5904f7 | 52 | class RemovalPolicySettings; |
1c2b4465 | 53 | class HttpUpgradeProtocolAccess; |
4d5904f7 | 54 | |
e4a14600 A |
55 | namespace AnyP |
56 | { | |
4d5904f7 FC |
57 | class PortCfg; |
58 | } | |
59 | ||
2745fea5 AR |
60 | namespace Store { |
61 | class DiskConfig { | |
62 | public: | |
b56b37cf AJ |
63 | DiskConfig() { assert(swapDirs == nullptr); } |
64 | ~DiskConfig() { delete[] swapDirs; } | |
65 | ||
66 | RefCount<SwapDir> *swapDirs = nullptr; | |
67 | int n_allocated = 0; | |
68 | int n_configured = 0; | |
2745fea5 | 69 | /// number of disk processes required to support all cache_dirs |
b56b37cf | 70 | int n_strands = 0; |
2745fea5 AR |
71 | }; |
72 | #define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw()) | |
73 | } | |
74 | ||
001d55dc | 75 | /// the representation of the configuration. POD. |
1b2f0924 FC |
76 | class SquidConfig |
77 | { | |
4d5904f7 FC |
78 | public: |
79 | struct { | |
80 | /* These should be for the Store::Root instance. | |
81 | * this needs pluggable parsing to be done smoothly. | |
82 | */ | |
83 | int highWaterMark; | |
84 | int lowWaterMark; | |
85 | } Swap; | |
86 | ||
87 | YesNoNone memShared; ///< whether the memory cache is shared among workers | |
c756d517 | 88 | YesNoNone shmLocking; ///< shared_memory_locking |
4d5904f7 FC |
89 | size_t memMaxSize; |
90 | ||
91 | struct { | |
92 | int64_t min; | |
93 | int pct; | |
94 | int64_t max; | |
95 | } quickAbort; | |
96 | int64_t readAheadGap; | |
97 | RemovalPolicySettings *replPolicy; | |
98 | RemovalPolicySettings *memPolicy; | |
99 | #if USE_HTTP_VIOLATIONS | |
100 | time_t negativeTtl; | |
101 | #endif | |
102 | time_t maxStale; | |
103 | time_t negativeDnsTtl; | |
104 | time_t positiveDnsTtl; | |
105 | time_t shutdownLifetime; | |
106 | time_t backgroundPingRate; | |
00e2479d | 107 | time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay |
4d5904f7 FC |
108 | |
109 | struct { | |
110 | time_t read; | |
111 | time_t write; | |
112 | time_t lifetime; | |
113 | time_t connect; | |
114 | time_t forward; | |
115 | time_t peer_connect; | |
116 | time_t request; | |
117 | time_t clientIdlePconn; | |
118 | time_t serverIdlePconn; | |
f6e8754a | 119 | time_t ftpClientIdle; |
c5c06f02 | 120 | time_t pconnLifetime; ///< pconn_lifetime in squid.conf |
4d5904f7 FC |
121 | time_t siteSelect; |
122 | time_t deadPeer; | |
3248e962 | 123 | time_t request_start_timeout; |
4d5904f7 FC |
124 | int icp_query; /* msec */ |
125 | int icp_query_max; /* msec */ | |
126 | int icp_query_min; /* msec */ | |
127 | int mcast_icp_query; /* msec */ | |
4d5904f7 FC |
128 | time_msec_t idns_retransmit; |
129 | time_msec_t idns_query; | |
32fd6d8a | 130 | time_t urlRewrite; |
4d5904f7 FC |
131 | } Timeout; |
132 | size_t maxRequestHeaderSize; | |
133 | int64_t maxRequestBodySize; | |
4d5904f7 FC |
134 | size_t maxRequestBufferSize; |
135 | size_t maxReplyHeaderSize; | |
1328cfb7 | 136 | AclSizeLimit *ReplyBodySize; |
4d5904f7 FC |
137 | |
138 | struct { | |
139 | unsigned short icp; | |
140 | #if USE_HTCP | |
141 | ||
142 | unsigned short htcp; | |
143 | #endif | |
144 | #if SQUID_SNMP | |
145 | ||
146 | unsigned short snmp; | |
147 | #endif | |
148 | } Port; | |
149 | ||
4d5904f7 FC |
150 | #if SQUID_SNMP |
151 | ||
152 | struct { | |
153 | char *configFile; | |
154 | char *agentInfo; | |
155 | } Snmp; | |
156 | #endif | |
157 | #if USE_WCCP | |
158 | ||
159 | struct { | |
160 | Ip::Address router; | |
161 | Ip::Address address; | |
162 | int version; | |
163 | } Wccp; | |
164 | #endif | |
165 | #if USE_WCCPv2 | |
166 | ||
167 | struct { | |
168 | Ip::Address_list *router; | |
169 | Ip::Address address; | |
170 | int forwarding_method; | |
171 | int return_method; | |
172 | int assignment_method; | |
173 | int weight; | |
174 | int rebuildwait; | |
175 | void *info; | |
176 | } Wccp2; | |
177 | #endif | |
178 | ||
4d5904f7 FC |
179 | char *as_whois_server; |
180 | ||
181 | struct { | |
182 | char *store; | |
183 | char *swap; | |
87ddff6e | 184 | CustomLog *accesslogs; |
4d5904f7 | 185 | #if ICAP_CLIENT |
87ddff6e | 186 | CustomLog *icaplogs; |
4d5904f7 | 187 | #endif |
e227da8d | 188 | Security::KeyLog *tlsKeys; ///< one optional tls_key_log |
4d5904f7 FC |
189 | int rotateNumber; |
190 | } Log; | |
191 | char *adminEmail; | |
192 | char *EmailFrom; | |
193 | char *EmailProgram; | |
194 | char *effectiveUser; | |
195 | char *visible_appname_string; | |
196 | char *effectiveGroup; | |
197 | ||
198 | struct { | |
4d5904f7 | 199 | wordlist *redirect; |
a8a0b1c2 | 200 | wordlist *store_id; |
4d5904f7 FC |
201 | #if USE_UNLINKD |
202 | ||
203 | char *unlinkd; | |
204 | #endif | |
205 | ||
206 | char *diskd; | |
cb4f4424 | 207 | #if USE_OPENSSL |
4d5904f7 FC |
208 | |
209 | char *ssl_password; | |
210 | #endif | |
211 | ||
212 | } Program; | |
4d5904f7 | 213 | |
76d9b994 AJ |
214 | Helper::ChildConfig redirectChildren; |
215 | Helper::ChildConfig storeIdChildren; | |
4d5904f7 FC |
216 | |
217 | struct { | |
218 | char *surrogate_id; | |
219 | } Accel; | |
220 | char *appendDomain; | |
221 | size_t appendDomainLen; | |
222 | char *pidFilename; | |
223 | char *netdbFilename; | |
224 | char *mimeTablePathname; | |
225 | char *etcHostsPath; | |
226 | char *visibleHostname; | |
227 | char *uniqueHostname; | |
228 | wordlist *hostnameAliases; | |
229 | char *errHtmlText; | |
230 | ||
231 | struct { | |
232 | char *host; | |
233 | char *file; | |
234 | time_t period; | |
235 | unsigned short port; | |
236 | } Announce; | |
237 | ||
238 | struct { | |
239 | ||
240 | Ip::Address udp_incoming; | |
241 | Ip::Address udp_outgoing; | |
242 | #if SQUID_SNMP | |
243 | Ip::Address snmp_incoming; | |
244 | Ip::Address snmp_outgoing; | |
245 | #endif | |
9837567d | 246 | // TODO: this should really be a CIDR value |
4d5904f7 FC |
247 | Ip::Address client_netmask; |
248 | } Addrs; | |
249 | size_t tcpRcvBufsz; | |
250 | size_t udpMaxHitObjsz; | |
4d5904f7 | 251 | wordlist *mcast_group_list; |
a3c6762c | 252 | CachePeer *peers; |
4d5904f7 FC |
253 | int npeers; |
254 | ||
255 | struct { | |
256 | int size; | |
257 | int low; | |
258 | int high; | |
259 | } ipcache; | |
260 | ||
261 | struct { | |
262 | int size; | |
263 | } fqdncache; | |
264 | int minDirectHops; | |
265 | int minDirectRtt; | |
613924ee | 266 | Mgr::ActionPasswordList *passwd_list; |
4d5904f7 FC |
267 | |
268 | struct { | |
269 | int objectsPerBucket; | |
270 | int64_t avgObjectSize; | |
271 | int64_t maxObjectSize; | |
272 | int64_t minObjectSize; | |
273 | size_t maxInMemObjSize; | |
274 | } Store; | |
275 | ||
276 | struct { | |
277 | int high; | |
278 | int low; | |
279 | time_t period; | |
280 | } Netdb; | |
281 | ||
282 | struct { | |
283 | int log_udp; | |
284 | int res_defnames; | |
285 | int anonymizer; | |
286 | int client_db; | |
287 | int query_icmp; | |
288 | int icp_hit_stale; | |
289 | int buffered_logs; | |
290 | int common_log; | |
291 | int log_mime_hdrs; | |
4d5904f7 FC |
292 | int announce; |
293 | int mem_pools; | |
294 | int test_reachability; | |
295 | int half_closed_clients; | |
296 | int refresh_all_ims; | |
297 | #if USE_HTTP_VIOLATIONS | |
298 | ||
299 | int reload_into_ims; | |
300 | #endif | |
301 | ||
302 | int offline; | |
303 | int redir_rewrites_host; | |
304 | int prefer_direct; | |
305 | int nonhierarchical_direct; | |
306 | int strip_query_terms; | |
307 | int redirector_bypass; | |
a8a0b1c2 | 308 | int store_id_bypass; |
4d5904f7 FC |
309 | int ignore_unknown_nameservers; |
310 | int client_pconns; | |
311 | int server_pconns; | |
312 | int error_pconns; | |
313 | #if USE_CACHE_DIGESTS | |
314 | ||
315 | int digest_generation; | |
316 | #endif | |
317 | ||
4d5904f7 | 318 | int vary_ignore_expire; |
4d5904f7 | 319 | int surrogate_is_remote; |
4d5904f7 | 320 | int detect_broken_server_pconns; |
4d5904f7 FC |
321 | int relaxed_header_parser; |
322 | int check_hostnames; | |
323 | int allow_underscore; | |
324 | int via; | |
96598f93 | 325 | int cache_miss_revalidate; |
4d5904f7 FC |
326 | int emailErrData; |
327 | int httpd_suppress_version_string; | |
328 | int global_internal_static; | |
55eae904 | 329 | int collapsed_forwarding; |
4d5904f7 FC |
330 | |
331 | #if FOLLOW_X_FORWARDED_FOR | |
332 | int acl_uses_indirect_client; | |
333 | int delay_pool_uses_indirect_client; | |
334 | int log_uses_indirect_client; | |
335 | #if LINUX_NETFILTER | |
336 | int tproxy_uses_indirect_client; | |
337 | #endif | |
338 | #endif /* FOLLOW_X_FORWARDED_FOR */ | |
339 | ||
340 | int WIN32_IpAddrChangeMonitor; | |
341 | int memory_cache_first; | |
342 | int memory_cache_disk; | |
343 | int hostStrictVerify; | |
344 | int client_dst_passthru; | |
bce61b00 | 345 | int dns_mdns; |
2bcab852 CT |
346 | #if USE_OPENSSL |
347 | bool logTlsServerHelloDetails; | |
348 | #endif | |
4d5904f7 FC |
349 | } onoff; |
350 | ||
daed75a9 | 351 | int64_t shared_transient_entries_limit; |
8f7dbf74 | 352 | |
079a8480 AJ |
353 | int pipeline_max_prefetch; |
354 | ||
8b082ed9 FC |
355 | // these values are actually unsigned |
356 | // TODO: extend the parser to support more nuanced types | |
4d5904f7 FC |
357 | int forward_max_tries; |
358 | int connect_retries; | |
359 | ||
b2aca62a EB |
360 | std::chrono::nanoseconds paranoid_hit_validation; |
361 | ||
4d5904f7 FC |
362 | class ACL *aclList; |
363 | ||
364 | struct { | |
365 | acl_access *http; | |
366 | acl_access *adapted_http; | |
367 | acl_access *icp; | |
368 | acl_access *miss; | |
369 | acl_access *NeverDirect; | |
370 | acl_access *AlwaysDirect; | |
371 | acl_access *ASlists; | |
372 | acl_access *noCache; | |
70706149 AR |
373 | acl_access *sendHit; |
374 | acl_access *storeMiss; | |
8ebad780 | 375 | acl_access *stats_collection; |
4d5904f7 FC |
376 | #if SQUID_SNMP |
377 | ||
378 | acl_access *snmp; | |
379 | #endif | |
380 | #if USE_HTTP_VIOLATIONS | |
381 | acl_access *brokenPosts; | |
382 | #endif | |
383 | acl_access *redirector; | |
a8a0b1c2 | 384 | acl_access *store_id; |
4d5904f7 | 385 | acl_access *reply; |
289848ca | 386 | Acl::Address *outgoing_address; |
4d5904f7 FC |
387 | #if USE_HTCP |
388 | ||
389 | acl_access *htcp; | |
390 | acl_access *htcp_clr; | |
391 | #endif | |
392 | ||
cb4f4424 | 393 | #if USE_OPENSSL |
4d5904f7 FC |
394 | acl_access *ssl_bump; |
395 | #endif | |
33b24cf0 | 396 | #if FOLLOW_X_FORWARDED_FOR |
4d5904f7 | 397 | acl_access *followXFF; |
33b24cf0 | 398 | #endif /* FOLLOW_X_FORWARDED_FOR */ |
4d5904f7 | 399 | |
2f8abb64 | 400 | /// acceptable PROXY protocol clients |
d3d92daa AJ |
401 | acl_access *proxyProtocol; |
402 | ||
0d901ef4 SH |
403 | /// spoof_client_ip squid.conf acl. |
404 | /// nil unless configured | |
405 | acl_access* spoof_client_ip; | |
3248e962 | 406 | acl_access *on_unsupported_protocol; |
ddf5aa2b CT |
407 | |
408 | acl_access *ftp_epsv; | |
ec69bdb2 CT |
409 | |
410 | acl_access *forceRequestBodyContinuation; | |
afc753f3 | 411 | acl_access *serverPconnForNonretriable; |
819be284 | 412 | acl_access *collapsedForwardingAccess; |
4d5904f7 | 413 | } accessList; |
7f0b3324 | 414 | AclDenyInfoList *denyInfoList; |
4d5904f7 FC |
415 | |
416 | struct { | |
417 | size_t list_width; | |
418 | int list_wrap; | |
419 | char *anon_user; | |
420 | int passive; | |
421 | int epsv_all; | |
422 | int epsv; | |
423 | int eprt; | |
424 | int sanitycheck; | |
425 | int telnet; | |
426 | } Ftp; | |
8d9a8184 | 427 | RefreshPattern *Refresh; |
4d5904f7 | 428 | |
2745fea5 | 429 | Store::DiskConfig cacheSwap; |
4d5904f7 FC |
430 | |
431 | struct { | |
432 | char *directory; | |
433 | int use_short_names; | |
434 | } icons; | |
435 | char *errorDirectory; | |
436 | #if USE_ERR_LOCALES | |
437 | char *errorDefaultLanguage; | |
438 | int errorLogMissingLanguages; | |
439 | #endif | |
440 | char *errorStylesheet; | |
441 | ||
442 | struct { | |
443 | int onerror; | |
444 | } retry; | |
445 | ||
446 | struct { | |
447 | int64_t limit; | |
448 | } MemPools; | |
449 | #if USE_DELAY_POOLS | |
450 | ||
451 | DelayConfig Delay; | |
452 | ClientDelayConfig ClientDelay; | |
b27668ec | 453 | MessageDelayConfig MessageDelay; |
4d5904f7 FC |
454 | #endif |
455 | ||
456 | struct { | |
457 | struct { | |
458 | int average; | |
459 | int min_poll; | |
460 | } dns, udp, tcp; | |
461 | } comm_incoming; | |
462 | int max_open_disk_fds; | |
463 | int uri_whitespace; | |
1328cfb7 | 464 | AclSizeLimit *rangeOffsetLimit; |
4d5904f7 FC |
465 | #if MULTICAST_MISS_STREAM |
466 | ||
467 | struct { | |
468 | ||
469 | Ip::Address addr; | |
470 | int ttl; | |
471 | unsigned short port; | |
472 | char *encode_key; | |
473 | } mcast_miss; | |
474 | #endif | |
475 | ||
476 | /// request_header_access and request_header_replace | |
477 | HeaderManglers *request_header_access; | |
478 | /// reply_header_access and reply_header_replace | |
479 | HeaderManglers *reply_header_access; | |
480 | ///request_header_add access list | |
481 | HeaderWithAclList *request_header_add; | |
cde8f31b NH |
482 | ///reply_header_add access list |
483 | HeaderWithAclList *reply_header_add; | |
1c2b4465 CT |
484 | /// http_upgrade_request_protocols |
485 | HttpUpgradeProtocolAccess *http_upgrade_request_protocols; | |
d7f4a0b7 CT |
486 | ///note |
487 | Notes notes; | |
4d5904f7 FC |
488 | char *coredump_dir; |
489 | char *chroot_dir; | |
490 | #if USE_CACHE_DIGESTS | |
491 | ||
492 | struct { | |
493 | int bits_per_entry; | |
494 | time_t rebuild_period; | |
495 | time_t rewrite_period; | |
496 | size_t swapout_chunk_size; | |
497 | int rebuild_chunk_percentage; | |
498 | } digest; | |
499 | #endif | |
cb4f4424 | 500 | #if USE_OPENSSL |
4d5904f7 FC |
501 | |
502 | struct { | |
503 | int unclean_shutdown; | |
504 | char *ssl_engine; | |
10a69fc0 CT |
505 | int session_ttl; |
506 | size_t sessionCacheSize; | |
3c26b00a | 507 | char *certSignHash; |
4d5904f7 FC |
508 | } SSL; |
509 | #endif | |
510 | ||
4d5904f7 FC |
511 | struct { |
512 | int high_rptm; | |
513 | int high_pf; | |
514 | size_t high_memory; | |
515 | } warnings; | |
516 | char *store_dir_select_algorithm; | |
517 | int sleep_after_fork; /* microseconds */ | |
518 | time_t minimum_expiry_time; /* seconds */ | |
519 | external_acl *externalAclHelperList; | |
520 | ||
4d5904f7 | 521 | struct { |
900daee3 | 522 | Security::ContextPointer sslContext; |
a465e144 | 523 | #if USE_OPENSSL |
866be11c | 524 | char *foreignIntermediateCertsPath; |
4d5904f7 | 525 | acl_access *cert_error; |
4d5904f7 FC |
526 | sslproxy_cert_sign *cert_sign; |
527 | sslproxy_cert_adapt *cert_adapt; | |
4d5904f7 | 528 | #endif |
a465e144 | 529 | } ssl_client; |
4d5904f7 FC |
530 | |
531 | char *accept_filter; | |
532 | int umask; | |
533 | int max_filedescriptors; | |
534 | int workers; | |
535 | CpuAffinityMap *cpuAffinityMap; | |
536 | ||
537 | #if USE_LOADABLE_MODULES | |
538 | wordlist *loadable_module_names; | |
539 | #endif | |
540 | ||
541 | int client_ip_max_connections; | |
542 | ||
b11724bb CT |
543 | char *redirector_extras; |
544 | ||
ced8def3 | 545 | struct UrlHelperTimeout { |
32fd6d8a CT |
546 | int action; |
547 | char *response; | |
548 | } onUrlRewriteTimeout; | |
549 | ||
b11724bb CT |
550 | char *storeId_extras; |
551 | ||
4d5904f7 | 552 | struct { |
5a1098fb | 553 | SBufList nameservers; |
4d5904f7 FC |
554 | int v4_first; ///< Place IPv4 first in the order of DNS results. |
555 | ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies. | |
556 | } dns; | |
55622953 CT |
557 | |
558 | struct { | |
559 | int connect_limit; | |
560 | int connect_gap; | |
561 | int connect_timeout; | |
562 | } happyEyeballs; | |
c59baaa8 EB |
563 | |
564 | DebugMessages *debugMessages; ///< cache_log_message | |
4d5904f7 FC |
565 | }; |
566 | ||
567 | extern SquidConfig Config; | |
568 | ||
5fed1735 AJ |
569 | class SquidConfig2 |
570 | { | |
571 | public: | |
871cbc7d AJ |
572 | void clear() { |
573 | *this = SquidConfig2(); | |
574 | } | |
575 | ||
7957fca1 | 576 | struct { |
871cbc7d | 577 | int enable_purge = 0; |
7957fca1 | 578 | } onoff; |
871cbc7d AJ |
579 | uid_t effectiveUserID = 0; |
580 | gid_t effectiveGroupID = 0; | |
7957fca1 FC |
581 | }; |
582 | ||
583 | extern SquidConfig2 Config2; | |
584 | ||
4d5904f7 | 585 | #endif /* SQUID_SQUIDCONFIG_H_ */ |
f53969cc | 586 |