[thirdparty/squid.git] / src / SquidConfig.h

#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_
/*
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

#include "acl/forward.h"
#include "base/RefCount.h"
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#include "HelperChildConfig.h"
#include "HttpHeaderTools.h"
#include "icmp/IcmpConfig.h"
#include "ip/Address.h"
#include "Notes.h"
#include "YesNoNone.h"

#if USE_OPENSSL
#if HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
#endif

class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr
class CustomLog;
class CpuAffinityMap;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;
class SwapDir;

namespace AnyP
{
class PortCfg;
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t siteSelect;
        time_t deadPeer;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    int64_t maxChunkedRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

    struct {
        AnyP::PortCfg *http;
#if USE_OPENSSL
        AnyP::PortCfg *https;
#endif
    } Sockaddr;
#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

#if USE_ICMP
    IcmpConfig pinger;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    HelperChildConfig redirectChildren;
    HelperChildConfig storeIdChildren;
    time_t authenticateGCInterval;
    time_t authenticateTTL;
    time_t authenticateIpTTL;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    wordlist *hostnameAliases;
    char *errHtmlText;

    struct {
        char *host;
        char *file;
        time_t period;
        unsigned short port;
    } Announce;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        /* FIXME INET6 : this should really be a CIDR value */
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *hierarchy_stoplist;
    wordlist *mcast_group_list;
    wordlist *dns_nameservers;
    CachePeer *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int log_fqdn;
        int announce;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int ie_refresh;
        int vary_ignore_expire;
        int surrogate_is_remote;
        int request_entities;
        int detect_broken_server_pconns;
        int balance_on_multiple_ip;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
    } onoff;

    int pipeline_max_prefetch;

    int forward_max_tries;
    int connect_retries;

    class ACL *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        AclAddress *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    struct _cacheSwap {
        RefCount<SwapDir> *swapDirs;
        int n_allocated;
        int n_configured;
        /// number of disk processes required to support all cache_dirs
        int n_strands;
    } cacheSwap;
    /*
     * I'm sick of having to keep doing this ..
     */
#define INDEXSD(i)   (Config.cacheSwap.swapDirs[(i)].getRaw())

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
#endif

    struct {
        struct {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM

    struct {

        Ip::Address addr;
        int ttl;
        unsigned short port;
        char *encode_key;
    } mcast_miss;
#endif

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
    } SSL;
#endif

    wordlist *ext_methods;

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

#if USE_OPENSSL

    struct {
        char *cert;
        char *key;
        int version;
        char *options;
        char *cipher;
        char *cafile;
        char *capath;
        char *crlfile;
        char *flags;
        acl_access *cert_error;
        SSL_CTX *sslContext;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
    } ssl_client;
#endif

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    wordlist *loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    char *storeId_extras;

    struct {
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;

};

extern SquidConfig Config;

class SquidConfig2
{
public:
    struct {
        int enable_purge;
        int mangle_request_headers;
    } onoff;
    uid_t effectiveUserID;
    gid_t effectiveGroupID;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SQUIDCONFIG_H_ */
Commit	Line	Data
4d5904f7 FC	1	#ifndef SQUID_SQUIDCONFIG_H_
	2	#define SQUID_SQUIDCONFIG_H_
	3	/*
4d5904f7 FC	4	* SQUID Web Proxy Cache http://www.squid-cache.org/
	5	* ----------------------------------------------------------
	6	*
	7	* Squid is the result of efforts by numerous individuals from
	8	* the Internet community; see the CONTRIBUTORS file for full
	9	* details. Many organizations have provided support for Squid's
	10	* development; see the SPONSORS file for full details. Squid is
	11	* Copyrighted (C) 2001 by the Regents of the University of
	12	* California; see the COPYRIGHT file for full details. Squid
	13	* incorporates software developed and/or copyrighted by other
	14	* sources; see the CREDITS file for full details.
	15	*
	16	* This program is free software; you can redistribute it and/or modify
	17	* it under the terms of the GNU General Public License as published by
	18	* the Free Software Foundation; either version 2 of the License, or
	19	* (at your option) any later version.
	20	*
	21	* This program is distributed in the hope that it will be useful,
	22	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	23	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	24	* GNU General Public License for more details.
	25	*
	26	* You should have received a copy of the GNU General Public License
	27	* along with this program; if not, write to the Free Software
	28	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	29	*
	30	*/
	31
6f58d7d7	32	#include "acl/forward.h"
8bf217bd	33	#include "base/RefCount.h"
4d5904f7 FC	34	#include "ClientDelayConfig.h"
4d5904f7 FC	35	#include "DelayConfig.h"
c6983ec7	36	#include "HelperChildConfig.h"
4d5904f7 FC	37	#include "HttpHeaderTools.h"
	38	#include "icmp/IcmpConfig.h"
	39	#include "ip/Address.h"
d7f4a0b7	40	#include "Notes.h"
bf35a4a7	41	#include "YesNoNone.h"
4d5904f7	42
cb4f4424 AJ	43	#if USE_OPENSSL
cb4f4424 AJ	44	#if HAVE_OPENSSL_SSL_H
a011edee	45	#include <openssl/ssl.h>
cb4f4424 AJ	46	#endif
cb4f4424 AJ	47
d9c7489e FC	48	class sslproxy_cert_sign;
d9c7489e FC	49	class sslproxy_cert_adapt;
a011edee FC	50	#endif
a011edee FC	51
e4a14600 A	52	namespace Mgr
e4a14600 A	53	{
613924ee FC	54	class ActionPasswordList;
	55	} // namespace Mgr
	56	class CustomLog;
c6983ec7	57	class CpuAffinityMap;
613924ee	58	class external_acl;
4d5904f7	59	class HeaderManglers;
8d9a8184	60	class RefreshPattern;
4d5904f7	61	class RemovalPolicySettings;
ee82937c	62	class SwapDir;
4d5904f7	63
e4a14600 A	64	namespace AnyP
e4a14600 A	65	{
4d5904f7 FC	66	class PortCfg;
	67	}
	68
001d55dc	69	/// the representation of the configuration. POD.
1b2f0924 FC	70	class SquidConfig
1b2f0924 FC	71	{
4d5904f7 FC	72	public:
	73	struct {
	74	/* These should be for the Store::Root instance.
	75	* this needs pluggable parsing to be done smoothly.
	76	*/
	77	int highWaterMark;
	78	int lowWaterMark;
	79	} Swap;
	80
	81	YesNoNone memShared; ///< whether the memory cache is shared among workers
	82	size_t memMaxSize;
	83
	84	struct {
	85	int64_t min;
	86	int pct;
	87	int64_t max;
	88	} quickAbort;
	89	int64_t readAheadGap;
	90	RemovalPolicySettings *replPolicy;
	91	RemovalPolicySettings *memPolicy;
	92	#if USE_HTTP_VIOLATIONS
	93	time_t negativeTtl;
	94	#endif
	95	time_t maxStale;
	96	time_t negativeDnsTtl;
	97	time_t positiveDnsTtl;
	98	time_t shutdownLifetime;
	99	time_t backgroundPingRate;
	100
	101	struct {
	102	time_t read;
	103	time_t write;
	104	time_t lifetime;
	105	time_t connect;
	106	time_t forward;
	107	time_t peer_connect;
	108	time_t request;
	109	time_t clientIdlePconn;
	110	time_t serverIdlePconn;
	111	time_t siteSelect;
	112	time_t deadPeer;
	113	int icp_query; /* msec */
	114	int icp_query_max; /* msec */
	115	int icp_query_min; /* msec */
	116	int mcast_icp_query; /* msec */
4d5904f7 FC	117	time_msec_t idns_retransmit;
4d5904f7 FC	118	time_msec_t idns_query;
4d5904f7 FC	119	} Timeout;
	120	size_t maxRequestHeaderSize;
	121	int64_t maxRequestBodySize;
	122	int64_t maxChunkedRequestBodySize;
	123	size_t maxRequestBufferSize;
	124	size_t maxReplyHeaderSize;
1328cfb7	125	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	126
	127	struct {
	128	unsigned short icp;
	129	#if USE_HTCP
	130
	131	unsigned short htcp;
	132	#endif
	133	#if SQUID_SNMP
	134
	135	unsigned short snmp;
	136	#endif
	137	} Port;
	138
	139	struct {
	140	AnyP::PortCfg *http;
cb4f4424	141	#if USE_OPENSSL
4d5904f7 FC	142	AnyP::PortCfg *https;
	143	#endif
	144	} Sockaddr;
	145	#if SQUID_SNMP
	146
	147	struct {
	148	char *configFile;
	149	char *agentInfo;
	150	} Snmp;
	151	#endif
	152	#if USE_WCCP
	153
	154	struct {
	155	Ip::Address router;
	156	Ip::Address address;
	157	int version;
	158	} Wccp;
	159	#endif
	160	#if USE_WCCPv2
	161
	162	struct {
	163	Ip::Address_list *router;
	164	Ip::Address address;
	165	int forwarding_method;
	166	int return_method;
	167	int assignment_method;
	168	int weight;
	169	int rebuildwait;
	170	void *info;
	171	} Wccp2;
	172	#endif
	173
	174	#if USE_ICMP
	175	IcmpConfig pinger;
	176	#endif
	177
	178	char *as_whois_server;
	179
	180	struct {
	181	char *store;
	182	char *swap;
87ddff6e	183	CustomLog *accesslogs;
4d5904f7	184	#if ICAP_CLIENT
87ddff6e	185	CustomLog *icaplogs;
4d5904f7 FC	186	#endif
	187	int rotateNumber;
	188	} Log;
	189	char *adminEmail;
	190	char *EmailFrom;
	191	char *EmailProgram;
	192	char *effectiveUser;
	193	char *visible_appname_string;
	194	char *effectiveGroup;
	195
	196	struct {
4d5904f7	197	wordlist *redirect;
a8a0b1c2	198	wordlist *store_id;
4d5904f7 FC	199	#if USE_UNLINKD
	200
	201	char *unlinkd;
	202	#endif
	203
	204	char *diskd;
cb4f4424	205	#if USE_OPENSSL
4d5904f7 FC	206
	207	char *ssl_password;
	208	#endif
	209
	210	} Program;
4d5904f7 FC	211
4d5904f7 FC	212	HelperChildConfig redirectChildren;
a8a0b1c2	213	HelperChildConfig storeIdChildren;
4d5904f7 FC	214	time_t authenticateGCInterval;
	215	time_t authenticateTTL;
	216	time_t authenticateIpTTL;
	217
	218	struct {
	219	char *surrogate_id;
	220	} Accel;
	221	char *appendDomain;
	222	size_t appendDomainLen;
	223	char *pidFilename;
	224	char *netdbFilename;
	225	char *mimeTablePathname;
	226	char *etcHostsPath;
	227	char *visibleHostname;
	228	char *uniqueHostname;
	229	wordlist *hostnameAliases;
	230	char *errHtmlText;
	231
	232	struct {
	233	char *host;
	234	char *file;
	235	time_t period;
	236	unsigned short port;
	237	} Announce;
	238
	239	struct {
	240
	241	Ip::Address udp_incoming;
	242	Ip::Address udp_outgoing;
	243	#if SQUID_SNMP
	244	Ip::Address snmp_incoming;
	245	Ip::Address snmp_outgoing;
	246	#endif
	247	/* FIXME INET6 : this should really be a CIDR value */
	248	Ip::Address client_netmask;
	249	} Addrs;
	250	size_t tcpRcvBufsz;
	251	size_t udpMaxHitObjsz;
	252	wordlist *hierarchy_stoplist;
	253	wordlist *mcast_group_list;
	254	wordlist *dns_nameservers;
a3c6762c	255	CachePeer *peers;
4d5904f7 FC	256	int npeers;
	257
	258	struct {
	259	int size;
	260	int low;
	261	int high;
	262	} ipcache;
	263
	264	struct {
	265	int size;
	266	} fqdncache;
	267	int minDirectHops;
	268	int minDirectRtt;
613924ee	269	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	270
	271	struct {
	272	int objectsPerBucket;
	273	int64_t avgObjectSize;
	274	int64_t maxObjectSize;
	275	int64_t minObjectSize;
	276	size_t maxInMemObjSize;
	277	} Store;
	278
	279	struct {
	280	int high;
	281	int low;
	282	time_t period;
	283	} Netdb;
	284
	285	struct {
	286	int log_udp;
	287	int res_defnames;
	288	int anonymizer;
	289	int client_db;
	290	int query_icmp;
	291	int icp_hit_stale;
	292	int buffered_logs;
	293	int common_log;
	294	int log_mime_hdrs;
	295	int log_fqdn;
	296	int announce;
	297	int mem_pools;
	298	int test_reachability;
	299	int half_closed_clients;
	300	int refresh_all_ims;
	301	#if USE_HTTP_VIOLATIONS
	302
	303	int reload_into_ims;
	304	#endif
	305
	306	int offline;
	307	int redir_rewrites_host;
	308	int prefer_direct;
	309	int nonhierarchical_direct;
	310	int strip_query_terms;
	311	int redirector_bypass;
a8a0b1c2	312	int store_id_bypass;
4d5904f7 FC	313	int ignore_unknown_nameservers;
	314	int client_pconns;
	315	int server_pconns;
	316	int error_pconns;
	317	#if USE_CACHE_DIGESTS
	318
	319	int digest_generation;
	320	#endif
	321
	322	int ie_refresh;
	323	int vary_ignore_expire;
4d5904f7 FC	324	int surrogate_is_remote;
	325	int request_entities;
	326	int detect_broken_server_pconns;
	327	int balance_on_multiple_ip;
	328	int relaxed_header_parser;
	329	int check_hostnames;
	330	int allow_underscore;
	331	int via;
96598f93	332	int cache_miss_revalidate;
4d5904f7 FC	333	int emailErrData;
	334	int httpd_suppress_version_string;
	335	int global_internal_static;
55eae904	336	int collapsed_forwarding;
4d5904f7 FC	337
	338	#if FOLLOW_X_FORWARDED_FOR
	339	int acl_uses_indirect_client;
	340	int delay_pool_uses_indirect_client;
	341	int log_uses_indirect_client;
	342	#if LINUX_NETFILTER
	343	int tproxy_uses_indirect_client;
	344	#endif
	345	#endif /* FOLLOW_X_FORWARDED_FOR */
	346
	347	int WIN32_IpAddrChangeMonitor;
	348	int memory_cache_first;
	349	int memory_cache_disk;
	350	int hostStrictVerify;
	351	int client_dst_passthru;
bce61b00	352	int dns_mdns;
4d5904f7 FC	353	} onoff;
4d5904f7 FC	354
079a8480 AJ	355	int pipeline_max_prefetch;
079a8480 AJ	356
4d5904f7 FC	357	int forward_max_tries;
	358	int connect_retries;
	359
	360	class ACL *aclList;
	361
	362	struct {
	363	acl_access *http;
	364	acl_access *adapted_http;
	365	acl_access *icp;
	366	acl_access *miss;
	367	acl_access *NeverDirect;
	368	acl_access *AlwaysDirect;
	369	acl_access *ASlists;
	370	acl_access *noCache;
70706149 AR	371	acl_access *sendHit;
70706149 AR	372	acl_access *storeMiss;
8ebad780	373	acl_access *stats_collection;
4d5904f7 FC	374	#if SQUID_SNMP
	375
	376	acl_access *snmp;
	377	#endif
	378	#if USE_HTTP_VIOLATIONS
	379	acl_access *brokenPosts;
	380	#endif
	381	acl_access *redirector;
a8a0b1c2	382	acl_access *store_id;
4d5904f7	383	acl_access *reply;
0dc8ffa5	384	AclAddress *outgoing_address;
4d5904f7 FC	385	#if USE_HTCP
	386
	387	acl_access *htcp;
	388	acl_access *htcp_clr;
	389	#endif
	390
cb4f4424	391	#if USE_OPENSSL
4d5904f7 FC	392	acl_access *ssl_bump;
4d5904f7 FC	393	#endif
33b24cf0	394	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	395	acl_access *followXFF;
33b24cf0	396	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	397
0d901ef4 SH	398	/// spoof_client_ip squid.conf acl.
	399	/// nil unless configured
	400	acl_access* spoof_client_ip;
4d5904f7	401	} accessList;
7f0b3324	402	AclDenyInfoList *denyInfoList;
4d5904f7 FC	403
	404	struct {
	405	size_t list_width;
	406	int list_wrap;
	407	char *anon_user;
	408	int passive;
	409	int epsv_all;
	410	int epsv;
	411	int eprt;
	412	int sanitycheck;
	413	int telnet;
	414	} Ftp;
8d9a8184	415	RefreshPattern *Refresh;
4d5904f7 FC	416
	417	struct _cacheSwap {
	418	RefCount<SwapDir> *swapDirs;
	419	int n_allocated;
	420	int n_configured;
	421	/// number of disk processes required to support all cache_dirs
	422	int n_strands;
	423	} cacheSwap;
	424	/*
	425	* I'm sick of having to keep doing this ..
	426	*/
	427	#define INDEXSD(i) (Config.cacheSwap.swapDirs[(i)].getRaw())
	428
	429	struct {
	430	char *directory;
	431	int use_short_names;
	432	} icons;
	433	char *errorDirectory;
	434	#if USE_ERR_LOCALES
	435	char *errorDefaultLanguage;
	436	int errorLogMissingLanguages;
	437	#endif
	438	char *errorStylesheet;
	439
	440	struct {
	441	int onerror;
	442	} retry;
	443
	444	struct {
	445	int64_t limit;
	446	} MemPools;
	447	#if USE_DELAY_POOLS
	448
	449	DelayConfig Delay;
	450	ClientDelayConfig ClientDelay;
	451	#endif
	452
	453	struct {
	454	struct {
	455	int average;
	456	int min_poll;
	457	} dns, udp, tcp;
	458	} comm_incoming;
	459	int max_open_disk_fds;
	460	int uri_whitespace;
1328cfb7	461	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	462	#if MULTICAST_MISS_STREAM
	463
	464	struct {
	465
	466	Ip::Address addr;
	467	int ttl;
	468	unsigned short port;
	469	char *encode_key;
	470	} mcast_miss;
	471	#endif
	472
	473	/// request_header_access and request_header_replace
	474	HeaderManglers *request_header_access;
	475	/// reply_header_access and reply_header_replace
	476	HeaderManglers *reply_header_access;
	477	///request_header_add access list
	478	HeaderWithAclList *request_header_add;
d7f4a0b7 CT	479	///note
d7f4a0b7 CT	480	Notes notes;
4d5904f7 FC	481	char *coredump_dir;
	482	char *chroot_dir;
	483	#if USE_CACHE_DIGESTS
	484
	485	struct {
	486	int bits_per_entry;
	487	time_t rebuild_period;
	488	time_t rewrite_period;
	489	size_t swapout_chunk_size;
	490	int rebuild_chunk_percentage;
	491	} digest;
	492	#endif
cb4f4424	493	#if USE_OPENSSL
4d5904f7 FC	494
	495	struct {
	496	int unclean_shutdown;
	497	char *ssl_engine;
10a69fc0 CT	498	int session_ttl;
10a69fc0 CT	499	size_t sessionCacheSize;
4d5904f7 FC	500	} SSL;
	501	#endif
	502
	503	wordlist *ext_methods;
	504
	505	struct {
	506	int high_rptm;
	507	int high_pf;
	508	size_t high_memory;
	509	} warnings;
	510	char *store_dir_select_algorithm;
	511	int sleep_after_fork; /* microseconds */
	512	time_t minimum_expiry_time; /* seconds */
	513	external_acl *externalAclHelperList;
	514
cb4f4424	515	#if USE_OPENSSL
4d5904f7 FC	516
	517	struct {
	518	char *cert;
	519	char *key;
	520	int version;
	521	char *options;
	522	char *cipher;
	523	char *cafile;
	524	char *capath;
	525	char *crlfile;
	526	char *flags;
	527	acl_access *cert_error;
	528	SSL_CTX *sslContext;
	529	sslproxy_cert_sign *cert_sign;
	530	sslproxy_cert_adapt *cert_adapt;
	531	} ssl_client;
	532	#endif
	533
	534	char *accept_filter;
	535	int umask;
	536	int max_filedescriptors;
	537	int workers;
	538	CpuAffinityMap *cpuAffinityMap;
	539
	540	#if USE_LOADABLE_MODULES
	541	wordlist *loadable_module_names;
	542	#endif
	543
	544	int client_ip_max_connections;
	545
b11724bb CT	546	char *redirector_extras;
	547
	548	char *storeId_extras;
	549
4d5904f7 FC	550	struct {
	551	int v4_first; ///< Place IPv4 first in the order of DNS results.
	552	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	553	} dns;
	554
	555	};
	556
	557	extern SquidConfig Config;
	558
5fed1735 AJ	559	class SquidConfig2
	560	{
	561	public:
7957fca1 FC	562	struct {
	563	int enable_purge;
	564	int mangle_request_headers;
	565	} onoff;
	566	uid_t effectiveUserID;
	567	gid_t effectiveGroupID;
	568	};
	569
	570	extern SquidConfig2 Config2;
	571
4d5904f7	572	#endif /* SQUID_SQUIDCONFIG_H_ */