src/anyp/PortCfg.h

   1 /*
   2  * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_ANYP_PORTCFG_H
  10 #define SQUID_ANYP_PORTCFG_H
  11
  12 #include "anyp/forward.h"
  13 #include "anyp/ProtocolVersion.h"
  14 #include "anyp/TrafficMode.h"
  15 #include "comm/Connection.h"
  16 #include "SBuf.h"
  17 #include "security/ServerOptions.h"
  18
  19 #if USE_OPENSSL
  20 #include "ssl/gadgets.h"
  21 #endif
  22
  23 namespace AnyP
  24 {
  25
  26 class PortCfg : public RefCountable
  27 {
  28 public:
  29     PortCfg();
  30     ~PortCfg();
  31     AnyP::PortCfgPointer clone() const;
  32 #if USE_OPENSSL
  33     /// creates, configures, and validates SSL context and related port options
  34     void configureSslServerContext();
  35 #endif
  36
  37     PortCfgPointer next;
  38
  39     Ip::Address s;
  40     AnyP::ProtocolVersion transport; ///< transport protocol and version received by this port
  41     char *name;                /* visible name */
  42     char *defaultsite;         /* default web site */
  43
  44     TrafficMode flags;  ///< flags indicating what type of traffic to expect via this port.
  45
  46     bool allow_direct;       ///< Allow direct forwarding in accelerator mode
  47     bool vhost;              ///< uses host header
  48     bool actAsOrigin;        ///< update replies to conform with RFC 2616
  49     bool ignore_cc;          ///< Ignore request Cache-Control directives
  50
  51     bool connection_auth_disabled; ///< Don't support connection oriented auth
  52
  53     bool ftp_track_dirs; ///< whether transactions should track FTP directories
  54
  55     int vport;               ///< virtual port support. -1 if dynamic, >0 static
  56     int disable_pmtu_discovery;
  57
  58     struct {
  59         unsigned int idle;
  60         unsigned int interval;
  61         unsigned int timeout;
  62         bool enabled;
  63     } tcp_keepalive;
  64
  65     /**
  66      * The listening socket details.
  67      * If Comm::ConnIsOpen() we are actively listening for client requests.
  68      * use listenConn->close() to stop.
  69      */
  70     Comm::ConnectionPointer listenConn;
  71
  72     /// TLS configuration options for this listening port
  73     Security::ServerOptions secure;
  74
  75 #if USE_OPENSSL
  76     char *clientca;
  77     char *sslContextSessionId; ///< "session id context" for secure.staticSslContext
  78     bool generateHostCertificates; ///< dynamically make host cert for sslBump
  79     size_t dynamicCertMemCacheSize; ///< max size of generated certificates memory cache
  80
  81     Security::CertPointer signingCert; ///< x509 certificate for signing generated certificates
  82     Ssl::EVP_PKEY_Pointer signPkey; ///< private key for sighing generated certificates
  83     Ssl::X509_STACK_Pointer certsToChain; ///<  x509 certificates to send with the generated cert
  84     Security::CertPointer untrustedSigningCert; ///< x509 certificate for signing untrusted generated certificates
  85     Ssl::EVP_PKEY_Pointer untrustedSignPkey; ///< private key for signing untrusted generated certificates
  86
  87     Ssl::X509_NAME_STACK_Pointer clientCA; ///< CA certificates to use when verifying client certificates
  88 #endif
  89 };
  90
  91 } // namespace AnyP
  92
  93 /// list of Squid http(s)_port configured
  94 extern AnyP::PortCfgPointer HttpPortList;
  95
  96 /// list of Squid ftp_port configured
  97 extern AnyP::PortCfgPointer FtpPortList;
  98
  99 #if !defined(MAXTCPLISTENPORTS)
 100 // Max number of TCP listening ports
 101 #define MAXTCPLISTENPORTS 128
 102 #endif
 103
 104 // TODO: kill this global array. Need to check performance of array vs list though.
 105 extern int NHttpSockets;
 106 extern int HttpSockets[MAXTCPLISTENPORTS];
 107
 108 #endif /* SQUID_ANYP_PORTCFG_H */
 109