1 #ifndef SQUID_ANYP_PORTCFG_H
2 #define SQUID_ANYP_PORTCFG_H
4 #include "anyp/forward.h"
5 #include "anyp/ProtocolVersion.h"
6 #include "anyp/TrafficMode.h"
7 #include "comm/Connection.h"
10 #include "ssl/gadgets.h"
21 AnyP::PortCfg
*clone() const;
23 /// creates, configures, and validates SSL context and related port options
24 void configureSslServerContext();
28 * Set this ports transport type from a string representation.
29 * Unknown transport type representations will halt Squid.
30 * Supports: HTTP, HTTP/1.1, HTTPS, HTTPS/1.1.
32 void setTransport(const char *aProtocol
);
37 AnyP::ProtocolVersion transport
; ///< transport protocol and version received by this port
38 char *name
; /* visible name */
39 char *defaultsite
; /* default web site */
41 TrafficMode flags
; ///< flags indicating what type of traffic to expect via this port.
43 bool allow_direct
; ///< Allow direct forwarding in accelerator mode
44 bool vhost
; ///< uses host header
45 bool actAsOrigin
; ///< update replies to conform with RFC 2616
46 bool ignore_cc
; ///< Ignore request Cache-Control directives
48 bool connection_auth_disabled
; ///< Don't support connection oriented auth
50 int vport
; ///< virtual port support. -1 if dynamic, >0 static
51 int disable_pmtu_discovery
;
55 unsigned int interval
;
61 * The listening socket details.
62 * If Comm::ConnIsOpen() we are actively listening for client requests.
63 * use listenConn->close() to stop.
65 Comm::ConnectionPointer listenConn
;
79 char *sslContextSessionId
; ///< "session id context" for staticSslContext
80 bool generateHostCertificates
; ///< dynamically make host cert for sslBump
81 size_t dynamicCertMemCacheSize
; ///< max size of generated certificates memory cache
83 Ssl::SSL_CTX_Pointer staticSslContext
; ///< for HTTPS accelerator or static sslBump
84 Ssl::X509_Pointer signingCert
; ///< x509 certificate for signing generated certificates
85 Ssl::EVP_PKEY_Pointer signPkey
; ///< private key for sighing generated certificates
86 Ssl::X509_STACK_Pointer certsToChain
; ///< x509 certificates to send with the generated cert
87 Ssl::X509_Pointer untrustedSigningCert
; ///< x509 certificate for signing untrusted generated certificates
88 Ssl::EVP_PKEY_Pointer untrustedSignPkey
; ///< private key for signing untrusted generated certificates
90 Ssl::X509_CRL_STACK_Pointer clientVerifyCrls
; ///< additional CRL lists to use when verifying the client certificate
91 Ssl::X509_NAME_STACK_Pointer clientCA
; ///< CA certificates to use when verifying client certificates
92 Ssl::DH_Pointer dhParams
; ///< DH parameters for temporary/ephemeral DH key exchanges
93 Ssl::ContextMethod contextMethod
; ///< The context method (SSL_METHOD) to use when creating certificates
94 long sslContextFlags
; ///< flags modifying the use of SSL
95 long sslOptions
; ///< SSL engine options
98 bool ftp_track_dirs
; ///< Whether to track FTP directories
100 CBDATA_CLASS2(PortCfg
); // namespaced
105 // Max number of TCP listening ports
106 #define MAXTCPLISTENPORTS 128
108 // TODO: kill this global array. Need to check performance of array vs list though.
109 extern int NHttpSockets
;
110 extern int HttpSockets
[MAXTCPLISTENPORTS
];
112 #endif /* SQUID_ANYP_PORTCFG_H */