[thirdparty/squid.git] / src / SquidConfig.h

/*
 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SRC_SQUIDCONFIG_H
#define SQUID_SRC_SQUIDCONFIG_H

#include "acl/forward.h"
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#if USE_DELAY_POOLS
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#endif
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#if USE_DELAY_POOLS
#include "MessageDelayPools.h"
#endif
#include "Notes.h"
#include "security/Context.h"
#include "security/forward.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/Disk.h"
#include "store/forward.h"
#include "time/gadgets.h"

#include <chrono>

#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr

class CachePeers;
class CustomLog;
class CpuAffinityMap;
class DebugMessages;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;
class HttpUpgradeProtocolAccess;

namespace AnyP
{
class PortCfg;
}

namespace Store {
class DiskConfig {
public:
    DiskConfig() { assert(swapDirs == nullptr); }
    ~DiskConfig() { delete[] swapDirs; }

    RefCount<SwapDir> *swapDirs = nullptr;
    int n_allocated = 0;
    int n_configured = 0;
    /// number of disk processes required to support all cache_dirs
    int n_strands = 0;
};
#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    YesNoNone shmLocking; ///< shared_memory_locking
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;
    time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t ftpClientIdle;
        time_t pconnLifetime; ///< pconn_lifetime in squid.conf
        time_t siteSelect;
        time_t deadPeer;
        time_t request_start_timeout;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
        time_t urlRewrite;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        Security::KeyLog *tlsKeys; ///< one optional tls_key_log
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    Helper::ChildConfig redirectChildren;
    Helper::ChildConfig storeIdChildren;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    SBufList hostnameAliases;
    char *errHtmlText;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        // TODO: this should really be a CIDR value
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *mcast_group_list;
    CachePeers *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int vary_ignore_expire;
        int surrogate_is_remote;
        int detect_broken_server_pconns;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
#if USE_OPENSSL
        bool logTlsServerHelloDetails;
#endif
    } onoff;

    int64_t shared_transient_entries_limit;

    int pipeline_max_prefetch;

    // these values are actually unsigned
    // TODO: extend the parser to support more nuanced types
    int forward_max_tries;
    int connect_retries;

    std::chrono::nanoseconds paranoid_hit_validation;

    class Acl::Node *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        Acl::Address *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// acceptable PROXY protocol clients
        acl_access *proxyProtocol;

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
        acl_access *on_unsupported_protocol;

        acl_access *ftp_epsv;

        acl_access *forceRequestBodyContinuation;
        acl_access *serverPconnForNonretriable;
        acl_access *collapsedForwardingAccess;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    Store::DiskConfig cacheSwap;

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
    MessageDelayConfig MessageDelay;
#endif

    struct CommIncoming {
        struct Measure {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///reply_header_add access list
    HeaderWithAclList *reply_header_add;
    /// http_upgrade_request_protocols
    HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
        char *certSignHash;
    } SSL;
#endif

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

    struct {
        Security::ContextPointer sslContext;
#if USE_OPENSSL
        char *foreignIntermediateCertsPath;
        acl_access *cert_error;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
#endif
    } ssl_client;

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    SBufList loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    struct UrlHelperTimeout {
        int action;
        char *response;
    } onUrlRewriteTimeout;

    char *storeId_extras;

    struct {
        SBufList nameservers;
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;

    struct {
        int connect_limit;
        int connect_gap;
        int connect_timeout;
    } happyEyeballs;
};

extern SquidConfig Config;

class SquidConfig2
{
public:
    void clear() {
        *this = SquidConfig2();
    }

    struct {
        int enable_purge = 0;
    } onoff;
    uid_t effectiveUserID = 0;
    gid_t effectiveGroupID = 0;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SRC_SQUIDCONFIG_H */
Commit	Line	Data
4d5904f7	1	/*
b8ae064d	2	* Copyright (C) 1996-2023 The Squid Software Foundation and contributors
4d5904f7	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
4d5904f7 FC	7	*/
4d5904f7 FC	8
ff9d9458 FC	9	#ifndef SQUID_SRC_SQUIDCONFIG_H
ff9d9458 FC	10	#define SQUID_SRC_SQUIDCONFIG_H
bbc27441	11
6f58d7d7	12	#include "acl/forward.h"
8bf217bd	13	#include "base/RefCount.h"
c50b35b5	14	#include "base/YesNoNone.h"
b27668ec	15	#if USE_DELAY_POOLS
4d5904f7 FC	16	#include "ClientDelayConfig.h"
4d5904f7 FC	17	#include "DelayConfig.h"
b27668ec	18	#endif
76d9b994	19	#include "helper/ChildConfig.h"
4d5904f7	20	#include "HttpHeaderTools.h"
4d5904f7	21	#include "ip/Address.h"
b27668ec EB	22	#if USE_DELAY_POOLS
	23	#include "MessageDelayPools.h"
	24	#endif
d7f4a0b7	25	#include "Notes.h"
a7b75c64	26	#include "security/Context.h"
a465e144	27	#include "security/forward.h"
866be11c CT	28	#if USE_OPENSSL
	29	#include "ssl/support.h"
	30	#endif
b56b37cf	31	#include "store/Disk.h"
e69ca1f1	32	#include "store/forward.h"
98cacedb	33	#include "time/gadgets.h"
4d5904f7	34
b2aca62a EB	35	#include <chrono>
b2aca62a EB	36
cb4f4424	37	#if USE_OPENSSL
d9c7489e FC	38	class sslproxy_cert_sign;
d9c7489e FC	39	class sslproxy_cert_adapt;
a011edee FC	40	#endif
a011edee FC	41
e4a14600 A	42	namespace Mgr
e4a14600 A	43	{
613924ee FC	44	class ActionPasswordList;
613924ee FC	45	} // namespace Mgr
2e24d0bf EB	46
2e24d0bf EB	47	class CachePeers;
613924ee	48	class CustomLog;
c6983ec7	49	class CpuAffinityMap;
c59baaa8	50	class DebugMessages;
613924ee	51	class external_acl;
4d5904f7	52	class HeaderManglers;
8d9a8184	53	class RefreshPattern;
4d5904f7	54	class RemovalPolicySettings;
1c2b4465	55	class HttpUpgradeProtocolAccess;
4d5904f7	56
e4a14600 A	57	namespace AnyP
e4a14600 A	58	{
4d5904f7 FC	59	class PortCfg;
	60	}
	61
2745fea5 AR	62	namespace Store {
	63	class DiskConfig {
	64	public:
b56b37cf AJ	65	DiskConfig() { assert(swapDirs == nullptr); }
	66	~DiskConfig() { delete[] swapDirs; }
	67
	68	RefCount<SwapDir> *swapDirs = nullptr;
	69	int n_allocated = 0;
	70	int n_configured = 0;
2745fea5	71	/// number of disk processes required to support all cache_dirs
b56b37cf	72	int n_strands = 0;
2745fea5 AR	73	};
	74	#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
	75	}
	76
001d55dc	77	/// the representation of the configuration. POD.
1b2f0924 FC	78	class SquidConfig
1b2f0924 FC	79	{
4d5904f7 FC	80	public:
	81	struct {
	82	/* These should be for the Store::Root instance.
	83	* this needs pluggable parsing to be done smoothly.
	84	*/
	85	int highWaterMark;
	86	int lowWaterMark;
	87	} Swap;
	88
	89	YesNoNone memShared; ///< whether the memory cache is shared among workers
c756d517	90	YesNoNone shmLocking; ///< shared_memory_locking
4d5904f7 FC	91	size_t memMaxSize;
	92
	93	struct {
	94	int64_t min;
	95	int pct;
	96	int64_t max;
	97	} quickAbort;
	98	int64_t readAheadGap;
	99	RemovalPolicySettings *replPolicy;
	100	RemovalPolicySettings *memPolicy;
	101	#if USE_HTTP_VIOLATIONS
	102	time_t negativeTtl;
	103	#endif
	104	time_t maxStale;
	105	time_t negativeDnsTtl;
	106	time_t positiveDnsTtl;
	107	time_t shutdownLifetime;
	108	time_t backgroundPingRate;
00e2479d	109	time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay
4d5904f7 FC	110
	111	struct {
	112	time_t read;
	113	time_t write;
	114	time_t lifetime;
	115	time_t connect;
	116	time_t forward;
	117	time_t peer_connect;
	118	time_t request;
	119	time_t clientIdlePconn;
	120	time_t serverIdlePconn;
f6e8754a	121	time_t ftpClientIdle;
c5c06f02	122	time_t pconnLifetime; ///< pconn_lifetime in squid.conf
4d5904f7 FC	123	time_t siteSelect;
4d5904f7 FC	124	time_t deadPeer;
3248e962	125	time_t request_start_timeout;
4d5904f7 FC	126	int icp_query; /* msec */
	127	int icp_query_max; /* msec */
	128	int icp_query_min; /* msec */
	129	int mcast_icp_query; /* msec */
4d5904f7 FC	130	time_msec_t idns_retransmit;
4d5904f7 FC	131	time_msec_t idns_query;
32fd6d8a	132	time_t urlRewrite;
4d5904f7 FC	133	} Timeout;
	134	size_t maxRequestHeaderSize;
	135	int64_t maxRequestBodySize;
4d5904f7 FC	136	size_t maxRequestBufferSize;
4d5904f7 FC	137	size_t maxReplyHeaderSize;
1328cfb7	138	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	139
	140	struct {
	141	unsigned short icp;
	142	#if USE_HTCP
	143
	144	unsigned short htcp;
	145	#endif
	146	#if SQUID_SNMP
	147
	148	unsigned short snmp;
	149	#endif
	150	} Port;
	151
4d5904f7 FC	152	#if SQUID_SNMP
	153
	154	struct {
	155	char *configFile;
	156	char *agentInfo;
	157	} Snmp;
	158	#endif
	159	#if USE_WCCP
	160
	161	struct {
	162	Ip::Address router;
	163	Ip::Address address;
	164	int version;
	165	} Wccp;
	166	#endif
	167	#if USE_WCCPv2
	168
	169	struct {
	170	Ip::Address_list *router;
	171	Ip::Address address;
	172	int forwarding_method;
	173	int return_method;
	174	int assignment_method;
	175	int weight;
	176	int rebuildwait;
	177	void *info;
	178	} Wccp2;
	179	#endif
	180
4d5904f7 FC	181	char *as_whois_server;
	182
	183	struct {
	184	char *store;
	185	char *swap;
87ddff6e	186	CustomLog *accesslogs;
4d5904f7	187	#if ICAP_CLIENT
87ddff6e	188	CustomLog *icaplogs;
4d5904f7	189	#endif
e227da8d	190	Security::KeyLog *tlsKeys; ///< one optional tls_key_log
4d5904f7 FC	191	int rotateNumber;
	192	} Log;
	193	char *adminEmail;
	194	char *EmailFrom;
	195	char *EmailProgram;
	196	char *effectiveUser;
	197	char *visible_appname_string;
	198	char *effectiveGroup;
	199
	200	struct {
4d5904f7	201	wordlist *redirect;
a8a0b1c2	202	wordlist *store_id;
4d5904f7 FC	203	#if USE_UNLINKD
	204
	205	char *unlinkd;
	206	#endif
	207
	208	char *diskd;
cb4f4424	209	#if USE_OPENSSL
4d5904f7 FC	210
	211	char *ssl_password;
	212	#endif
	213
	214	} Program;
4d5904f7	215
76d9b994 AJ	216	Helper::ChildConfig redirectChildren;
76d9b994 AJ	217	Helper::ChildConfig storeIdChildren;
4d5904f7 FC	218
	219	struct {
	220	char *surrogate_id;
	221	} Accel;
	222	char *appendDomain;
	223	size_t appendDomainLen;
	224	char *pidFilename;
	225	char *netdbFilename;
	226	char *mimeTablePathname;
	227	char *etcHostsPath;
	228	char *visibleHostname;
	229	char *uniqueHostname;
6793ad05	230	SBufList hostnameAliases;
4d5904f7 FC	231	char *errHtmlText;
4d5904f7 FC	232
4d5904f7 FC	233	struct {
	234
	235	Ip::Address udp_incoming;
	236	Ip::Address udp_outgoing;
	237	#if SQUID_SNMP
	238	Ip::Address snmp_incoming;
	239	Ip::Address snmp_outgoing;
	240	#endif
9837567d	241	// TODO: this should really be a CIDR value
4d5904f7 FC	242	Ip::Address client_netmask;
	243	} Addrs;
	244	size_t tcpRcvBufsz;
	245	size_t udpMaxHitObjsz;
4d5904f7	246	wordlist *mcast_group_list;
2e24d0bf	247	CachePeers *peers;
4d5904f7 FC	248	int npeers;
	249
	250	struct {
	251	int size;
	252	int low;
	253	int high;
	254	} ipcache;
	255
	256	struct {
	257	int size;
	258	} fqdncache;
	259	int minDirectHops;
	260	int minDirectRtt;
613924ee	261	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	262
	263	struct {
	264	int objectsPerBucket;
	265	int64_t avgObjectSize;
	266	int64_t maxObjectSize;
	267	int64_t minObjectSize;
	268	size_t maxInMemObjSize;
	269	} Store;
	270
	271	struct {
	272	int high;
	273	int low;
	274	time_t period;
	275	} Netdb;
	276
	277	struct {
	278	int log_udp;
	279	int res_defnames;
	280	int anonymizer;
	281	int client_db;
	282	int query_icmp;
	283	int icp_hit_stale;
	284	int buffered_logs;
	285	int common_log;
	286	int log_mime_hdrs;
4d5904f7 FC	287	int mem_pools;
	288	int test_reachability;
	289	int half_closed_clients;
	290	int refresh_all_ims;
	291	#if USE_HTTP_VIOLATIONS
	292
	293	int reload_into_ims;
	294	#endif
	295
	296	int offline;
	297	int redir_rewrites_host;
	298	int prefer_direct;
	299	int nonhierarchical_direct;
	300	int strip_query_terms;
	301	int redirector_bypass;
a8a0b1c2	302	int store_id_bypass;
4d5904f7 FC	303	int ignore_unknown_nameservers;
	304	int client_pconns;
	305	int server_pconns;
	306	int error_pconns;
	307	#if USE_CACHE_DIGESTS
	308
	309	int digest_generation;
	310	#endif
	311
4d5904f7	312	int vary_ignore_expire;
4d5904f7	313	int surrogate_is_remote;
4d5904f7	314	int detect_broken_server_pconns;
4d5904f7 FC	315	int relaxed_header_parser;
	316	int check_hostnames;
	317	int allow_underscore;
	318	int via;
96598f93	319	int cache_miss_revalidate;
4d5904f7 FC	320	int emailErrData;
	321	int httpd_suppress_version_string;
	322	int global_internal_static;
55eae904	323	int collapsed_forwarding;
4d5904f7 FC	324
	325	#if FOLLOW_X_FORWARDED_FOR
	326	int acl_uses_indirect_client;
	327	int delay_pool_uses_indirect_client;
	328	int log_uses_indirect_client;
	329	#if LINUX_NETFILTER
	330	int tproxy_uses_indirect_client;
	331	#endif
	332	#endif /* FOLLOW_X_FORWARDED_FOR */
	333
	334	int WIN32_IpAddrChangeMonitor;
	335	int memory_cache_first;
	336	int memory_cache_disk;
	337	int hostStrictVerify;
	338	int client_dst_passthru;
bce61b00	339	int dns_mdns;
2bcab852 CT	340	#if USE_OPENSSL
	341	bool logTlsServerHelloDetails;
	342	#endif
4d5904f7 FC	343	} onoff;
4d5904f7 FC	344
daed75a9	345	int64_t shared_transient_entries_limit;
8f7dbf74	346
079a8480 AJ	347	int pipeline_max_prefetch;
079a8480 AJ	348
8b082ed9 FC	349	// these values are actually unsigned
8b082ed9 FC	350	// TODO: extend the parser to support more nuanced types
4d5904f7 FC	351	int forward_max_tries;
	352	int connect_retries;
	353
b2aca62a EB	354	std::chrono::nanoseconds paranoid_hit_validation;
b2aca62a EB	355
922513e5	356	class Acl::Node *aclList;
4d5904f7 FC	357
	358	struct {
	359	acl_access *http;
	360	acl_access *adapted_http;
	361	acl_access *icp;
	362	acl_access *miss;
	363	acl_access *NeverDirect;
	364	acl_access *AlwaysDirect;
	365	acl_access *ASlists;
	366	acl_access *noCache;
70706149 AR	367	acl_access *sendHit;
70706149 AR	368	acl_access *storeMiss;
8ebad780	369	acl_access *stats_collection;
4d5904f7 FC	370	#if SQUID_SNMP
	371
	372	acl_access *snmp;
	373	#endif
	374	#if USE_HTTP_VIOLATIONS
	375	acl_access *brokenPosts;
	376	#endif
	377	acl_access *redirector;
a8a0b1c2	378	acl_access *store_id;
4d5904f7	379	acl_access *reply;
289848ca	380	Acl::Address *outgoing_address;
4d5904f7 FC	381	#if USE_HTCP
	382
	383	acl_access *htcp;
	384	acl_access *htcp_clr;
	385	#endif
	386
cb4f4424	387	#if USE_OPENSSL
4d5904f7 FC	388	acl_access *ssl_bump;
4d5904f7 FC	389	#endif
33b24cf0	390	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	391	acl_access *followXFF;
33b24cf0	392	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	393
2f8abb64	394	/// acceptable PROXY protocol clients
d3d92daa AJ	395	acl_access *proxyProtocol;
d3d92daa AJ	396
0d901ef4 SH	397	/// spoof_client_ip squid.conf acl.
	398	/// nil unless configured
	399	acl_access* spoof_client_ip;
3248e962	400	acl_access *on_unsupported_protocol;
ddf5aa2b CT	401
ddf5aa2b CT	402	acl_access *ftp_epsv;
ec69bdb2 CT	403
ec69bdb2 CT	404	acl_access *forceRequestBodyContinuation;
afc753f3	405	acl_access *serverPconnForNonretriable;
819be284	406	acl_access *collapsedForwardingAccess;
4d5904f7	407	} accessList;
7f0b3324	408	AclDenyInfoList *denyInfoList;
4d5904f7 FC	409
	410	struct {
	411	size_t list_width;
	412	int list_wrap;
	413	char *anon_user;
	414	int passive;
	415	int epsv_all;
	416	int epsv;
	417	int eprt;
	418	int sanitycheck;
	419	int telnet;
	420	} Ftp;
8d9a8184	421	RefreshPattern *Refresh;
4d5904f7	422
2745fea5	423	Store::DiskConfig cacheSwap;
4d5904f7 FC	424
	425	struct {
	426	char *directory;
	427	int use_short_names;
	428	} icons;
	429	char *errorDirectory;
	430	#if USE_ERR_LOCALES
	431	char *errorDefaultLanguage;
	432	int errorLogMissingLanguages;
	433	#endif
	434	char *errorStylesheet;
	435
	436	struct {
	437	int onerror;
	438	} retry;
	439
	440	struct {
	441	int64_t limit;
	442	} MemPools;
	443	#if USE_DELAY_POOLS
	444
	445	DelayConfig Delay;
	446	ClientDelayConfig ClientDelay;
b27668ec	447	MessageDelayConfig MessageDelay;
4d5904f7 FC	448	#endif
4d5904f7 FC	449
17c0af35 AJ	450	struct CommIncoming {
17c0af35 AJ	451	struct Measure {
4d5904f7 FC	452	int average;
	453	int min_poll;
	454	} dns, udp, tcp;
	455	} comm_incoming;
	456	int max_open_disk_fds;
	457	int uri_whitespace;
1328cfb7	458	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	459
	460	/// request_header_access and request_header_replace
	461	HeaderManglers *request_header_access;
	462	/// reply_header_access and reply_header_replace
	463	HeaderManglers *reply_header_access;
	464	///request_header_add access list
	465	HeaderWithAclList *request_header_add;
cde8f31b NH	466	///reply_header_add access list
cde8f31b NH	467	HeaderWithAclList *reply_header_add;
1c2b4465 CT	468	/// http_upgrade_request_protocols
1c2b4465 CT	469	HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
d7f4a0b7 CT	470	///note
d7f4a0b7 CT	471	Notes notes;
4d5904f7 FC	472	char *coredump_dir;
	473	char *chroot_dir;
	474	#if USE_CACHE_DIGESTS
	475
	476	struct {
	477	int bits_per_entry;
	478	time_t rebuild_period;
	479	time_t rewrite_period;
	480	size_t swapout_chunk_size;
	481	int rebuild_chunk_percentage;
	482	} digest;
	483	#endif
cb4f4424	484	#if USE_OPENSSL
4d5904f7 FC	485
	486	struct {
	487	int unclean_shutdown;
	488	char *ssl_engine;
10a69fc0 CT	489	int session_ttl;
10a69fc0 CT	490	size_t sessionCacheSize;
3c26b00a	491	char *certSignHash;
4d5904f7 FC	492	} SSL;
	493	#endif
	494
4d5904f7 FC	495	struct {
	496	int high_rptm;
	497	int high_pf;
	498	size_t high_memory;
	499	} warnings;
	500	char *store_dir_select_algorithm;
	501	int sleep_after_fork; /* microseconds */
	502	time_t minimum_expiry_time; /* seconds */
	503	external_acl *externalAclHelperList;
	504
4d5904f7	505	struct {
900daee3	506	Security::ContextPointer sslContext;
a465e144	507	#if USE_OPENSSL
866be11c	508	char *foreignIntermediateCertsPath;
4d5904f7	509	acl_access *cert_error;
4d5904f7 FC	510	sslproxy_cert_sign *cert_sign;
4d5904f7 FC	511	sslproxy_cert_adapt *cert_adapt;
4d5904f7	512	#endif
a465e144	513	} ssl_client;
4d5904f7 FC	514
	515	char *accept_filter;
	516	int umask;
	517	int max_filedescriptors;
	518	int workers;
	519	CpuAffinityMap *cpuAffinityMap;
	520
	521	#if USE_LOADABLE_MODULES
1c464a53	522	SBufList loadable_module_names;
4d5904f7 FC	523	#endif
	524
	525	int client_ip_max_connections;
	526
b11724bb CT	527	char *redirector_extras;
b11724bb CT	528
ced8def3	529	struct UrlHelperTimeout {
32fd6d8a CT	530	int action;
	531	char *response;
	532	} onUrlRewriteTimeout;
	533
b11724bb CT	534	char *storeId_extras;
b11724bb CT	535
4d5904f7	536	struct {
5a1098fb	537	SBufList nameservers;
4d5904f7 FC	538	int v4_first; ///< Place IPv4 first in the order of DNS results.
	539	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	540	} dns;
55622953 CT	541
	542	struct {
	543	int connect_limit;
	544	int connect_gap;
	545	int connect_timeout;
	546	} happyEyeballs;
4d5904f7 FC	547	};
	548
	549	extern SquidConfig Config;
	550
5fed1735 AJ	551	class SquidConfig2
	552	{
	553	public:
871cbc7d AJ	554	void clear() {
	555	*this = SquidConfig2();
	556	}
	557
7957fca1	558	struct {
871cbc7d	559	int enable_purge = 0;
7957fca1	560	} onoff;
871cbc7d AJ	561	uid_t effectiveUserID = 0;
871cbc7d AJ	562	gid_t effectiveGroupID = 0;
7957fca1 FC	563	};
	564
	565	extern SquidConfig2 Config2;
	566
ff9d9458	567	#endif /* SQUID_SRC_SQUIDCONFIG_H */
f53969cc	568