[thirdparty/squid.git] / src / SquidConfig.h

/*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_

#include "acl/forward.h"
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#include "Notes.h"
#include "security/forward.h"
#include "SquidTime.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/forward.h"

#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr
class CachePeer;
class CustomLog;
class CpuAffinityMap;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;

namespace AnyP
{
class PortCfg;
}

namespace Store {
class DiskConfig {
public:
    RefCount<SwapDir> *swapDirs;
    int n_allocated;
    int n_configured;
    /// number of disk processes required to support all cache_dirs
    int n_strands;
};
#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    YesNoNone shmLocking; ///< shared_memory_locking
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t ftpClientIdle;
        time_t pconnLifetime; ///< pconn_lifetime in squid.conf
        time_t siteSelect;
        time_t deadPeer;
        time_t request_start_timeout;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
        time_t urlRewrite;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    Helper::ChildConfig redirectChildren;
    Helper::ChildConfig storeIdChildren;
    time_t authenticateGCInterval;
    time_t authenticateTTL;
    time_t authenticateIpTTL;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    wordlist *hostnameAliases;
    char *errHtmlText;

    struct {
        char *host;
        char *file;
        time_t period;
        unsigned short port;
    } Announce;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        /* FIXME INET6 : this should really be a CIDR value */
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *mcast_group_list;
    wordlist *dns_nameservers;
    CachePeer *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int log_fqdn;
        int announce;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int ie_refresh;
        int vary_ignore_expire;
        int surrogate_is_remote;
        int request_entities;
        int detect_broken_server_pconns;
        int balance_on_multiple_ip;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
#if USE_OPENSSL
        bool logTlsServerHelloDetails;
#endif
    } onoff;

    int64_t collapsed_forwarding_shared_entries_limit;

    int pipeline_max_prefetch;

    int forward_max_tries;
    int connect_retries;

    class ACL *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        Acl::Address *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// acceptible PROXY protocol clients
        acl_access *proxyProtocol;

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
        acl_access *on_unsupported_protocol;

        acl_access *ftp_epsv;

        acl_access *forceRequestBodyContinuation;
        acl_access *serverPconnForNonretriable;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    Store::DiskConfig cacheSwap;

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
#endif

    struct {
        struct {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM

    struct {

        Ip::Address addr;
        int ttl;
        unsigned short port;
        char *encode_key;
    } mcast_miss;
#endif

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
        char *certSignHash;
    } SSL;
#endif

    wordlist *ext_methods;

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

    struct {
        Security::ContextPtr sslContext;
#if USE_OPENSSL
        char *foreignIntermediateCertsPath;
        acl_access *cert_error;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
#endif
    } ssl_client;

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    wordlist *loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    struct UrlHelperTimeout {
        int action;
        char *response;
    } onUrlRewriteTimeout;

    char *storeId_extras;

    struct {
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;

};

extern SquidConfig Config;

class SquidConfig2
{
public:
    struct {
        int enable_purge;
        int mangle_request_headers;
    } onoff;
    uid_t effectiveUserID;
    gid_t effectiveGroupID;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SQUIDCONFIG_H_ */
Commit	Line	Data
4d5904f7	1	/*
ef57eb7b	2	* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4d5904f7	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
4d5904f7 FC	7	*/
4d5904f7 FC	8
bbc27441 AJ	9	#ifndef SQUID_SQUIDCONFIG_H_
	10	#define SQUID_SQUIDCONFIG_H_
	11
6f58d7d7	12	#include "acl/forward.h"
8bf217bd	13	#include "base/RefCount.h"
c50b35b5	14	#include "base/YesNoNone.h"
4d5904f7 FC	15	#include "ClientDelayConfig.h"
4d5904f7 FC	16	#include "DelayConfig.h"
76d9b994	17	#include "helper/ChildConfig.h"
4d5904f7	18	#include "HttpHeaderTools.h"
4d5904f7	19	#include "ip/Address.h"
d7f4a0b7	20	#include "Notes.h"
a465e144	21	#include "security/forward.h"
6ebc477d	22	#include "SquidTime.h"
866be11c CT	23	#if USE_OPENSSL
	24	#include "ssl/support.h"
	25	#endif
2745fea5	26	#include "store/forward.h"
4d5904f7	27
cb4f4424	28	#if USE_OPENSSL
d9c7489e FC	29	class sslproxy_cert_sign;
d9c7489e FC	30	class sslproxy_cert_adapt;
a011edee FC	31	#endif
a011edee FC	32
e4a14600 A	33	namespace Mgr
e4a14600 A	34	{
613924ee FC	35	class ActionPasswordList;
613924ee FC	36	} // namespace Mgr
7a5b5df7	37	class CachePeer;
613924ee	38	class CustomLog;
c6983ec7	39	class CpuAffinityMap;
613924ee	40	class external_acl;
4d5904f7	41	class HeaderManglers;
8d9a8184	42	class RefreshPattern;
4d5904f7 FC	43	class RemovalPolicySettings;
4d5904f7 FC	44
e4a14600 A	45	namespace AnyP
e4a14600 A	46	{
4d5904f7 FC	47	class PortCfg;
	48	}
	49
2745fea5 AR	50	namespace Store {
	51	class DiskConfig {
	52	public:
	53	RefCount<SwapDir> *swapDirs;
	54	int n_allocated;
	55	int n_configured;
	56	/// number of disk processes required to support all cache_dirs
	57	int n_strands;
	58	};
	59	#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
	60	}
	61
001d55dc	62	/// the representation of the configuration. POD.
1b2f0924 FC	63	class SquidConfig
1b2f0924 FC	64	{
4d5904f7 FC	65	public:
	66	struct {
	67	/* These should be for the Store::Root instance.
	68	* this needs pluggable parsing to be done smoothly.
	69	*/
	70	int highWaterMark;
	71	int lowWaterMark;
	72	} Swap;
	73
	74	YesNoNone memShared; ///< whether the memory cache is shared among workers
c756d517	75	YesNoNone shmLocking; ///< shared_memory_locking
4d5904f7 FC	76	size_t memMaxSize;
	77
	78	struct {
	79	int64_t min;
	80	int pct;
	81	int64_t max;
	82	} quickAbort;
	83	int64_t readAheadGap;
	84	RemovalPolicySettings *replPolicy;
	85	RemovalPolicySettings *memPolicy;
	86	#if USE_HTTP_VIOLATIONS
	87	time_t negativeTtl;
	88	#endif
	89	time_t maxStale;
	90	time_t negativeDnsTtl;
	91	time_t positiveDnsTtl;
	92	time_t shutdownLifetime;
	93	time_t backgroundPingRate;
	94
	95	struct {
	96	time_t read;
	97	time_t write;
	98	time_t lifetime;
	99	time_t connect;
	100	time_t forward;
	101	time_t peer_connect;
	102	time_t request;
	103	time_t clientIdlePconn;
	104	time_t serverIdlePconn;
f6e8754a	105	time_t ftpClientIdle;
c5c06f02	106	time_t pconnLifetime; ///< pconn_lifetime in squid.conf
4d5904f7 FC	107	time_t siteSelect;
4d5904f7 FC	108	time_t deadPeer;
3248e962	109	time_t request_start_timeout;
4d5904f7 FC	110	int icp_query; /* msec */
	111	int icp_query_max; /* msec */
	112	int icp_query_min; /* msec */
	113	int mcast_icp_query; /* msec */
4d5904f7 FC	114	time_msec_t idns_retransmit;
4d5904f7 FC	115	time_msec_t idns_query;
32fd6d8a	116	time_t urlRewrite;
4d5904f7 FC	117	} Timeout;
	118	size_t maxRequestHeaderSize;
	119	int64_t maxRequestBodySize;
4d5904f7 FC	120	size_t maxRequestBufferSize;
4d5904f7 FC	121	size_t maxReplyHeaderSize;
1328cfb7	122	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	123
	124	struct {
	125	unsigned short icp;
	126	#if USE_HTCP
	127
	128	unsigned short htcp;
	129	#endif
	130	#if SQUID_SNMP
	131
	132	unsigned short snmp;
	133	#endif
	134	} Port;
	135
4d5904f7 FC	136	#if SQUID_SNMP
	137
	138	struct {
	139	char *configFile;
	140	char *agentInfo;
	141	} Snmp;
	142	#endif
	143	#if USE_WCCP
	144
	145	struct {
	146	Ip::Address router;
	147	Ip::Address address;
	148	int version;
	149	} Wccp;
	150	#endif
	151	#if USE_WCCPv2
	152
	153	struct {
	154	Ip::Address_list *router;
	155	Ip::Address address;
	156	int forwarding_method;
	157	int return_method;
	158	int assignment_method;
	159	int weight;
	160	int rebuildwait;
	161	void *info;
	162	} Wccp2;
	163	#endif
	164
4d5904f7 FC	165	char *as_whois_server;
	166
	167	struct {
	168	char *store;
	169	char *swap;
87ddff6e	170	CustomLog *accesslogs;
4d5904f7	171	#if ICAP_CLIENT
87ddff6e	172	CustomLog *icaplogs;
4d5904f7 FC	173	#endif
	174	int rotateNumber;
	175	} Log;
	176	char *adminEmail;
	177	char *EmailFrom;
	178	char *EmailProgram;
	179	char *effectiveUser;
	180	char *visible_appname_string;
	181	char *effectiveGroup;
	182
	183	struct {
4d5904f7	184	wordlist *redirect;
a8a0b1c2	185	wordlist *store_id;
4d5904f7 FC	186	#if USE_UNLINKD
	187
	188	char *unlinkd;
	189	#endif
	190
	191	char *diskd;
cb4f4424	192	#if USE_OPENSSL
4d5904f7 FC	193
	194	char *ssl_password;
	195	#endif
	196
	197	} Program;
4d5904f7	198
76d9b994 AJ	199	Helper::ChildConfig redirectChildren;
76d9b994 AJ	200	Helper::ChildConfig storeIdChildren;
4d5904f7 FC	201	time_t authenticateGCInterval;
	202	time_t authenticateTTL;
	203	time_t authenticateIpTTL;
	204
	205	struct {
	206	char *surrogate_id;
	207	} Accel;
	208	char *appendDomain;
	209	size_t appendDomainLen;
	210	char *pidFilename;
	211	char *netdbFilename;
	212	char *mimeTablePathname;
	213	char *etcHostsPath;
	214	char *visibleHostname;
	215	char *uniqueHostname;
	216	wordlist *hostnameAliases;
	217	char *errHtmlText;
	218
	219	struct {
	220	char *host;
	221	char *file;
	222	time_t period;
	223	unsigned short port;
	224	} Announce;
	225
	226	struct {
	227
	228	Ip::Address udp_incoming;
	229	Ip::Address udp_outgoing;
	230	#if SQUID_SNMP
	231	Ip::Address snmp_incoming;
	232	Ip::Address snmp_outgoing;
	233	#endif
	234	/* FIXME INET6 : this should really be a CIDR value */
	235	Ip::Address client_netmask;
	236	} Addrs;
	237	size_t tcpRcvBufsz;
	238	size_t udpMaxHitObjsz;
4d5904f7 FC	239	wordlist *mcast_group_list;
4d5904f7 FC	240	wordlist *dns_nameservers;
a3c6762c	241	CachePeer *peers;
4d5904f7 FC	242	int npeers;
	243
	244	struct {
	245	int size;
	246	int low;
	247	int high;
	248	} ipcache;
	249
	250	struct {
	251	int size;
	252	} fqdncache;
	253	int minDirectHops;
	254	int minDirectRtt;
613924ee	255	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	256
	257	struct {
	258	int objectsPerBucket;
	259	int64_t avgObjectSize;
	260	int64_t maxObjectSize;
	261	int64_t minObjectSize;
	262	size_t maxInMemObjSize;
	263	} Store;
	264
	265	struct {
	266	int high;
	267	int low;
	268	time_t period;
	269	} Netdb;
	270
	271	struct {
	272	int log_udp;
	273	int res_defnames;
	274	int anonymizer;
	275	int client_db;
	276	int query_icmp;
	277	int icp_hit_stale;
	278	int buffered_logs;
	279	int common_log;
	280	int log_mime_hdrs;
	281	int log_fqdn;
	282	int announce;
	283	int mem_pools;
	284	int test_reachability;
	285	int half_closed_clients;
	286	int refresh_all_ims;
	287	#if USE_HTTP_VIOLATIONS
	288
	289	int reload_into_ims;
	290	#endif
	291
	292	int offline;
	293	int redir_rewrites_host;
	294	int prefer_direct;
	295	int nonhierarchical_direct;
	296	int strip_query_terms;
	297	int redirector_bypass;
a8a0b1c2	298	int store_id_bypass;
4d5904f7 FC	299	int ignore_unknown_nameservers;
	300	int client_pconns;
	301	int server_pconns;
	302	int error_pconns;
	303	#if USE_CACHE_DIGESTS
	304
	305	int digest_generation;
	306	#endif
	307
	308	int ie_refresh;
	309	int vary_ignore_expire;
4d5904f7 FC	310	int surrogate_is_remote;
	311	int request_entities;
	312	int detect_broken_server_pconns;
	313	int balance_on_multiple_ip;
	314	int relaxed_header_parser;
	315	int check_hostnames;
	316	int allow_underscore;
	317	int via;
96598f93	318	int cache_miss_revalidate;
4d5904f7 FC	319	int emailErrData;
	320	int httpd_suppress_version_string;
	321	int global_internal_static;
55eae904	322	int collapsed_forwarding;
4d5904f7 FC	323
	324	#if FOLLOW_X_FORWARDED_FOR
	325	int acl_uses_indirect_client;
	326	int delay_pool_uses_indirect_client;
	327	int log_uses_indirect_client;
	328	#if LINUX_NETFILTER
	329	int tproxy_uses_indirect_client;
	330	#endif
	331	#endif /* FOLLOW_X_FORWARDED_FOR */
	332
	333	int WIN32_IpAddrChangeMonitor;
	334	int memory_cache_first;
	335	int memory_cache_disk;
	336	int hostStrictVerify;
	337	int client_dst_passthru;
bce61b00	338	int dns_mdns;
2bcab852 CT	339	#if USE_OPENSSL
	340	bool logTlsServerHelloDetails;
	341	#endif
4d5904f7 FC	342	} onoff;
4d5904f7 FC	343
8f7dbf74 DD	344	int64_t collapsed_forwarding_shared_entries_limit;
8f7dbf74 DD	345
079a8480 AJ	346	int pipeline_max_prefetch;
079a8480 AJ	347
4d5904f7 FC	348	int forward_max_tries;
	349	int connect_retries;
	350
	351	class ACL *aclList;
	352
	353	struct {
	354	acl_access *http;
	355	acl_access *adapted_http;
	356	acl_access *icp;
	357	acl_access *miss;
	358	acl_access *NeverDirect;
	359	acl_access *AlwaysDirect;
	360	acl_access *ASlists;
	361	acl_access *noCache;
70706149 AR	362	acl_access *sendHit;
70706149 AR	363	acl_access *storeMiss;
8ebad780	364	acl_access *stats_collection;
4d5904f7 FC	365	#if SQUID_SNMP
	366
	367	acl_access *snmp;
	368	#endif
	369	#if USE_HTTP_VIOLATIONS
	370	acl_access *brokenPosts;
	371	#endif
	372	acl_access *redirector;
a8a0b1c2	373	acl_access *store_id;
4d5904f7	374	acl_access *reply;
289848ca	375	Acl::Address *outgoing_address;
4d5904f7 FC	376	#if USE_HTCP
	377
	378	acl_access *htcp;
	379	acl_access *htcp_clr;
	380	#endif
	381
cb4f4424	382	#if USE_OPENSSL
4d5904f7 FC	383	acl_access *ssl_bump;
4d5904f7 FC	384	#endif
33b24cf0	385	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	386	acl_access *followXFF;
33b24cf0	387	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	388
d3d92daa AJ	389	/// acceptible PROXY protocol clients
	390	acl_access *proxyProtocol;
	391
0d901ef4 SH	392	/// spoof_client_ip squid.conf acl.
	393	/// nil unless configured
	394	acl_access* spoof_client_ip;
3248e962	395	acl_access *on_unsupported_protocol;
ddf5aa2b CT	396
ddf5aa2b CT	397	acl_access *ftp_epsv;
ec69bdb2 CT	398
ec69bdb2 CT	399	acl_access *forceRequestBodyContinuation;
afc753f3	400	acl_access *serverPconnForNonretriable;
4d5904f7	401	} accessList;
7f0b3324	402	AclDenyInfoList *denyInfoList;
4d5904f7 FC	403
	404	struct {
	405	size_t list_width;
	406	int list_wrap;
	407	char *anon_user;
	408	int passive;
	409	int epsv_all;
	410	int epsv;
	411	int eprt;
	412	int sanitycheck;
	413	int telnet;
	414	} Ftp;
8d9a8184	415	RefreshPattern *Refresh;
4d5904f7	416
2745fea5	417	Store::DiskConfig cacheSwap;
4d5904f7 FC	418
	419	struct {
	420	char *directory;
	421	int use_short_names;
	422	} icons;
	423	char *errorDirectory;
	424	#if USE_ERR_LOCALES
	425	char *errorDefaultLanguage;
	426	int errorLogMissingLanguages;
	427	#endif
	428	char *errorStylesheet;
	429
	430	struct {
	431	int onerror;
	432	} retry;
	433
	434	struct {
	435	int64_t limit;
	436	} MemPools;
	437	#if USE_DELAY_POOLS
	438
	439	DelayConfig Delay;
	440	ClientDelayConfig ClientDelay;
	441	#endif
	442
	443	struct {
	444	struct {
	445	int average;
	446	int min_poll;
	447	} dns, udp, tcp;
	448	} comm_incoming;
	449	int max_open_disk_fds;
	450	int uri_whitespace;
1328cfb7	451	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	452	#if MULTICAST_MISS_STREAM
	453
	454	struct {
	455
	456	Ip::Address addr;
	457	int ttl;
	458	unsigned short port;
	459	char *encode_key;
	460	} mcast_miss;
	461	#endif
	462
	463	/// request_header_access and request_header_replace
	464	HeaderManglers *request_header_access;
	465	/// reply_header_access and reply_header_replace
	466	HeaderManglers *reply_header_access;
	467	///request_header_add access list
	468	HeaderWithAclList *request_header_add;
d7f4a0b7 CT	469	///note
d7f4a0b7 CT	470	Notes notes;
4d5904f7 FC	471	char *coredump_dir;
	472	char *chroot_dir;
	473	#if USE_CACHE_DIGESTS
	474
	475	struct {
	476	int bits_per_entry;
	477	time_t rebuild_period;
	478	time_t rewrite_period;
	479	size_t swapout_chunk_size;
	480	int rebuild_chunk_percentage;
	481	} digest;
	482	#endif
cb4f4424	483	#if USE_OPENSSL
4d5904f7 FC	484
	485	struct {
	486	int unclean_shutdown;
	487	char *ssl_engine;
10a69fc0 CT	488	int session_ttl;
10a69fc0 CT	489	size_t sessionCacheSize;
3c26b00a	490	char *certSignHash;
4d5904f7 FC	491	} SSL;
	492	#endif
	493
	494	wordlist *ext_methods;
	495
	496	struct {
	497	int high_rptm;
	498	int high_pf;
	499	size_t high_memory;
	500	} warnings;
	501	char *store_dir_select_algorithm;
	502	int sleep_after_fork; /* microseconds */
	503	time_t minimum_expiry_time; /* seconds */
	504	external_acl *externalAclHelperList;
	505
4d5904f7	506	struct {
96993ee0	507	Security::ContextPtr sslContext;
a465e144	508	#if USE_OPENSSL
866be11c	509	char *foreignIntermediateCertsPath;
4d5904f7	510	acl_access *cert_error;
4d5904f7 FC	511	sslproxy_cert_sign *cert_sign;
4d5904f7 FC	512	sslproxy_cert_adapt *cert_adapt;
4d5904f7	513	#endif
a465e144	514	} ssl_client;
4d5904f7 FC	515
	516	char *accept_filter;
	517	int umask;
	518	int max_filedescriptors;
	519	int workers;
	520	CpuAffinityMap *cpuAffinityMap;
	521
	522	#if USE_LOADABLE_MODULES
	523	wordlist *loadable_module_names;
	524	#endif
	525
	526	int client_ip_max_connections;
	527
b11724bb CT	528	char *redirector_extras;
b11724bb CT	529
ced8def3	530	struct UrlHelperTimeout {
32fd6d8a CT	531	int action;
	532	char *response;
	533	} onUrlRewriteTimeout;
	534
b11724bb CT	535	char *storeId_extras;
b11724bb CT	536
4d5904f7 FC	537	struct {
	538	int v4_first; ///< Place IPv4 first in the order of DNS results.
	539	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	540	} dns;
	541
	542	};
	543
	544	extern SquidConfig Config;
	545
5fed1735 AJ	546	class SquidConfig2
	547	{
	548	public:
7957fca1 FC	549	struct {
	550	int enable_purge;
	551	int mangle_request_headers;
	552	} onoff;
	553	uid_t effectiveUserID;
	554	gid_t effectiveGroupID;
	555	};
	556
	557	extern SquidConfig2 Config2;
	558
4d5904f7	559	#endif /* SQUID_SQUIDCONFIG_H_ */
f53969cc	560