]> git.ipfire.org Git - thirdparty/squid.git/blob - src/SquidConfig.h
projects / thirdparty / squid.git / blob
? search:


8ac9a47b94112d43ecb74616537b6cb0968c1131
[thirdparty/squid.git] / src / SquidConfig.h
1 /*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9 #ifndef SQUID_SRC_SQUIDCONFIG_H
10 #define SQUID_SRC_SQUIDCONFIG_H
11
12 #include "acl/forward.h"
13 #include "base/RefCount.h"
14 #include "base/YesNoNone.h"
15 #if USE_DELAY_POOLS
16 #include "ClientDelayConfig.h"
17 #include "DelayConfig.h"
18 #endif
19 #include "helper/ChildConfig.h"
20 #include "HttpHeaderTools.h"
21 #include "ip/Address.h"
22 #if USE_DELAY_POOLS
23 #include "MessageDelayPools.h"
24 #endif
25 #include "Notes.h"
26 #include "security/Context.h"
27 #include "security/forward.h"
28 #if USE_OPENSSL
29 #include "ssl/support.h"
30 #endif
31 #include "store/Disk.h"
32 #include "store/forward.h"
33 #include "time/gadgets.h"
34
35 #include <chrono>
36
37 #if USE_OPENSSL
38 class sslproxy_cert_sign;
39 class sslproxy_cert_adapt;
40 #endif
41
42 namespace Mgr
43 {
44 class ActionPasswordList;
45 } // namespace Mgr
46
47 class CachePeers;
48 class CustomLog;
49 class CpuAffinityMap;
50 class DebugMessages;
51 class external_acl;
52 class HeaderManglers;
53 class RefreshPattern;
54 class RemovalPolicySettings;
55 class HttpUpgradeProtocolAccess;
56
57 namespace AnyP
58 {
59 class PortCfg;
60 }
61
62 namespace Store {
63 class DiskConfig {
64 public:
65 DiskConfig() { assert(swapDirs == nullptr); }
66 ~DiskConfig() { delete[] swapDirs; }
67
68 RefCount<SwapDir> *swapDirs = nullptr;
69 int n_allocated = 0;
70 int n_configured = 0;
71 /// number of disk processes required to support all cache_dirs
72 int n_strands = 0;
73 };
74 #define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
75 }
76
77 /// the representation of the configuration. POD.
78 class SquidConfig
79 {
80 public:
81 struct {
82 /* These should be for the Store::Root instance.
83 * this needs pluggable parsing to be done smoothly.
84 */
85 int highWaterMark;
86 int lowWaterMark;
87 } Swap;
88
89 YesNoNone memShared; ///< whether the memory cache is shared among workers
90 YesNoNone shmLocking; ///< shared_memory_locking
91 size_t memMaxSize;
92
93 struct {
94 int64_t min;
95 int pct;
96 int64_t max;
97 } quickAbort;
98 int64_t readAheadGap;
99 RemovalPolicySettings *replPolicy;
100 RemovalPolicySettings *memPolicy;
101 #if USE_HTTP_VIOLATIONS
102 time_t negativeTtl;
103 #endif
104 time_t maxStale;
105 time_t negativeDnsTtl;
106 time_t positiveDnsTtl;
107 time_t shutdownLifetime;
108 time_t backgroundPingRate;
109 time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay
110
111 struct {
112 time_t read;
113 time_t write;
114 time_t lifetime;
115 time_t connect;
116 time_t forward;
117 time_t peer_connect;
118 time_t request;
119 time_t clientIdlePconn;
120 time_t serverIdlePconn;
121 time_t ftpClientIdle;
122 time_t pconnLifetime; ///< pconn_lifetime in squid.conf
123 time_t siteSelect;
124 time_t deadPeer;
125 time_t request_start_timeout;
126 int icp_query; /* msec */
127 int icp_query_max; /* msec */
128 int icp_query_min; /* msec */
129 int mcast_icp_query; /* msec */
130 time_msec_t idns_retransmit;
131 time_msec_t idns_query;
132 time_t urlRewrite;
133 } Timeout;
134 size_t maxRequestHeaderSize;
135 int64_t maxRequestBodySize;
136 size_t maxRequestBufferSize;
137 size_t maxReplyHeaderSize;
138 AclSizeLimit *ReplyBodySize;
139
140 struct {
141 unsigned short icp;
142 #if USE_HTCP
143
144 unsigned short htcp;
145 #endif
146 #if SQUID_SNMP
147
148 unsigned short snmp;
149 #endif
150 } Port;
151
152 #if SQUID_SNMP
153
154 struct {
155 char *configFile;
156 char *agentInfo;
157 } Snmp;
158 #endif
159 #if USE_WCCP
160
161 struct {
162 Ip::Address router;
163 Ip::Address address;
164 int version;
165 } Wccp;
166 #endif
167 #if USE_WCCPv2
168
169 struct {
170 Ip::Address_list *router;
171 Ip::Address address;
172 int forwarding_method;
173 int return_method;
174 int assignment_method;
175 int weight;
176 int rebuildwait;
177 void *info;
178 } Wccp2;
179 #endif
180
181 char *as_whois_server;
182
183 struct {
184 char *store;
185 char *swap;
186 CustomLog *accesslogs;
187 #if ICAP_CLIENT
188 CustomLog *icaplogs;
189 #endif
190 Security::KeyLog *tlsKeys; ///< one optional tls_key_log
191 int rotateNumber;
192 } Log;
193 char *adminEmail;
194 char *EmailFrom;
195 char *EmailProgram;
196 char *effectiveUser;
197 char *visible_appname_string;
198 char *effectiveGroup;
199
200 struct {
201 wordlist *redirect;
202 wordlist *store_id;
203 #if USE_UNLINKD
204
205 char *unlinkd;
206 #endif
207
208 char *diskd;
209 #if USE_OPENSSL
210
211 char *ssl_password;
212 #endif
213
214 } Program;
215
216 Helper::ChildConfig redirectChildren;
217 Helper::ChildConfig storeIdChildren;
218
219 struct {
220 char *surrogate_id;
221 } Accel;
222 char *appendDomain;
223 size_t appendDomainLen;
224 char *pidFilename;
225 char *netdbFilename;
226 char *mimeTablePathname;
227 char *etcHostsPath;
228 char *visibleHostname;
229 char *uniqueHostname;
230 SBufList hostnameAliases;
231 char *errHtmlText;
232
233 struct {
234
235 Ip::Address udp_incoming;
236 Ip::Address udp_outgoing;
237 #if SQUID_SNMP
238 Ip::Address snmp_incoming;
239 Ip::Address snmp_outgoing;
240 #endif
241 // TODO: this should really be a CIDR value
242 Ip::Address client_netmask;
243 } Addrs;
244 size_t tcpRcvBufsz;
245 size_t udpMaxHitObjsz;
246 wordlist *mcast_group_list;
247 CachePeers *peers;
248 int npeers;
249
250 struct {
251 int size;
252 int low;
253 int high;
254 } ipcache;
255
256 struct {
257 int size;
258 } fqdncache;
259 int minDirectHops;
260 int minDirectRtt;
261 Mgr::ActionPasswordList *passwd_list;
262
263 struct {
264 int objectsPerBucket;
265 int64_t avgObjectSize;
266 int64_t maxObjectSize;
267 int64_t minObjectSize;
268 size_t maxInMemObjSize;
269 } Store;
270
271 struct {
272 int high;
273 int low;
274 time_t period;
275 } Netdb;
276
277 struct {
278 int log_udp;
279 int res_defnames;
280 int anonymizer;
281 int client_db;
282 int query_icmp;
283 int icp_hit_stale;
284 int buffered_logs;
285 int common_log;
286 int log_mime_hdrs;
287 int mem_pools;
288 int test_reachability;
289 int half_closed_clients;
290 int refresh_all_ims;
291 #if USE_HTTP_VIOLATIONS
292
293 int reload_into_ims;
294 #endif
295
296 int offline;
297 int redir_rewrites_host;
298 int prefer_direct;
299 int nonhierarchical_direct;
300 int strip_query_terms;
301 int redirector_bypass;
302 int store_id_bypass;
303 int ignore_unknown_nameservers;
304 int client_pconns;
305 int server_pconns;
306 int error_pconns;
307 #if USE_CACHE_DIGESTS
308
309 int digest_generation;
310 #endif
311
312 int vary_ignore_expire;
313 int surrogate_is_remote;
314 int detect_broken_server_pconns;
315 int relaxed_header_parser;
316 int check_hostnames;
317 int allow_underscore;
318 int via;
319 int cache_miss_revalidate;
320 int emailErrData;
321 int httpd_suppress_version_string;
322 int global_internal_static;
323 int collapsed_forwarding;
324
325 #if FOLLOW_X_FORWARDED_FOR
326 int acl_uses_indirect_client;
327 int delay_pool_uses_indirect_client;
328 int log_uses_indirect_client;
329 #if LINUX_NETFILTER
330 int tproxy_uses_indirect_client;
331 #endif
332 #endif /* FOLLOW_X_FORWARDED_FOR */
333
334 int WIN32_IpAddrChangeMonitor;
335 int memory_cache_first;
336 int memory_cache_disk;
337 int hostStrictVerify;
338 int client_dst_passthru;
339 int dns_mdns;
340 #if USE_OPENSSL
341 bool logTlsServerHelloDetails;
342 #endif
343 } onoff;
344
345 int64_t shared_transient_entries_limit;
346
347 int pipeline_max_prefetch;
348
349 // these values are actually unsigned
350 // TODO: extend the parser to support more nuanced types
351 int forward_max_tries;
352 int connect_retries;
353
354 std::chrono::nanoseconds paranoid_hit_validation;
355
356 class Acl::Node *aclList;
357
358 struct {
359 acl_access *http;
360 acl_access *adapted_http;
361 acl_access *icp;
362 acl_access *miss;
363 acl_access *NeverDirect;
364 acl_access *AlwaysDirect;
365 acl_access *ASlists;
366 acl_access *noCache;
367 acl_access *sendHit;
368 acl_access *storeMiss;
369 acl_access *stats_collection;
370 #if SQUID_SNMP
371
372 acl_access *snmp;
373 #endif
374 #if USE_HTTP_VIOLATIONS
375 acl_access *brokenPosts;
376 #endif
377 acl_access *redirector;
378 acl_access *store_id;
379 acl_access *reply;
380 Acl::Address *outgoing_address;
381 #if USE_HTCP
382
383 acl_access *htcp;
384 acl_access *htcp_clr;
385 #endif
386
387 #if USE_OPENSSL
388 acl_access *ssl_bump;
389 #endif
390 #if FOLLOW_X_FORWARDED_FOR
391 acl_access *followXFF;
392 #endif /* FOLLOW_X_FORWARDED_FOR */
393
394 /// acceptable PROXY protocol clients
395 acl_access *proxyProtocol;
396
397 /// spoof_client_ip squid.conf acl.
398 /// nil unless configured
399 acl_access* spoof_client_ip;
400 acl_access *on_unsupported_protocol;
401
402 acl_access *ftp_epsv;
403
404 acl_access *forceRequestBodyContinuation;
405 acl_access *serverPconnForNonretriable;
406 acl_access *collapsedForwardingAccess;
407 } accessList;
408 AclDenyInfoList *denyInfoList;
409
410 struct {
411 size_t list_width;
412 int list_wrap;
413 char *anon_user;
414 int passive;
415 int epsv_all;
416 int epsv;
417 int eprt;
418 int sanitycheck;
419 int telnet;
420 } Ftp;
421 RefreshPattern *Refresh;
422
423 Store::DiskConfig cacheSwap;
424
425 struct {
426 char *directory;
427 int use_short_names;
428 } icons;
429 char *errorDirectory;
430 #if USE_ERR_LOCALES
431 char *errorDefaultLanguage;
432 int errorLogMissingLanguages;
433 #endif
434 char *errorStylesheet;
435
436 struct {
437 int onerror;
438 } retry;
439
440 struct {
441 int64_t limit;
442 } MemPools;
443 #if USE_DELAY_POOLS
444
445 DelayConfig Delay;
446 ClientDelayConfig ClientDelay;
447 MessageDelayConfig MessageDelay;
448 #endif
449
450 struct CommIncoming {
451 struct Measure {
452 int average;
453 int min_poll;
454 } dns, udp, tcp;
455 } comm_incoming;
456 int max_open_disk_fds;
457 int uri_whitespace;
458 AclSizeLimit *rangeOffsetLimit;
459
460 /// request_header_access and request_header_replace
461 HeaderManglers *request_header_access;
462 /// reply_header_access and reply_header_replace
463 HeaderManglers *reply_header_access;
464 ///request_header_add access list
465 HeaderWithAclList *request_header_add;
466 ///reply_header_add access list
467 HeaderWithAclList *reply_header_add;
468 /// http_upgrade_request_protocols
469 HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
470 ///note
471 Notes notes;
472 char *coredump_dir;
473 char *chroot_dir;
474 #if USE_CACHE_DIGESTS
475
476 struct {
477 int bits_per_entry;
478 time_t rebuild_period;
479 time_t rewrite_period;
480 size_t swapout_chunk_size;
481 int rebuild_chunk_percentage;
482 } digest;
483 #endif
484 #if USE_OPENSSL
485
486 struct {
487 int unclean_shutdown;
488 char *ssl_engine;
489 int session_ttl;
490 size_t sessionCacheSize;
491 char *certSignHash;
492 } SSL;
493 #endif
494
495 struct {
496 int high_rptm;
497 int high_pf;
498 size_t high_memory;
499 } warnings;
500 char *store_dir_select_algorithm;
501 int sleep_after_fork; /* microseconds */
502 time_t minimum_expiry_time; /* seconds */
503 external_acl *externalAclHelperList;
504
505 struct {
506 Security::ContextPointer sslContext;
507 #if USE_OPENSSL
508 char *foreignIntermediateCertsPath;
509 acl_access *cert_error;
510 sslproxy_cert_sign *cert_sign;
511 sslproxy_cert_adapt *cert_adapt;
512 #endif
513 } ssl_client;
514
515 char *accept_filter;
516 int umask;
517 int max_filedescriptors;
518 int workers;
519 CpuAffinityMap *cpuAffinityMap;
520
521 #if USE_LOADABLE_MODULES
522 SBufList loadable_module_names;
523 #endif
524
525 int client_ip_max_connections;
526
527 char *redirector_extras;
528
529 struct UrlHelperTimeout {
530 int action;
531 char *response;
532 } onUrlRewriteTimeout;
533
534 char *storeId_extras;
535
536 struct {
537 SBufList nameservers;
538 int v4_first; ///< Place IPv4 first in the order of DNS results.
539 ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
540 } dns;
541
542 struct {
543 int connect_limit;
544 int connect_gap;
545 int connect_timeout;
546 } happyEyeballs;
547 };
548
549 extern SquidConfig Config;
550
551 class SquidConfig2
552 {
553 public:
554 void clear() {
555 *this = SquidConfig2();
556 }
557
558 struct {
559 int enable_purge = 0;
560 } onoff;
561 uid_t effectiveUserID = 0;
562 gid_t effectiveGroupID = 0;
563 };
564
565 extern SquidConfig2 Config2;
566
567 #endif /* SQUID_SRC_SQUIDCONFIG_H */
568
Mirror of https://github.com/squid-cache/squid.git