]>
Commit | Line | Data |
---|---|---|
4d5904f7 | 1 | /* |
5b74111a | 2 | * Copyright (C) 1996-2018 The Squid Software Foundation and contributors |
4d5904f7 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
4d5904f7 FC |
7 | */ |
8 | ||
bbc27441 AJ |
9 | #ifndef SQUID_SQUIDCONFIG_H_ |
10 | #define SQUID_SQUIDCONFIG_H_ | |
11 | ||
6f58d7d7 | 12 | #include "acl/forward.h" |
8bf217bd | 13 | #include "base/RefCount.h" |
c50b35b5 | 14 | #include "base/YesNoNone.h" |
b27668ec | 15 | #if USE_DELAY_POOLS |
4d5904f7 FC |
16 | #include "ClientDelayConfig.h" |
17 | #include "DelayConfig.h" | |
b27668ec | 18 | #endif |
76d9b994 | 19 | #include "helper/ChildConfig.h" |
4d5904f7 | 20 | #include "HttpHeaderTools.h" |
4d5904f7 | 21 | #include "ip/Address.h" |
b27668ec EB |
22 | #if USE_DELAY_POOLS |
23 | #include "MessageDelayPools.h" | |
24 | #endif | |
d7f4a0b7 | 25 | #include "Notes.h" |
a465e144 | 26 | #include "security/forward.h" |
6ebc477d | 27 | #include "SquidTime.h" |
866be11c CT |
28 | #if USE_OPENSSL |
29 | #include "ssl/support.h" | |
30 | #endif | |
2745fea5 | 31 | #include "store/forward.h" |
4d5904f7 | 32 | |
cb4f4424 | 33 | #if USE_OPENSSL |
d9c7489e FC |
34 | class sslproxy_cert_sign; |
35 | class sslproxy_cert_adapt; | |
a011edee FC |
36 | #endif |
37 | ||
e4a14600 A |
38 | namespace Mgr |
39 | { | |
613924ee FC |
40 | class ActionPasswordList; |
41 | } // namespace Mgr | |
7a5b5df7 | 42 | class CachePeer; |
613924ee | 43 | class CustomLog; |
c6983ec7 | 44 | class CpuAffinityMap; |
613924ee | 45 | class external_acl; |
4d5904f7 | 46 | class HeaderManglers; |
8d9a8184 | 47 | class RefreshPattern; |
4d5904f7 FC |
48 | class RemovalPolicySettings; |
49 | ||
e4a14600 A |
50 | namespace AnyP |
51 | { | |
4d5904f7 FC |
52 | class PortCfg; |
53 | } | |
54 | ||
2745fea5 AR |
55 | namespace Store { |
56 | class DiskConfig { | |
57 | public: | |
58 | RefCount<SwapDir> *swapDirs; | |
59 | int n_allocated; | |
60 | int n_configured; | |
61 | /// number of disk processes required to support all cache_dirs | |
62 | int n_strands; | |
63 | }; | |
64 | #define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw()) | |
65 | } | |
66 | ||
001d55dc | 67 | /// the representation of the configuration. POD. |
1b2f0924 FC |
68 | class SquidConfig |
69 | { | |
4d5904f7 FC |
70 | public: |
71 | struct { | |
72 | /* These should be for the Store::Root instance. | |
73 | * this needs pluggable parsing to be done smoothly. | |
74 | */ | |
75 | int highWaterMark; | |
76 | int lowWaterMark; | |
77 | } Swap; | |
78 | ||
79 | YesNoNone memShared; ///< whether the memory cache is shared among workers | |
c756d517 | 80 | YesNoNone shmLocking; ///< shared_memory_locking |
4d5904f7 FC |
81 | size_t memMaxSize; |
82 | ||
83 | struct { | |
84 | int64_t min; | |
85 | int pct; | |
86 | int64_t max; | |
87 | } quickAbort; | |
88 | int64_t readAheadGap; | |
89 | RemovalPolicySettings *replPolicy; | |
90 | RemovalPolicySettings *memPolicy; | |
91 | #if USE_HTTP_VIOLATIONS | |
92 | time_t negativeTtl; | |
93 | #endif | |
94 | time_t maxStale; | |
95 | time_t negativeDnsTtl; | |
96 | time_t positiveDnsTtl; | |
97 | time_t shutdownLifetime; | |
98 | time_t backgroundPingRate; | |
00e2479d | 99 | time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay |
4d5904f7 FC |
100 | |
101 | struct { | |
102 | time_t read; | |
103 | time_t write; | |
104 | time_t lifetime; | |
105 | time_t connect; | |
106 | time_t forward; | |
107 | time_t peer_connect; | |
108 | time_t request; | |
109 | time_t clientIdlePconn; | |
110 | time_t serverIdlePconn; | |
f6e8754a | 111 | time_t ftpClientIdle; |
c5c06f02 | 112 | time_t pconnLifetime; ///< pconn_lifetime in squid.conf |
4d5904f7 FC |
113 | time_t siteSelect; |
114 | time_t deadPeer; | |
3248e962 | 115 | time_t request_start_timeout; |
4d5904f7 FC |
116 | int icp_query; /* msec */ |
117 | int icp_query_max; /* msec */ | |
118 | int icp_query_min; /* msec */ | |
119 | int mcast_icp_query; /* msec */ | |
4d5904f7 FC |
120 | time_msec_t idns_retransmit; |
121 | time_msec_t idns_query; | |
32fd6d8a | 122 | time_t urlRewrite; |
4d5904f7 FC |
123 | } Timeout; |
124 | size_t maxRequestHeaderSize; | |
125 | int64_t maxRequestBodySize; | |
4d5904f7 FC |
126 | size_t maxRequestBufferSize; |
127 | size_t maxReplyHeaderSize; | |
1328cfb7 | 128 | AclSizeLimit *ReplyBodySize; |
4d5904f7 FC |
129 | |
130 | struct { | |
131 | unsigned short icp; | |
132 | #if USE_HTCP | |
133 | ||
134 | unsigned short htcp; | |
135 | #endif | |
136 | #if SQUID_SNMP | |
137 | ||
138 | unsigned short snmp; | |
139 | #endif | |
140 | } Port; | |
141 | ||
4d5904f7 FC |
142 | #if SQUID_SNMP |
143 | ||
144 | struct { | |
145 | char *configFile; | |
146 | char *agentInfo; | |
147 | } Snmp; | |
148 | #endif | |
149 | #if USE_WCCP | |
150 | ||
151 | struct { | |
152 | Ip::Address router; | |
153 | Ip::Address address; | |
154 | int version; | |
155 | } Wccp; | |
156 | #endif | |
157 | #if USE_WCCPv2 | |
158 | ||
159 | struct { | |
160 | Ip::Address_list *router; | |
161 | Ip::Address address; | |
162 | int forwarding_method; | |
163 | int return_method; | |
164 | int assignment_method; | |
165 | int weight; | |
166 | int rebuildwait; | |
167 | void *info; | |
168 | } Wccp2; | |
169 | #endif | |
170 | ||
4d5904f7 FC |
171 | char *as_whois_server; |
172 | ||
173 | struct { | |
174 | char *store; | |
175 | char *swap; | |
87ddff6e | 176 | CustomLog *accesslogs; |
4d5904f7 | 177 | #if ICAP_CLIENT |
87ddff6e | 178 | CustomLog *icaplogs; |
4d5904f7 FC |
179 | #endif |
180 | int rotateNumber; | |
181 | } Log; | |
182 | char *adminEmail; | |
183 | char *EmailFrom; | |
184 | char *EmailProgram; | |
185 | char *effectiveUser; | |
186 | char *visible_appname_string; | |
187 | char *effectiveGroup; | |
188 | ||
189 | struct { | |
4d5904f7 | 190 | wordlist *redirect; |
a8a0b1c2 | 191 | wordlist *store_id; |
4d5904f7 FC |
192 | #if USE_UNLINKD |
193 | ||
194 | char *unlinkd; | |
195 | #endif | |
196 | ||
197 | char *diskd; | |
cb4f4424 | 198 | #if USE_OPENSSL |
4d5904f7 FC |
199 | |
200 | char *ssl_password; | |
201 | #endif | |
202 | ||
203 | } Program; | |
4d5904f7 | 204 | |
76d9b994 AJ |
205 | Helper::ChildConfig redirectChildren; |
206 | Helper::ChildConfig storeIdChildren; | |
4d5904f7 FC |
207 | |
208 | struct { | |
209 | char *surrogate_id; | |
210 | } Accel; | |
211 | char *appendDomain; | |
212 | size_t appendDomainLen; | |
213 | char *pidFilename; | |
214 | char *netdbFilename; | |
215 | char *mimeTablePathname; | |
216 | char *etcHostsPath; | |
217 | char *visibleHostname; | |
218 | char *uniqueHostname; | |
219 | wordlist *hostnameAliases; | |
220 | char *errHtmlText; | |
221 | ||
222 | struct { | |
223 | char *host; | |
224 | char *file; | |
225 | time_t period; | |
226 | unsigned short port; | |
227 | } Announce; | |
228 | ||
229 | struct { | |
230 | ||
231 | Ip::Address udp_incoming; | |
232 | Ip::Address udp_outgoing; | |
233 | #if SQUID_SNMP | |
234 | Ip::Address snmp_incoming; | |
235 | Ip::Address snmp_outgoing; | |
236 | #endif | |
237 | /* FIXME INET6 : this should really be a CIDR value */ | |
238 | Ip::Address client_netmask; | |
239 | } Addrs; | |
240 | size_t tcpRcvBufsz; | |
241 | size_t udpMaxHitObjsz; | |
4d5904f7 | 242 | wordlist *mcast_group_list; |
a3c6762c | 243 | CachePeer *peers; |
4d5904f7 FC |
244 | int npeers; |
245 | ||
246 | struct { | |
247 | int size; | |
248 | int low; | |
249 | int high; | |
250 | } ipcache; | |
251 | ||
252 | struct { | |
253 | int size; | |
254 | } fqdncache; | |
255 | int minDirectHops; | |
256 | int minDirectRtt; | |
613924ee | 257 | Mgr::ActionPasswordList *passwd_list; |
4d5904f7 FC |
258 | |
259 | struct { | |
260 | int objectsPerBucket; | |
261 | int64_t avgObjectSize; | |
262 | int64_t maxObjectSize; | |
263 | int64_t minObjectSize; | |
264 | size_t maxInMemObjSize; | |
265 | } Store; | |
266 | ||
267 | struct { | |
268 | int high; | |
269 | int low; | |
270 | time_t period; | |
271 | } Netdb; | |
272 | ||
273 | struct { | |
274 | int log_udp; | |
275 | int res_defnames; | |
276 | int anonymizer; | |
277 | int client_db; | |
278 | int query_icmp; | |
279 | int icp_hit_stale; | |
280 | int buffered_logs; | |
281 | int common_log; | |
282 | int log_mime_hdrs; | |
283 | int log_fqdn; | |
284 | int announce; | |
285 | int mem_pools; | |
286 | int test_reachability; | |
287 | int half_closed_clients; | |
288 | int refresh_all_ims; | |
289 | #if USE_HTTP_VIOLATIONS | |
290 | ||
291 | int reload_into_ims; | |
292 | #endif | |
293 | ||
294 | int offline; | |
295 | int redir_rewrites_host; | |
296 | int prefer_direct; | |
297 | int nonhierarchical_direct; | |
298 | int strip_query_terms; | |
299 | int redirector_bypass; | |
a8a0b1c2 | 300 | int store_id_bypass; |
4d5904f7 FC |
301 | int ignore_unknown_nameservers; |
302 | int client_pconns; | |
303 | int server_pconns; | |
304 | int error_pconns; | |
305 | #if USE_CACHE_DIGESTS | |
306 | ||
307 | int digest_generation; | |
308 | #endif | |
309 | ||
4d5904f7 | 310 | int vary_ignore_expire; |
4d5904f7 FC |
311 | int surrogate_is_remote; |
312 | int request_entities; | |
313 | int detect_broken_server_pconns; | |
314 | int balance_on_multiple_ip; | |
315 | int relaxed_header_parser; | |
316 | int check_hostnames; | |
317 | int allow_underscore; | |
318 | int via; | |
96598f93 | 319 | int cache_miss_revalidate; |
4d5904f7 FC |
320 | int emailErrData; |
321 | int httpd_suppress_version_string; | |
322 | int global_internal_static; | |
55eae904 | 323 | int collapsed_forwarding; |
4d5904f7 FC |
324 | |
325 | #if FOLLOW_X_FORWARDED_FOR | |
326 | int acl_uses_indirect_client; | |
327 | int delay_pool_uses_indirect_client; | |
328 | int log_uses_indirect_client; | |
329 | #if LINUX_NETFILTER | |
330 | int tproxy_uses_indirect_client; | |
331 | #endif | |
332 | #endif /* FOLLOW_X_FORWARDED_FOR */ | |
333 | ||
334 | int WIN32_IpAddrChangeMonitor; | |
335 | int memory_cache_first; | |
336 | int memory_cache_disk; | |
337 | int hostStrictVerify; | |
338 | int client_dst_passthru; | |
bce61b00 | 339 | int dns_mdns; |
2bcab852 CT |
340 | #if USE_OPENSSL |
341 | bool logTlsServerHelloDetails; | |
342 | #endif | |
4d5904f7 FC |
343 | } onoff; |
344 | ||
daed75a9 | 345 | int64_t shared_transient_entries_limit; |
8f7dbf74 | 346 | |
079a8480 AJ |
347 | int pipeline_max_prefetch; |
348 | ||
4d5904f7 FC |
349 | int forward_max_tries; |
350 | int connect_retries; | |
351 | ||
352 | class ACL *aclList; | |
353 | ||
354 | struct { | |
355 | acl_access *http; | |
356 | acl_access *adapted_http; | |
357 | acl_access *icp; | |
358 | acl_access *miss; | |
359 | acl_access *NeverDirect; | |
360 | acl_access *AlwaysDirect; | |
361 | acl_access *ASlists; | |
362 | acl_access *noCache; | |
70706149 AR |
363 | acl_access *sendHit; |
364 | acl_access *storeMiss; | |
8ebad780 | 365 | acl_access *stats_collection; |
4d5904f7 FC |
366 | #if SQUID_SNMP |
367 | ||
368 | acl_access *snmp; | |
369 | #endif | |
370 | #if USE_HTTP_VIOLATIONS | |
371 | acl_access *brokenPosts; | |
372 | #endif | |
373 | acl_access *redirector; | |
a8a0b1c2 | 374 | acl_access *store_id; |
4d5904f7 | 375 | acl_access *reply; |
289848ca | 376 | Acl::Address *outgoing_address; |
4d5904f7 FC |
377 | #if USE_HTCP |
378 | ||
379 | acl_access *htcp; | |
380 | acl_access *htcp_clr; | |
381 | #endif | |
382 | ||
cb4f4424 | 383 | #if USE_OPENSSL |
4d5904f7 FC |
384 | acl_access *ssl_bump; |
385 | #endif | |
33b24cf0 | 386 | #if FOLLOW_X_FORWARDED_FOR |
4d5904f7 | 387 | acl_access *followXFF; |
33b24cf0 | 388 | #endif /* FOLLOW_X_FORWARDED_FOR */ |
4d5904f7 | 389 | |
d3d92daa AJ |
390 | /// acceptible PROXY protocol clients |
391 | acl_access *proxyProtocol; | |
392 | ||
0d901ef4 SH |
393 | /// spoof_client_ip squid.conf acl. |
394 | /// nil unless configured | |
395 | acl_access* spoof_client_ip; | |
3248e962 | 396 | acl_access *on_unsupported_protocol; |
ddf5aa2b CT |
397 | |
398 | acl_access *ftp_epsv; | |
ec69bdb2 CT |
399 | |
400 | acl_access *forceRequestBodyContinuation; | |
afc753f3 | 401 | acl_access *serverPconnForNonretriable; |
819be284 | 402 | acl_access *collapsedForwardingAccess; |
4d5904f7 | 403 | } accessList; |
7f0b3324 | 404 | AclDenyInfoList *denyInfoList; |
4d5904f7 FC |
405 | |
406 | struct { | |
407 | size_t list_width; | |
408 | int list_wrap; | |
409 | char *anon_user; | |
410 | int passive; | |
411 | int epsv_all; | |
412 | int epsv; | |
413 | int eprt; | |
414 | int sanitycheck; | |
415 | int telnet; | |
416 | } Ftp; | |
8d9a8184 | 417 | RefreshPattern *Refresh; |
4d5904f7 | 418 | |
2745fea5 | 419 | Store::DiskConfig cacheSwap; |
4d5904f7 FC |
420 | |
421 | struct { | |
422 | char *directory; | |
423 | int use_short_names; | |
424 | } icons; | |
425 | char *errorDirectory; | |
426 | #if USE_ERR_LOCALES | |
427 | char *errorDefaultLanguage; | |
428 | int errorLogMissingLanguages; | |
429 | #endif | |
430 | char *errorStylesheet; | |
431 | ||
432 | struct { | |
433 | int onerror; | |
434 | } retry; | |
435 | ||
436 | struct { | |
437 | int64_t limit; | |
438 | } MemPools; | |
439 | #if USE_DELAY_POOLS | |
440 | ||
441 | DelayConfig Delay; | |
442 | ClientDelayConfig ClientDelay; | |
b27668ec | 443 | MessageDelayConfig MessageDelay; |
4d5904f7 FC |
444 | #endif |
445 | ||
446 | struct { | |
447 | struct { | |
448 | int average; | |
449 | int min_poll; | |
450 | } dns, udp, tcp; | |
451 | } comm_incoming; | |
452 | int max_open_disk_fds; | |
453 | int uri_whitespace; | |
1328cfb7 | 454 | AclSizeLimit *rangeOffsetLimit; |
4d5904f7 FC |
455 | #if MULTICAST_MISS_STREAM |
456 | ||
457 | struct { | |
458 | ||
459 | Ip::Address addr; | |
460 | int ttl; | |
461 | unsigned short port; | |
462 | char *encode_key; | |
463 | } mcast_miss; | |
464 | #endif | |
465 | ||
466 | /// request_header_access and request_header_replace | |
467 | HeaderManglers *request_header_access; | |
468 | /// reply_header_access and reply_header_replace | |
469 | HeaderManglers *reply_header_access; | |
470 | ///request_header_add access list | |
471 | HeaderWithAclList *request_header_add; | |
cde8f31b NH |
472 | ///reply_header_add access list |
473 | HeaderWithAclList *reply_header_add; | |
d7f4a0b7 CT |
474 | ///note |
475 | Notes notes; | |
4d5904f7 FC |
476 | char *coredump_dir; |
477 | char *chroot_dir; | |
478 | #if USE_CACHE_DIGESTS | |
479 | ||
480 | struct { | |
481 | int bits_per_entry; | |
482 | time_t rebuild_period; | |
483 | time_t rewrite_period; | |
484 | size_t swapout_chunk_size; | |
485 | int rebuild_chunk_percentage; | |
486 | } digest; | |
487 | #endif | |
cb4f4424 | 488 | #if USE_OPENSSL |
4d5904f7 FC |
489 | |
490 | struct { | |
491 | int unclean_shutdown; | |
492 | char *ssl_engine; | |
10a69fc0 CT |
493 | int session_ttl; |
494 | size_t sessionCacheSize; | |
3c26b00a | 495 | char *certSignHash; |
4d5904f7 FC |
496 | } SSL; |
497 | #endif | |
498 | ||
4d5904f7 FC |
499 | struct { |
500 | int high_rptm; | |
501 | int high_pf; | |
502 | size_t high_memory; | |
503 | } warnings; | |
504 | char *store_dir_select_algorithm; | |
505 | int sleep_after_fork; /* microseconds */ | |
506 | time_t minimum_expiry_time; /* seconds */ | |
507 | external_acl *externalAclHelperList; | |
508 | ||
4d5904f7 | 509 | struct { |
900daee3 | 510 | Security::ContextPointer sslContext; |
a465e144 | 511 | #if USE_OPENSSL |
866be11c | 512 | char *foreignIntermediateCertsPath; |
4d5904f7 | 513 | acl_access *cert_error; |
4d5904f7 FC |
514 | sslproxy_cert_sign *cert_sign; |
515 | sslproxy_cert_adapt *cert_adapt; | |
4d5904f7 | 516 | #endif |
a465e144 | 517 | } ssl_client; |
4d5904f7 FC |
518 | |
519 | char *accept_filter; | |
520 | int umask; | |
521 | int max_filedescriptors; | |
522 | int workers; | |
523 | CpuAffinityMap *cpuAffinityMap; | |
524 | ||
525 | #if USE_LOADABLE_MODULES | |
526 | wordlist *loadable_module_names; | |
527 | #endif | |
528 | ||
529 | int client_ip_max_connections; | |
530 | ||
b11724bb CT |
531 | char *redirector_extras; |
532 | ||
ced8def3 | 533 | struct UrlHelperTimeout { |
32fd6d8a CT |
534 | int action; |
535 | char *response; | |
536 | } onUrlRewriteTimeout; | |
537 | ||
b11724bb CT |
538 | char *storeId_extras; |
539 | ||
4d5904f7 | 540 | struct { |
5a1098fb | 541 | SBufList nameservers; |
4d5904f7 FC |
542 | int v4_first; ///< Place IPv4 first in the order of DNS results. |
543 | ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies. | |
544 | } dns; | |
4d5904f7 FC |
545 | }; |
546 | ||
547 | extern SquidConfig Config; | |
548 | ||
5fed1735 AJ |
549 | class SquidConfig2 |
550 | { | |
551 | public: | |
871cbc7d AJ |
552 | void clear() { |
553 | *this = SquidConfig2(); | |
554 | } | |
555 | ||
7957fca1 | 556 | struct { |
871cbc7d | 557 | int enable_purge = 0; |
7957fca1 | 558 | } onoff; |
871cbc7d AJ |
559 | uid_t effectiveUserID = 0; |
560 | gid_t effectiveGroupID = 0; | |
7957fca1 FC |
561 | }; |
562 | ||
563 | extern SquidConfig2 Config2; | |
564 | ||
4d5904f7 | 565 | #endif /* SQUID_SQUIDCONFIG_H_ */ |
f53969cc | 566 |