[thirdparty/squid.git] / src / SquidConfig.h

/*
 * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_

#include "acl/forward.h"
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#if USE_DELAY_POOLS
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#endif
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#if USE_DELAY_POOLS
#include "MessageDelayPools.h"
#endif
#include "Notes.h"
#include "security/forward.h"
#include "SquidTime.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/forward.h"

#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr
class CachePeer;
class CustomLog;
class CpuAffinityMap;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;

namespace AnyP
{
class PortCfg;
}

namespace Store {
class DiskConfig {
public:
    RefCount<SwapDir> *swapDirs;
    int n_allocated;
    int n_configured;
    /// number of disk processes required to support all cache_dirs
    int n_strands;
};
#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    YesNoNone shmLocking; ///< shared_memory_locking
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;
    time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t ftpClientIdle;
        time_t pconnLifetime; ///< pconn_lifetime in squid.conf
        time_t siteSelect;
        time_t deadPeer;
        time_t request_start_timeout;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
        time_t urlRewrite;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    Helper::ChildConfig redirectChildren;
    Helper::ChildConfig storeIdChildren;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    wordlist *hostnameAliases;
    char *errHtmlText;

    struct {
        char *host;
        char *file;
        time_t period;
        unsigned short port;
    } Announce;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        /* FIXME INET6 : this should really be a CIDR value */
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *mcast_group_list;
    CachePeer *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int log_fqdn;
        int announce;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int vary_ignore_expire;
        int surrogate_is_remote;
        int request_entities;
        int detect_broken_server_pconns;
        int balance_on_multiple_ip;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
#if USE_OPENSSL
        bool logTlsServerHelloDetails;
#endif
    } onoff;

    int64_t shared_transient_entries_limit;

    int pipeline_max_prefetch;

    int forward_max_tries;
    int connect_retries;

    class ACL *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        Acl::Address *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// acceptible PROXY protocol clients
        acl_access *proxyProtocol;

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
        acl_access *on_unsupported_protocol;

        acl_access *ftp_epsv;

        acl_access *forceRequestBodyContinuation;
        acl_access *serverPconnForNonretriable;
        acl_access *collapsedForwardingAccess;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    Store::DiskConfig cacheSwap;

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
    MessageDelayConfig MessageDelay;
#endif

    struct {
        struct {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM

    struct {

        Ip::Address addr;
        int ttl;
        unsigned short port;
        char *encode_key;
    } mcast_miss;
#endif

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///reply_header_add access list
    HeaderWithAclList *reply_header_add;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
        char *certSignHash;
    } SSL;
#endif

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

    struct {
        Security::ContextPointer sslContext;
#if USE_OPENSSL
        char *foreignIntermediateCertsPath;
        acl_access *cert_error;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
#endif
    } ssl_client;

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    wordlist *loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    struct UrlHelperTimeout {
        int action;
        char *response;
    } onUrlRewriteTimeout;

    char *storeId_extras;

    struct {
        SBufList nameservers;
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;
};

extern SquidConfig Config;

class SquidConfig2
{
public:
    void clear() {
        *this = SquidConfig2();
    }

    struct {
        int enable_purge = 0;
    } onoff;
    uid_t effectiveUserID = 0;
    gid_t effectiveGroupID = 0;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SQUIDCONFIG_H_ */
Commit	Line	Data
4d5904f7	1	/*
5b74111a	2	* Copyright (C) 1996-2018 The Squid Software Foundation and contributors
4d5904f7	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
4d5904f7 FC	7	*/
4d5904f7 FC	8
bbc27441 AJ	9	#ifndef SQUID_SQUIDCONFIG_H_
	10	#define SQUID_SQUIDCONFIG_H_
	11
6f58d7d7	12	#include "acl/forward.h"
8bf217bd	13	#include "base/RefCount.h"
c50b35b5	14	#include "base/YesNoNone.h"
b27668ec	15	#if USE_DELAY_POOLS
4d5904f7 FC	16	#include "ClientDelayConfig.h"
4d5904f7 FC	17	#include "DelayConfig.h"
b27668ec	18	#endif
76d9b994	19	#include "helper/ChildConfig.h"
4d5904f7	20	#include "HttpHeaderTools.h"
4d5904f7	21	#include "ip/Address.h"
b27668ec EB	22	#if USE_DELAY_POOLS
	23	#include "MessageDelayPools.h"
	24	#endif
d7f4a0b7	25	#include "Notes.h"
a465e144	26	#include "security/forward.h"
6ebc477d	27	#include "SquidTime.h"
866be11c CT	28	#if USE_OPENSSL
	29	#include "ssl/support.h"
	30	#endif
2745fea5	31	#include "store/forward.h"
4d5904f7	32
cb4f4424	33	#if USE_OPENSSL
d9c7489e FC	34	class sslproxy_cert_sign;
d9c7489e FC	35	class sslproxy_cert_adapt;
a011edee FC	36	#endif
a011edee FC	37
e4a14600 A	38	namespace Mgr
e4a14600 A	39	{
613924ee FC	40	class ActionPasswordList;
613924ee FC	41	} // namespace Mgr
7a5b5df7	42	class CachePeer;
613924ee	43	class CustomLog;
c6983ec7	44	class CpuAffinityMap;
613924ee	45	class external_acl;
4d5904f7	46	class HeaderManglers;
8d9a8184	47	class RefreshPattern;
4d5904f7 FC	48	class RemovalPolicySettings;
4d5904f7 FC	49
e4a14600 A	50	namespace AnyP
e4a14600 A	51	{
4d5904f7 FC	52	class PortCfg;
	53	}
	54
2745fea5 AR	55	namespace Store {
	56	class DiskConfig {
	57	public:
	58	RefCount<SwapDir> *swapDirs;
	59	int n_allocated;
	60	int n_configured;
	61	/// number of disk processes required to support all cache_dirs
	62	int n_strands;
	63	};
	64	#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
	65	}
	66
001d55dc	67	/// the representation of the configuration. POD.
1b2f0924 FC	68	class SquidConfig
1b2f0924 FC	69	{
4d5904f7 FC	70	public:
	71	struct {
	72	/* These should be for the Store::Root instance.
	73	* this needs pluggable parsing to be done smoothly.
	74	*/
	75	int highWaterMark;
	76	int lowWaterMark;
	77	} Swap;
	78
	79	YesNoNone memShared; ///< whether the memory cache is shared among workers
c756d517	80	YesNoNone shmLocking; ///< shared_memory_locking
4d5904f7 FC	81	size_t memMaxSize;
	82
	83	struct {
	84	int64_t min;
	85	int pct;
	86	int64_t max;
	87	} quickAbort;
	88	int64_t readAheadGap;
	89	RemovalPolicySettings *replPolicy;
	90	RemovalPolicySettings *memPolicy;
	91	#if USE_HTTP_VIOLATIONS
	92	time_t negativeTtl;
	93	#endif
	94	time_t maxStale;
	95	time_t negativeDnsTtl;
	96	time_t positiveDnsTtl;
	97	time_t shutdownLifetime;
	98	time_t backgroundPingRate;
00e2479d	99	time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay
4d5904f7 FC	100
	101	struct {
	102	time_t read;
	103	time_t write;
	104	time_t lifetime;
	105	time_t connect;
	106	time_t forward;
	107	time_t peer_connect;
	108	time_t request;
	109	time_t clientIdlePconn;
	110	time_t serverIdlePconn;
f6e8754a	111	time_t ftpClientIdle;
c5c06f02	112	time_t pconnLifetime; ///< pconn_lifetime in squid.conf
4d5904f7 FC	113	time_t siteSelect;
4d5904f7 FC	114	time_t deadPeer;
3248e962	115	time_t request_start_timeout;
4d5904f7 FC	116	int icp_query; /* msec */
	117	int icp_query_max; /* msec */
	118	int icp_query_min; /* msec */
	119	int mcast_icp_query; /* msec */
4d5904f7 FC	120	time_msec_t idns_retransmit;
4d5904f7 FC	121	time_msec_t idns_query;
32fd6d8a	122	time_t urlRewrite;
4d5904f7 FC	123	} Timeout;
	124	size_t maxRequestHeaderSize;
	125	int64_t maxRequestBodySize;
4d5904f7 FC	126	size_t maxRequestBufferSize;
4d5904f7 FC	127	size_t maxReplyHeaderSize;
1328cfb7	128	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	129
	130	struct {
	131	unsigned short icp;
	132	#if USE_HTCP
	133
	134	unsigned short htcp;
	135	#endif
	136	#if SQUID_SNMP
	137
	138	unsigned short snmp;
	139	#endif
	140	} Port;
	141
4d5904f7 FC	142	#if SQUID_SNMP
	143
	144	struct {
	145	char *configFile;
	146	char *agentInfo;
	147	} Snmp;
	148	#endif
	149	#if USE_WCCP
	150
	151	struct {
	152	Ip::Address router;
	153	Ip::Address address;
	154	int version;
	155	} Wccp;
	156	#endif
	157	#if USE_WCCPv2
	158
	159	struct {
	160	Ip::Address_list *router;
	161	Ip::Address address;
	162	int forwarding_method;
	163	int return_method;
	164	int assignment_method;
	165	int weight;
	166	int rebuildwait;
	167	void *info;
	168	} Wccp2;
	169	#endif
	170
4d5904f7 FC	171	char *as_whois_server;
	172
	173	struct {
	174	char *store;
	175	char *swap;
87ddff6e	176	CustomLog *accesslogs;
4d5904f7	177	#if ICAP_CLIENT
87ddff6e	178	CustomLog *icaplogs;
4d5904f7 FC	179	#endif
	180	int rotateNumber;
	181	} Log;
	182	char *adminEmail;
	183	char *EmailFrom;
	184	char *EmailProgram;
	185	char *effectiveUser;
	186	char *visible_appname_string;
	187	char *effectiveGroup;
	188
	189	struct {
4d5904f7	190	wordlist *redirect;
a8a0b1c2	191	wordlist *store_id;
4d5904f7 FC	192	#if USE_UNLINKD
	193
	194	char *unlinkd;
	195	#endif
	196
	197	char *diskd;
cb4f4424	198	#if USE_OPENSSL
4d5904f7 FC	199
	200	char *ssl_password;
	201	#endif
	202
	203	} Program;
4d5904f7	204
76d9b994 AJ	205	Helper::ChildConfig redirectChildren;
76d9b994 AJ	206	Helper::ChildConfig storeIdChildren;
4d5904f7 FC	207
	208	struct {
	209	char *surrogate_id;
	210	} Accel;
	211	char *appendDomain;
	212	size_t appendDomainLen;
	213	char *pidFilename;
	214	char *netdbFilename;
	215	char *mimeTablePathname;
	216	char *etcHostsPath;
	217	char *visibleHostname;
	218	char *uniqueHostname;
	219	wordlist *hostnameAliases;
	220	char *errHtmlText;
	221
	222	struct {
	223	char *host;
	224	char *file;
	225	time_t period;
	226	unsigned short port;
	227	} Announce;
	228
	229	struct {
	230
	231	Ip::Address udp_incoming;
	232	Ip::Address udp_outgoing;
	233	#if SQUID_SNMP
	234	Ip::Address snmp_incoming;
	235	Ip::Address snmp_outgoing;
	236	#endif
	237	/* FIXME INET6 : this should really be a CIDR value */
	238	Ip::Address client_netmask;
	239	} Addrs;
	240	size_t tcpRcvBufsz;
	241	size_t udpMaxHitObjsz;
4d5904f7	242	wordlist *mcast_group_list;
a3c6762c	243	CachePeer *peers;
4d5904f7 FC	244	int npeers;
	245
	246	struct {
	247	int size;
	248	int low;
	249	int high;
	250	} ipcache;
	251
	252	struct {
	253	int size;
	254	} fqdncache;
	255	int minDirectHops;
	256	int minDirectRtt;
613924ee	257	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	258
	259	struct {
	260	int objectsPerBucket;
	261	int64_t avgObjectSize;
	262	int64_t maxObjectSize;
	263	int64_t minObjectSize;
	264	size_t maxInMemObjSize;
	265	} Store;
	266
	267	struct {
	268	int high;
	269	int low;
	270	time_t period;
	271	} Netdb;
	272
	273	struct {
	274	int log_udp;
	275	int res_defnames;
	276	int anonymizer;
	277	int client_db;
	278	int query_icmp;
	279	int icp_hit_stale;
	280	int buffered_logs;
	281	int common_log;
	282	int log_mime_hdrs;
	283	int log_fqdn;
	284	int announce;
	285	int mem_pools;
	286	int test_reachability;
	287	int half_closed_clients;
	288	int refresh_all_ims;
	289	#if USE_HTTP_VIOLATIONS
	290
	291	int reload_into_ims;
	292	#endif
	293
	294	int offline;
	295	int redir_rewrites_host;
	296	int prefer_direct;
	297	int nonhierarchical_direct;
	298	int strip_query_terms;
	299	int redirector_bypass;
a8a0b1c2	300	int store_id_bypass;
4d5904f7 FC	301	int ignore_unknown_nameservers;
	302	int client_pconns;
	303	int server_pconns;
	304	int error_pconns;
	305	#if USE_CACHE_DIGESTS
	306
	307	int digest_generation;
	308	#endif
	309
4d5904f7	310	int vary_ignore_expire;
4d5904f7 FC	311	int surrogate_is_remote;
	312	int request_entities;
	313	int detect_broken_server_pconns;
	314	int balance_on_multiple_ip;
	315	int relaxed_header_parser;
	316	int check_hostnames;
	317	int allow_underscore;
	318	int via;
96598f93	319	int cache_miss_revalidate;
4d5904f7 FC	320	int emailErrData;
	321	int httpd_suppress_version_string;
	322	int global_internal_static;
55eae904	323	int collapsed_forwarding;
4d5904f7 FC	324
	325	#if FOLLOW_X_FORWARDED_FOR
	326	int acl_uses_indirect_client;
	327	int delay_pool_uses_indirect_client;
	328	int log_uses_indirect_client;
	329	#if LINUX_NETFILTER
	330	int tproxy_uses_indirect_client;
	331	#endif
	332	#endif /* FOLLOW_X_FORWARDED_FOR */
	333
	334	int WIN32_IpAddrChangeMonitor;
	335	int memory_cache_first;
	336	int memory_cache_disk;
	337	int hostStrictVerify;
	338	int client_dst_passthru;
bce61b00	339	int dns_mdns;
2bcab852 CT	340	#if USE_OPENSSL
	341	bool logTlsServerHelloDetails;
	342	#endif
4d5904f7 FC	343	} onoff;
4d5904f7 FC	344
daed75a9	345	int64_t shared_transient_entries_limit;
8f7dbf74	346
079a8480 AJ	347	int pipeline_max_prefetch;
079a8480 AJ	348
4d5904f7 FC	349	int forward_max_tries;
	350	int connect_retries;
	351
	352	class ACL *aclList;
	353
	354	struct {
	355	acl_access *http;
	356	acl_access *adapted_http;
	357	acl_access *icp;
	358	acl_access *miss;
	359	acl_access *NeverDirect;
	360	acl_access *AlwaysDirect;
	361	acl_access *ASlists;
	362	acl_access *noCache;
70706149 AR	363	acl_access *sendHit;
70706149 AR	364	acl_access *storeMiss;
8ebad780	365	acl_access *stats_collection;
4d5904f7 FC	366	#if SQUID_SNMP
	367
	368	acl_access *snmp;
	369	#endif
	370	#if USE_HTTP_VIOLATIONS
	371	acl_access *brokenPosts;
	372	#endif
	373	acl_access *redirector;
a8a0b1c2	374	acl_access *store_id;
4d5904f7	375	acl_access *reply;
289848ca	376	Acl::Address *outgoing_address;
4d5904f7 FC	377	#if USE_HTCP
	378
	379	acl_access *htcp;
	380	acl_access *htcp_clr;
	381	#endif
	382
cb4f4424	383	#if USE_OPENSSL
4d5904f7 FC	384	acl_access *ssl_bump;
4d5904f7 FC	385	#endif
33b24cf0	386	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	387	acl_access *followXFF;
33b24cf0	388	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	389
d3d92daa AJ	390	/// acceptible PROXY protocol clients
	391	acl_access *proxyProtocol;
	392
0d901ef4 SH	393	/// spoof_client_ip squid.conf acl.
	394	/// nil unless configured
	395	acl_access* spoof_client_ip;
3248e962	396	acl_access *on_unsupported_protocol;
ddf5aa2b CT	397
ddf5aa2b CT	398	acl_access *ftp_epsv;
ec69bdb2 CT	399
ec69bdb2 CT	400	acl_access *forceRequestBodyContinuation;
afc753f3	401	acl_access *serverPconnForNonretriable;
819be284	402	acl_access *collapsedForwardingAccess;
4d5904f7	403	} accessList;
7f0b3324	404	AclDenyInfoList *denyInfoList;
4d5904f7 FC	405
	406	struct {
	407	size_t list_width;
	408	int list_wrap;
	409	char *anon_user;
	410	int passive;
	411	int epsv_all;
	412	int epsv;
	413	int eprt;
	414	int sanitycheck;
	415	int telnet;
	416	} Ftp;
8d9a8184	417	RefreshPattern *Refresh;
4d5904f7	418
2745fea5	419	Store::DiskConfig cacheSwap;
4d5904f7 FC	420
	421	struct {
	422	char *directory;
	423	int use_short_names;
	424	} icons;
	425	char *errorDirectory;
	426	#if USE_ERR_LOCALES
	427	char *errorDefaultLanguage;
	428	int errorLogMissingLanguages;
	429	#endif
	430	char *errorStylesheet;
	431
	432	struct {
	433	int onerror;
	434	} retry;
	435
	436	struct {
	437	int64_t limit;
	438	} MemPools;
	439	#if USE_DELAY_POOLS
	440
	441	DelayConfig Delay;
	442	ClientDelayConfig ClientDelay;
b27668ec	443	MessageDelayConfig MessageDelay;
4d5904f7 FC	444	#endif
	445
	446	struct {
	447	struct {
	448	int average;
	449	int min_poll;
	450	} dns, udp, tcp;
	451	} comm_incoming;
	452	int max_open_disk_fds;
	453	int uri_whitespace;
1328cfb7	454	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	455	#if MULTICAST_MISS_STREAM
	456
	457	struct {
	458
	459	Ip::Address addr;
	460	int ttl;
	461	unsigned short port;
	462	char *encode_key;
	463	} mcast_miss;
	464	#endif
	465
	466	/// request_header_access and request_header_replace
	467	HeaderManglers *request_header_access;
	468	/// reply_header_access and reply_header_replace
	469	HeaderManglers *reply_header_access;
	470	///request_header_add access list
	471	HeaderWithAclList *request_header_add;
cde8f31b NH	472	///reply_header_add access list
cde8f31b NH	473	HeaderWithAclList *reply_header_add;
d7f4a0b7 CT	474	///note
d7f4a0b7 CT	475	Notes notes;
4d5904f7 FC	476	char *coredump_dir;
	477	char *chroot_dir;
	478	#if USE_CACHE_DIGESTS
	479
	480	struct {
	481	int bits_per_entry;
	482	time_t rebuild_period;
	483	time_t rewrite_period;
	484	size_t swapout_chunk_size;
	485	int rebuild_chunk_percentage;
	486	} digest;
	487	#endif
cb4f4424	488	#if USE_OPENSSL
4d5904f7 FC	489
	490	struct {
	491	int unclean_shutdown;
	492	char *ssl_engine;
10a69fc0 CT	493	int session_ttl;
10a69fc0 CT	494	size_t sessionCacheSize;
3c26b00a	495	char *certSignHash;
4d5904f7 FC	496	} SSL;
	497	#endif
	498
4d5904f7 FC	499	struct {
	500	int high_rptm;
	501	int high_pf;
	502	size_t high_memory;
	503	} warnings;
	504	char *store_dir_select_algorithm;
	505	int sleep_after_fork; /* microseconds */
	506	time_t minimum_expiry_time; /* seconds */
	507	external_acl *externalAclHelperList;
	508
4d5904f7	509	struct {
900daee3	510	Security::ContextPointer sslContext;
a465e144	511	#if USE_OPENSSL
866be11c	512	char *foreignIntermediateCertsPath;
4d5904f7	513	acl_access *cert_error;
4d5904f7 FC	514	sslproxy_cert_sign *cert_sign;
4d5904f7 FC	515	sslproxy_cert_adapt *cert_adapt;
4d5904f7	516	#endif
a465e144	517	} ssl_client;
4d5904f7 FC	518
	519	char *accept_filter;
	520	int umask;
	521	int max_filedescriptors;
	522	int workers;
	523	CpuAffinityMap *cpuAffinityMap;
	524
	525	#if USE_LOADABLE_MODULES
	526	wordlist *loadable_module_names;
	527	#endif
	528
	529	int client_ip_max_connections;
	530
b11724bb CT	531	char *redirector_extras;
b11724bb CT	532
ced8def3	533	struct UrlHelperTimeout {
32fd6d8a CT	534	int action;
	535	char *response;
	536	} onUrlRewriteTimeout;
	537
b11724bb CT	538	char *storeId_extras;
b11724bb CT	539
4d5904f7	540	struct {
5a1098fb	541	SBufList nameservers;
4d5904f7 FC	542	int v4_first; ///< Place IPv4 first in the order of DNS results.
	543	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	544	} dns;
4d5904f7 FC	545	};
	546
	547	extern SquidConfig Config;
	548
5fed1735 AJ	549	class SquidConfig2
	550	{
	551	public:
871cbc7d AJ	552	void clear() {
	553	*this = SquidConfig2();
	554	}
	555
7957fca1	556	struct {
871cbc7d	557	int enable_purge = 0;
7957fca1	558	} onoff;
871cbc7d AJ	559	uid_t effectiveUserID = 0;
871cbc7d AJ	560	gid_t effectiveGroupID = 0;
7957fca1 FC	561	};
	562
	563	extern SquidConfig2 Config2;
	564
4d5904f7	565	#endif /* SQUID_SQUIDCONFIG_H_ */
f53969cc	566