[thirdparty/squid.git] / src / SquidConfig.h

/*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_

#include "acl/forward.h"
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#include "Notes.h"
#include "security/forward.h"
#include "SquidTime.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/forward.h"

#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif

namespace Mgr
{
class ActionPasswordList;
} // namespace Mgr
class CachePeer;
class CustomLog;
class CpuAffinityMap;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;

namespace AnyP
{
class PortCfg;
}

namespace Store {
class DiskConfig {
public:
    RefCount<SwapDir> *swapDirs;
    int n_allocated;
    int n_configured;
    /// number of disk processes required to support all cache_dirs
    int n_strands;
};
#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
}

/// the representation of the configuration. POD.
class SquidConfig
{
public:
    struct {
        /* These should be for the Store::Root instance.
        * this needs pluggable parsing to be done smoothly.
        */
        int highWaterMark;
        int lowWaterMark;
    } Swap;

    YesNoNone memShared; ///< whether the memory cache is shared among workers
    size_t memMaxSize;

    struct {
        int64_t min;
        int pct;
        int64_t max;
    } quickAbort;
    int64_t readAheadGap;
    RemovalPolicySettings *replPolicy;
    RemovalPolicySettings *memPolicy;
#if USE_HTTP_VIOLATIONS
    time_t negativeTtl;
#endif
    time_t maxStale;
    time_t negativeDnsTtl;
    time_t positiveDnsTtl;
    time_t shutdownLifetime;
    time_t backgroundPingRate;

    struct {
        time_t read;
        time_t write;
        time_t lifetime;
        time_t connect;
        time_t forward;
        time_t peer_connect;
        time_t request;
        time_t clientIdlePconn;
        time_t serverIdlePconn;
        time_t ftpClientIdle;
        time_t pconnLifetime; ///< pconn_lifetime in squid.conf
        time_t siteSelect;
        time_t deadPeer;
        time_t request_start_timeout;
        int icp_query;      /* msec */
        int icp_query_max;  /* msec */
        int icp_query_min;  /* msec */
        int mcast_icp_query;    /* msec */
        time_msec_t idns_retransmit;
        time_msec_t idns_query;
        time_t urlRewrite;
    } Timeout;
    size_t maxRequestHeaderSize;
    int64_t maxRequestBodySize;
    size_t maxRequestBufferSize;
    size_t maxReplyHeaderSize;
    AclSizeLimit *ReplyBodySize;

    struct {
        unsigned short icp;
#if USE_HTCP

        unsigned short htcp;
#endif
#if SQUID_SNMP

        unsigned short snmp;
#endif
    } Port;

#if SQUID_SNMP

    struct {
        char *configFile;
        char *agentInfo;
    } Snmp;
#endif
#if USE_WCCP

    struct {
        Ip::Address router;
        Ip::Address address;
        int version;
    } Wccp;
#endif
#if USE_WCCPv2

    struct {
        Ip::Address_list *router;
        Ip::Address address;
        int forwarding_method;
        int return_method;
        int assignment_method;
        int weight;
        int rebuildwait;
        void *info;
    } Wccp2;
#endif

    char *as_whois_server;

    struct {
        char *store;
        char *swap;
        CustomLog *accesslogs;
#if ICAP_CLIENT
        CustomLog *icaplogs;
#endif
        int rotateNumber;
    } Log;
    char *adminEmail;
    char *EmailFrom;
    char *EmailProgram;
    char *effectiveUser;
    char *visible_appname_string;
    char *effectiveGroup;

    struct {
        wordlist *redirect;
        wordlist *store_id;
#if USE_UNLINKD

        char *unlinkd;
#endif

        char *diskd;
#if USE_OPENSSL

        char *ssl_password;
#endif

    } Program;

    Helper::ChildConfig redirectChildren;
    Helper::ChildConfig storeIdChildren;
    time_t authenticateGCInterval;
    time_t authenticateTTL;
    time_t authenticateIpTTL;

    struct {
        char *surrogate_id;
    } Accel;
    char *appendDomain;
    size_t appendDomainLen;
    char *pidFilename;
    char *netdbFilename;
    char *mimeTablePathname;
    char *etcHostsPath;
    char *visibleHostname;
    char *uniqueHostname;
    wordlist *hostnameAliases;
    char *errHtmlText;

    struct {
        char *host;
        char *file;
        time_t period;
        unsigned short port;
    } Announce;

    struct {

        Ip::Address udp_incoming;
        Ip::Address udp_outgoing;
#if SQUID_SNMP
        Ip::Address snmp_incoming;
        Ip::Address snmp_outgoing;
#endif
        /* FIXME INET6 : this should really be a CIDR value */
        Ip::Address client_netmask;
    } Addrs;
    size_t tcpRcvBufsz;
    size_t udpMaxHitObjsz;
    wordlist *mcast_group_list;
    wordlist *dns_nameservers;
    CachePeer *peers;
    int npeers;

    struct {
        int size;
        int low;
        int high;
    } ipcache;

    struct {
        int size;
    } fqdncache;
    int minDirectHops;
    int minDirectRtt;
    Mgr::ActionPasswordList *passwd_list;

    struct {
        int objectsPerBucket;
        int64_t avgObjectSize;
        int64_t maxObjectSize;
        int64_t minObjectSize;
        size_t maxInMemObjSize;
    } Store;

    struct {
        int high;
        int low;
        time_t period;
    } Netdb;

    struct {
        int log_udp;
        int res_defnames;
        int anonymizer;
        int client_db;
        int query_icmp;
        int icp_hit_stale;
        int buffered_logs;
        int common_log;
        int log_mime_hdrs;
        int log_fqdn;
        int announce;
        int mem_pools;
        int test_reachability;
        int half_closed_clients;
        int refresh_all_ims;
#if USE_HTTP_VIOLATIONS

        int reload_into_ims;
#endif

        int offline;
        int redir_rewrites_host;
        int prefer_direct;
        int nonhierarchical_direct;
        int strip_query_terms;
        int redirector_bypass;
        int store_id_bypass;
        int ignore_unknown_nameservers;
        int client_pconns;
        int server_pconns;
        int error_pconns;
#if USE_CACHE_DIGESTS

        int digest_generation;
#endif

        int ie_refresh;
        int vary_ignore_expire;
        int surrogate_is_remote;
        int request_entities;
        int detect_broken_server_pconns;
        int balance_on_multiple_ip;
        int relaxed_header_parser;
        int check_hostnames;
        int allow_underscore;
        int via;
        int cache_miss_revalidate;
        int emailErrData;
        int httpd_suppress_version_string;
        int global_internal_static;
        int collapsed_forwarding;

#if FOLLOW_X_FORWARDED_FOR
        int acl_uses_indirect_client;
        int delay_pool_uses_indirect_client;
        int log_uses_indirect_client;
#if LINUX_NETFILTER
        int tproxy_uses_indirect_client;
#endif
#endif /* FOLLOW_X_FORWARDED_FOR */

        int WIN32_IpAddrChangeMonitor;
        int memory_cache_first;
        int memory_cache_disk;
        int hostStrictVerify;
        int client_dst_passthru;
        int dns_mdns;
#if USE_OPENSSL
        bool logTlsServerHelloDetails;
#endif
    } onoff;

    int pipeline_max_prefetch;

    int forward_max_tries;
    int connect_retries;

    class ACL *aclList;

    struct {
        acl_access *http;
        acl_access *adapted_http;
        acl_access *icp;
        acl_access *miss;
        acl_access *NeverDirect;
        acl_access *AlwaysDirect;
        acl_access *ASlists;
        acl_access *noCache;
        acl_access *sendHit;
        acl_access *storeMiss;
        acl_access *stats_collection;
#if SQUID_SNMP

        acl_access *snmp;
#endif
#if USE_HTTP_VIOLATIONS
        acl_access *brokenPosts;
#endif
        acl_access *redirector;
        acl_access *store_id;
        acl_access *reply;
        Acl::Address *outgoing_address;
#if USE_HTCP

        acl_access *htcp;
        acl_access *htcp_clr;
#endif

#if USE_OPENSSL
        acl_access *ssl_bump;
#endif
#if FOLLOW_X_FORWARDED_FOR
        acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */

        /// acceptible PROXY protocol clients
        acl_access *proxyProtocol;

        /// spoof_client_ip squid.conf acl.
        /// nil unless configured
        acl_access* spoof_client_ip;
        acl_access *on_unsupported_protocol;

        acl_access *ftp_epsv;

        acl_access *forceRequestBodyContinuation;
        acl_access *serverPconnForNonretriable;
    } accessList;
    AclDenyInfoList *denyInfoList;

    struct {
        size_t list_width;
        int list_wrap;
        char *anon_user;
        int passive;
        int epsv_all;
        int epsv;
        int eprt;
        int sanitycheck;
        int telnet;
    } Ftp;
    RefreshPattern *Refresh;

    Store::DiskConfig cacheSwap;

    struct {
        char *directory;
        int use_short_names;
    } icons;
    char *errorDirectory;
#if USE_ERR_LOCALES
    char *errorDefaultLanguage;
    int errorLogMissingLanguages;
#endif
    char *errorStylesheet;

    struct {
        int onerror;
    } retry;

    struct {
        int64_t limit;
    } MemPools;
#if USE_DELAY_POOLS

    DelayConfig Delay;
    ClientDelayConfig ClientDelay;
#endif

    struct {
        struct {
            int average;
            int min_poll;
        } dns, udp, tcp;
    } comm_incoming;
    int max_open_disk_fds;
    int uri_whitespace;
    AclSizeLimit *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM

    struct {

        Ip::Address addr;
        int ttl;
        unsigned short port;
        char *encode_key;
    } mcast_miss;
#endif

    /// request_header_access and request_header_replace
    HeaderManglers *request_header_access;
    /// reply_header_access and reply_header_replace
    HeaderManglers *reply_header_access;
    ///request_header_add access list
    HeaderWithAclList *request_header_add;
    ///note
    Notes notes;
    char *coredump_dir;
    char *chroot_dir;
#if USE_CACHE_DIGESTS

    struct {
        int bits_per_entry;
        time_t rebuild_period;
        time_t rewrite_period;
        size_t swapout_chunk_size;
        int rebuild_chunk_percentage;
    } digest;
#endif
#if USE_OPENSSL

    struct {
        int unclean_shutdown;
        char *ssl_engine;
        int session_ttl;
        size_t sessionCacheSize;
        char *certSignHash;
    } SSL;
#endif

    wordlist *ext_methods;

    struct {
        int high_rptm;
        int high_pf;
        size_t high_memory;
    } warnings;
    char *store_dir_select_algorithm;
    int sleep_after_fork;   /* microseconds */
    time_t minimum_expiry_time; /* seconds */
    external_acl *externalAclHelperList;

    struct {
        Security::ContextPtr sslContext;
#if USE_OPENSSL
        char *foreignIntermediateCertsPath;
        acl_access *cert_error;
        sslproxy_cert_sign *cert_sign;
        sslproxy_cert_adapt *cert_adapt;
#endif
    } ssl_client;

    char *accept_filter;
    int umask;
    int max_filedescriptors;
    int workers;
    CpuAffinityMap *cpuAffinityMap;

#if USE_LOADABLE_MODULES
    wordlist *loadable_module_names;
#endif

    int client_ip_max_connections;

    char *redirector_extras;

    struct UrlHelperTimeout {
        int action;
        char *response;
    } onUrlRewriteTimeout;

    char *storeId_extras;

    struct {
        int v4_first;       ///< Place IPv4 first in the order of DNS results.
        ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
    } dns;

};

extern SquidConfig Config;

class SquidConfig2
{
public:
    struct {
        int enable_purge;
        int mangle_request_headers;
    } onoff;
    uid_t effectiveUserID;
    gid_t effectiveGroupID;
};

extern SquidConfig2 Config2;

#endif /* SQUID_SQUIDCONFIG_H_ */
Commit	Line	Data
4d5904f7	1	/*
ef57eb7b	2	* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4d5904f7	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
4d5904f7 FC	7	*/
4d5904f7 FC	8
bbc27441 AJ	9	#ifndef SQUID_SQUIDCONFIG_H_
	10	#define SQUID_SQUIDCONFIG_H_
	11
6f58d7d7	12	#include "acl/forward.h"
8bf217bd	13	#include "base/RefCount.h"
c50b35b5	14	#include "base/YesNoNone.h"
4d5904f7 FC	15	#include "ClientDelayConfig.h"
4d5904f7 FC	16	#include "DelayConfig.h"
76d9b994	17	#include "helper/ChildConfig.h"
4d5904f7	18	#include "HttpHeaderTools.h"
4d5904f7	19	#include "ip/Address.h"
d7f4a0b7	20	#include "Notes.h"
a465e144	21	#include "security/forward.h"
6ebc477d	22	#include "SquidTime.h"
866be11c CT	23	#if USE_OPENSSL
	24	#include "ssl/support.h"
	25	#endif
2745fea5	26	#include "store/forward.h"
4d5904f7	27
cb4f4424	28	#if USE_OPENSSL
d9c7489e FC	29	class sslproxy_cert_sign;
d9c7489e FC	30	class sslproxy_cert_adapt;
a011edee FC	31	#endif
a011edee FC	32
e4a14600 A	33	namespace Mgr
e4a14600 A	34	{
613924ee FC	35	class ActionPasswordList;
613924ee FC	36	} // namespace Mgr
7a5b5df7	37	class CachePeer;
613924ee	38	class CustomLog;
c6983ec7	39	class CpuAffinityMap;
613924ee	40	class external_acl;
4d5904f7	41	class HeaderManglers;
8d9a8184	42	class RefreshPattern;
4d5904f7 FC	43	class RemovalPolicySettings;
4d5904f7 FC	44
e4a14600 A	45	namespace AnyP
e4a14600 A	46	{
4d5904f7 FC	47	class PortCfg;
	48	}
	49
2745fea5 AR	50	namespace Store {
	51	class DiskConfig {
	52	public:
	53	RefCount<SwapDir> *swapDirs;
	54	int n_allocated;
	55	int n_configured;
	56	/// number of disk processes required to support all cache_dirs
	57	int n_strands;
	58	};
	59	#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
	60	}
	61
001d55dc	62	/// the representation of the configuration. POD.
1b2f0924 FC	63	class SquidConfig
1b2f0924 FC	64	{
4d5904f7 FC	65	public:
	66	struct {
	67	/* These should be for the Store::Root instance.
	68	* this needs pluggable parsing to be done smoothly.
	69	*/
	70	int highWaterMark;
	71	int lowWaterMark;
	72	} Swap;
	73
	74	YesNoNone memShared; ///< whether the memory cache is shared among workers
	75	size_t memMaxSize;
	76
	77	struct {
	78	int64_t min;
	79	int pct;
	80	int64_t max;
	81	} quickAbort;
	82	int64_t readAheadGap;
	83	RemovalPolicySettings *replPolicy;
	84	RemovalPolicySettings *memPolicy;
	85	#if USE_HTTP_VIOLATIONS
	86	time_t negativeTtl;
	87	#endif
	88	time_t maxStale;
	89	time_t negativeDnsTtl;
	90	time_t positiveDnsTtl;
	91	time_t shutdownLifetime;
	92	time_t backgroundPingRate;
	93
	94	struct {
	95	time_t read;
	96	time_t write;
	97	time_t lifetime;
	98	time_t connect;
	99	time_t forward;
	100	time_t peer_connect;
	101	time_t request;
	102	time_t clientIdlePconn;
	103	time_t serverIdlePconn;
f6e8754a	104	time_t ftpClientIdle;
c5c06f02	105	time_t pconnLifetime; ///< pconn_lifetime in squid.conf
4d5904f7 FC	106	time_t siteSelect;
4d5904f7 FC	107	time_t deadPeer;
3248e962	108	time_t request_start_timeout;
4d5904f7 FC	109	int icp_query; /* msec */
	110	int icp_query_max; /* msec */
	111	int icp_query_min; /* msec */
	112	int mcast_icp_query; /* msec */
4d5904f7 FC	113	time_msec_t idns_retransmit;
4d5904f7 FC	114	time_msec_t idns_query;
32fd6d8a	115	time_t urlRewrite;
4d5904f7 FC	116	} Timeout;
	117	size_t maxRequestHeaderSize;
	118	int64_t maxRequestBodySize;
4d5904f7 FC	119	size_t maxRequestBufferSize;
4d5904f7 FC	120	size_t maxReplyHeaderSize;
1328cfb7	121	AclSizeLimit *ReplyBodySize;
4d5904f7 FC	122
	123	struct {
	124	unsigned short icp;
	125	#if USE_HTCP
	126
	127	unsigned short htcp;
	128	#endif
	129	#if SQUID_SNMP
	130
	131	unsigned short snmp;
	132	#endif
	133	} Port;
	134
4d5904f7 FC	135	#if SQUID_SNMP
	136
	137	struct {
	138	char *configFile;
	139	char *agentInfo;
	140	} Snmp;
	141	#endif
	142	#if USE_WCCP
	143
	144	struct {
	145	Ip::Address router;
	146	Ip::Address address;
	147	int version;
	148	} Wccp;
	149	#endif
	150	#if USE_WCCPv2
	151
	152	struct {
	153	Ip::Address_list *router;
	154	Ip::Address address;
	155	int forwarding_method;
	156	int return_method;
	157	int assignment_method;
	158	int weight;
	159	int rebuildwait;
	160	void *info;
	161	} Wccp2;
	162	#endif
	163
4d5904f7 FC	164	char *as_whois_server;
	165
	166	struct {
	167	char *store;
	168	char *swap;
87ddff6e	169	CustomLog *accesslogs;
4d5904f7	170	#if ICAP_CLIENT
87ddff6e	171	CustomLog *icaplogs;
4d5904f7 FC	172	#endif
	173	int rotateNumber;
	174	} Log;
	175	char *adminEmail;
	176	char *EmailFrom;
	177	char *EmailProgram;
	178	char *effectiveUser;
	179	char *visible_appname_string;
	180	char *effectiveGroup;
	181
	182	struct {
4d5904f7	183	wordlist *redirect;
a8a0b1c2	184	wordlist *store_id;
4d5904f7 FC	185	#if USE_UNLINKD
	186
	187	char *unlinkd;
	188	#endif
	189
	190	char *diskd;
cb4f4424	191	#if USE_OPENSSL
4d5904f7 FC	192
	193	char *ssl_password;
	194	#endif
	195
	196	} Program;
4d5904f7	197
76d9b994 AJ	198	Helper::ChildConfig redirectChildren;
76d9b994 AJ	199	Helper::ChildConfig storeIdChildren;
4d5904f7 FC	200	time_t authenticateGCInterval;
	201	time_t authenticateTTL;
	202	time_t authenticateIpTTL;
	203
	204	struct {
	205	char *surrogate_id;
	206	} Accel;
	207	char *appendDomain;
	208	size_t appendDomainLen;
	209	char *pidFilename;
	210	char *netdbFilename;
	211	char *mimeTablePathname;
	212	char *etcHostsPath;
	213	char *visibleHostname;
	214	char *uniqueHostname;
	215	wordlist *hostnameAliases;
	216	char *errHtmlText;
	217
	218	struct {
	219	char *host;
	220	char *file;
	221	time_t period;
	222	unsigned short port;
	223	} Announce;
	224
	225	struct {
	226
	227	Ip::Address udp_incoming;
	228	Ip::Address udp_outgoing;
	229	#if SQUID_SNMP
	230	Ip::Address snmp_incoming;
	231	Ip::Address snmp_outgoing;
	232	#endif
	233	/* FIXME INET6 : this should really be a CIDR value */
	234	Ip::Address client_netmask;
	235	} Addrs;
	236	size_t tcpRcvBufsz;
	237	size_t udpMaxHitObjsz;
4d5904f7 FC	238	wordlist *mcast_group_list;
4d5904f7 FC	239	wordlist *dns_nameservers;
a3c6762c	240	CachePeer *peers;
4d5904f7 FC	241	int npeers;
	242
	243	struct {
	244	int size;
	245	int low;
	246	int high;
	247	} ipcache;
	248
	249	struct {
	250	int size;
	251	} fqdncache;
	252	int minDirectHops;
	253	int minDirectRtt;
613924ee	254	Mgr::ActionPasswordList *passwd_list;
4d5904f7 FC	255
	256	struct {
	257	int objectsPerBucket;
	258	int64_t avgObjectSize;
	259	int64_t maxObjectSize;
	260	int64_t minObjectSize;
	261	size_t maxInMemObjSize;
	262	} Store;
	263
	264	struct {
	265	int high;
	266	int low;
	267	time_t period;
	268	} Netdb;
	269
	270	struct {
	271	int log_udp;
	272	int res_defnames;
	273	int anonymizer;
	274	int client_db;
	275	int query_icmp;
	276	int icp_hit_stale;
	277	int buffered_logs;
	278	int common_log;
	279	int log_mime_hdrs;
	280	int log_fqdn;
	281	int announce;
	282	int mem_pools;
	283	int test_reachability;
	284	int half_closed_clients;
	285	int refresh_all_ims;
	286	#if USE_HTTP_VIOLATIONS
	287
	288	int reload_into_ims;
	289	#endif
	290
	291	int offline;
	292	int redir_rewrites_host;
	293	int prefer_direct;
	294	int nonhierarchical_direct;
	295	int strip_query_terms;
	296	int redirector_bypass;
a8a0b1c2	297	int store_id_bypass;
4d5904f7 FC	298	int ignore_unknown_nameservers;
	299	int client_pconns;
	300	int server_pconns;
	301	int error_pconns;
	302	#if USE_CACHE_DIGESTS
	303
	304	int digest_generation;
	305	#endif
	306
	307	int ie_refresh;
	308	int vary_ignore_expire;
4d5904f7 FC	309	int surrogate_is_remote;
	310	int request_entities;
	311	int detect_broken_server_pconns;
	312	int balance_on_multiple_ip;
	313	int relaxed_header_parser;
	314	int check_hostnames;
	315	int allow_underscore;
	316	int via;
96598f93	317	int cache_miss_revalidate;
4d5904f7 FC	318	int emailErrData;
	319	int httpd_suppress_version_string;
	320	int global_internal_static;
55eae904	321	int collapsed_forwarding;
4d5904f7 FC	322
	323	#if FOLLOW_X_FORWARDED_FOR
	324	int acl_uses_indirect_client;
	325	int delay_pool_uses_indirect_client;
	326	int log_uses_indirect_client;
	327	#if LINUX_NETFILTER
	328	int tproxy_uses_indirect_client;
	329	#endif
	330	#endif /* FOLLOW_X_FORWARDED_FOR */
	331
	332	int WIN32_IpAddrChangeMonitor;
	333	int memory_cache_first;
	334	int memory_cache_disk;
	335	int hostStrictVerify;
	336	int client_dst_passthru;
bce61b00	337	int dns_mdns;
2bcab852 CT	338	#if USE_OPENSSL
	339	bool logTlsServerHelloDetails;
	340	#endif
4d5904f7 FC	341	} onoff;
4d5904f7 FC	342
079a8480 AJ	343	int pipeline_max_prefetch;
079a8480 AJ	344
4d5904f7 FC	345	int forward_max_tries;
	346	int connect_retries;
	347
	348	class ACL *aclList;
	349
	350	struct {
	351	acl_access *http;
	352	acl_access *adapted_http;
	353	acl_access *icp;
	354	acl_access *miss;
	355	acl_access *NeverDirect;
	356	acl_access *AlwaysDirect;
	357	acl_access *ASlists;
	358	acl_access *noCache;
70706149 AR	359	acl_access *sendHit;
70706149 AR	360	acl_access *storeMiss;
8ebad780	361	acl_access *stats_collection;
4d5904f7 FC	362	#if SQUID_SNMP
	363
	364	acl_access *snmp;
	365	#endif
	366	#if USE_HTTP_VIOLATIONS
	367	acl_access *brokenPosts;
	368	#endif
	369	acl_access *redirector;
a8a0b1c2	370	acl_access *store_id;
4d5904f7	371	acl_access *reply;
289848ca	372	Acl::Address *outgoing_address;
4d5904f7 FC	373	#if USE_HTCP
	374
	375	acl_access *htcp;
	376	acl_access *htcp_clr;
	377	#endif
	378
cb4f4424	379	#if USE_OPENSSL
4d5904f7 FC	380	acl_access *ssl_bump;
4d5904f7 FC	381	#endif
33b24cf0	382	#if FOLLOW_X_FORWARDED_FOR
4d5904f7	383	acl_access *followXFF;
33b24cf0	384	#endif /* FOLLOW_X_FORWARDED_FOR */
4d5904f7	385
d3d92daa AJ	386	/// acceptible PROXY protocol clients
	387	acl_access *proxyProtocol;
	388
0d901ef4 SH	389	/// spoof_client_ip squid.conf acl.
	390	/// nil unless configured
	391	acl_access* spoof_client_ip;
3248e962	392	acl_access *on_unsupported_protocol;
ddf5aa2b CT	393
ddf5aa2b CT	394	acl_access *ftp_epsv;
ec69bdb2 CT	395
ec69bdb2 CT	396	acl_access *forceRequestBodyContinuation;
afc753f3	397	acl_access *serverPconnForNonretriable;
4d5904f7	398	} accessList;
7f0b3324	399	AclDenyInfoList *denyInfoList;
4d5904f7 FC	400
	401	struct {
	402	size_t list_width;
	403	int list_wrap;
	404	char *anon_user;
	405	int passive;
	406	int epsv_all;
	407	int epsv;
	408	int eprt;
	409	int sanitycheck;
	410	int telnet;
	411	} Ftp;
8d9a8184	412	RefreshPattern *Refresh;
4d5904f7	413
2745fea5	414	Store::DiskConfig cacheSwap;
4d5904f7 FC	415
	416	struct {
	417	char *directory;
	418	int use_short_names;
	419	} icons;
	420	char *errorDirectory;
	421	#if USE_ERR_LOCALES
	422	char *errorDefaultLanguage;
	423	int errorLogMissingLanguages;
	424	#endif
	425	char *errorStylesheet;
	426
	427	struct {
	428	int onerror;
	429	} retry;
	430
	431	struct {
	432	int64_t limit;
	433	} MemPools;
	434	#if USE_DELAY_POOLS
	435
	436	DelayConfig Delay;
	437	ClientDelayConfig ClientDelay;
	438	#endif
	439
	440	struct {
	441	struct {
	442	int average;
	443	int min_poll;
	444	} dns, udp, tcp;
	445	} comm_incoming;
	446	int max_open_disk_fds;
	447	int uri_whitespace;
1328cfb7	448	AclSizeLimit *rangeOffsetLimit;
4d5904f7 FC	449	#if MULTICAST_MISS_STREAM
	450
	451	struct {
	452
	453	Ip::Address addr;
	454	int ttl;
	455	unsigned short port;
	456	char *encode_key;
	457	} mcast_miss;
	458	#endif
	459
	460	/// request_header_access and request_header_replace
	461	HeaderManglers *request_header_access;
	462	/// reply_header_access and reply_header_replace
	463	HeaderManglers *reply_header_access;
	464	///request_header_add access list
	465	HeaderWithAclList *request_header_add;
d7f4a0b7 CT	466	///note
d7f4a0b7 CT	467	Notes notes;
4d5904f7 FC	468	char *coredump_dir;
	469	char *chroot_dir;
	470	#if USE_CACHE_DIGESTS
	471
	472	struct {
	473	int bits_per_entry;
	474	time_t rebuild_period;
	475	time_t rewrite_period;
	476	size_t swapout_chunk_size;
	477	int rebuild_chunk_percentage;
	478	} digest;
	479	#endif
cb4f4424	480	#if USE_OPENSSL
4d5904f7 FC	481
	482	struct {
	483	int unclean_shutdown;
	484	char *ssl_engine;
10a69fc0 CT	485	int session_ttl;
10a69fc0 CT	486	size_t sessionCacheSize;
3c26b00a	487	char *certSignHash;
4d5904f7 FC	488	} SSL;
	489	#endif
	490
	491	wordlist *ext_methods;
	492
	493	struct {
	494	int high_rptm;
	495	int high_pf;
	496	size_t high_memory;
	497	} warnings;
	498	char *store_dir_select_algorithm;
	499	int sleep_after_fork; /* microseconds */
	500	time_t minimum_expiry_time; /* seconds */
	501	external_acl *externalAclHelperList;
	502
4d5904f7	503	struct {
96993ee0	504	Security::ContextPtr sslContext;
a465e144	505	#if USE_OPENSSL
866be11c	506	char *foreignIntermediateCertsPath;
4d5904f7	507	acl_access *cert_error;
4d5904f7 FC	508	sslproxy_cert_sign *cert_sign;
4d5904f7 FC	509	sslproxy_cert_adapt *cert_adapt;
4d5904f7	510	#endif
a465e144	511	} ssl_client;
4d5904f7 FC	512
	513	char *accept_filter;
	514	int umask;
	515	int max_filedescriptors;
	516	int workers;
	517	CpuAffinityMap *cpuAffinityMap;
	518
	519	#if USE_LOADABLE_MODULES
	520	wordlist *loadable_module_names;
	521	#endif
	522
	523	int client_ip_max_connections;
	524
b11724bb CT	525	char *redirector_extras;
b11724bb CT	526
ced8def3	527	struct UrlHelperTimeout {
32fd6d8a CT	528	int action;
	529	char *response;
	530	} onUrlRewriteTimeout;
	531
b11724bb CT	532	char *storeId_extras;
b11724bb CT	533
4d5904f7 FC	534	struct {
	535	int v4_first; ///< Place IPv4 first in the order of DNS results.
	536	ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
	537	} dns;
	538
	539	};
	540
	541	extern SquidConfig Config;
	542
5fed1735 AJ	543	class SquidConfig2
	544	{
	545	public:
7957fca1 FC	546	struct {
	547	int enable_purge;
	548	int mangle_request_headers;
	549	} onoff;
	550	uid_t effectiveUserID;
	551	gid_t effectiveGroupID;
	552	};
	553
	554	extern SquidConfig2 Config2;
	555
4d5904f7	556	#endif /* SQUID_SQUIDCONFIG_H_ */
f53969cc	557