]>
Commit | Line | Data |
---|---|---|
4d5904f7 | 1 | /* |
bbc27441 | 2 | * Copyright (C) 1996-2014 The Squid Software Foundation and contributors |
4d5904f7 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
4d5904f7 FC |
7 | */ |
8 | ||
bbc27441 AJ |
9 | #ifndef SQUID_SQUIDCONFIG_H_ |
10 | #define SQUID_SQUIDCONFIG_H_ | |
11 | ||
6f58d7d7 | 12 | #include "acl/forward.h" |
8bf217bd | 13 | #include "base/RefCount.h" |
4d5904f7 FC |
14 | #include "ClientDelayConfig.h" |
15 | #include "DelayConfig.h" | |
76d9b994 | 16 | #include "helper/ChildConfig.h" |
4d5904f7 FC |
17 | #include "HttpHeaderTools.h" |
18 | #include "icmp/IcmpConfig.h" | |
19 | #include "ip/Address.h" | |
d7f4a0b7 | 20 | #include "Notes.h" |
bf35a4a7 | 21 | #include "YesNoNone.h" |
4d5904f7 | 22 | |
cb4f4424 AJ |
23 | #if USE_OPENSSL |
24 | #if HAVE_OPENSSL_SSL_H | |
a011edee | 25 | #include <openssl/ssl.h> |
cb4f4424 AJ |
26 | #endif |
27 | ||
d9c7489e FC |
28 | class sslproxy_cert_sign; |
29 | class sslproxy_cert_adapt; | |
a011edee FC |
30 | #endif |
31 | ||
e4a14600 A |
32 | namespace Mgr |
33 | { | |
613924ee FC |
34 | class ActionPasswordList; |
35 | } // namespace Mgr | |
36 | class CustomLog; | |
c6983ec7 | 37 | class CpuAffinityMap; |
613924ee | 38 | class external_acl; |
4d5904f7 | 39 | class HeaderManglers; |
8d9a8184 | 40 | class RefreshPattern; |
4d5904f7 | 41 | class RemovalPolicySettings; |
ee82937c | 42 | class SwapDir; |
4d5904f7 | 43 | |
e4a14600 A |
44 | namespace AnyP |
45 | { | |
4d5904f7 FC |
46 | class PortCfg; |
47 | } | |
48 | ||
001d55dc | 49 | /// the representation of the configuration. POD. |
1b2f0924 FC |
50 | class SquidConfig |
51 | { | |
4d5904f7 FC |
52 | public: |
53 | struct { | |
54 | /* These should be for the Store::Root instance. | |
55 | * this needs pluggable parsing to be done smoothly. | |
56 | */ | |
57 | int highWaterMark; | |
58 | int lowWaterMark; | |
59 | } Swap; | |
60 | ||
61 | YesNoNone memShared; ///< whether the memory cache is shared among workers | |
62 | size_t memMaxSize; | |
63 | ||
64 | struct { | |
65 | int64_t min; | |
66 | int pct; | |
67 | int64_t max; | |
68 | } quickAbort; | |
69 | int64_t readAheadGap; | |
70 | RemovalPolicySettings *replPolicy; | |
71 | RemovalPolicySettings *memPolicy; | |
72 | #if USE_HTTP_VIOLATIONS | |
73 | time_t negativeTtl; | |
74 | #endif | |
75 | time_t maxStale; | |
76 | time_t negativeDnsTtl; | |
77 | time_t positiveDnsTtl; | |
78 | time_t shutdownLifetime; | |
79 | time_t backgroundPingRate; | |
80 | ||
81 | struct { | |
82 | time_t read; | |
83 | time_t write; | |
84 | time_t lifetime; | |
85 | time_t connect; | |
86 | time_t forward; | |
87 | time_t peer_connect; | |
88 | time_t request; | |
89 | time_t clientIdlePconn; | |
90 | time_t serverIdlePconn; | |
f6e8754a | 91 | time_t ftpClientIdle; |
4d5904f7 FC |
92 | time_t siteSelect; |
93 | time_t deadPeer; | |
94 | int icp_query; /* msec */ | |
95 | int icp_query_max; /* msec */ | |
96 | int icp_query_min; /* msec */ | |
97 | int mcast_icp_query; /* msec */ | |
4d5904f7 FC |
98 | time_msec_t idns_retransmit; |
99 | time_msec_t idns_query; | |
4d5904f7 FC |
100 | } Timeout; |
101 | size_t maxRequestHeaderSize; | |
102 | int64_t maxRequestBodySize; | |
103 | int64_t maxChunkedRequestBodySize; | |
104 | size_t maxRequestBufferSize; | |
105 | size_t maxReplyHeaderSize; | |
1328cfb7 | 106 | AclSizeLimit *ReplyBodySize; |
4d5904f7 FC |
107 | |
108 | struct { | |
109 | unsigned short icp; | |
110 | #if USE_HTCP | |
111 | ||
112 | unsigned short htcp; | |
113 | #endif | |
114 | #if SQUID_SNMP | |
115 | ||
116 | unsigned short snmp; | |
117 | #endif | |
118 | } Port; | |
119 | ||
4d5904f7 FC |
120 | #if SQUID_SNMP |
121 | ||
122 | struct { | |
123 | char *configFile; | |
124 | char *agentInfo; | |
125 | } Snmp; | |
126 | #endif | |
127 | #if USE_WCCP | |
128 | ||
129 | struct { | |
130 | Ip::Address router; | |
131 | Ip::Address address; | |
132 | int version; | |
133 | } Wccp; | |
134 | #endif | |
135 | #if USE_WCCPv2 | |
136 | ||
137 | struct { | |
138 | Ip::Address_list *router; | |
139 | Ip::Address address; | |
140 | int forwarding_method; | |
141 | int return_method; | |
142 | int assignment_method; | |
143 | int weight; | |
144 | int rebuildwait; | |
145 | void *info; | |
146 | } Wccp2; | |
147 | #endif | |
148 | ||
149 | #if USE_ICMP | |
150 | IcmpConfig pinger; | |
151 | #endif | |
152 | ||
153 | char *as_whois_server; | |
154 | ||
155 | struct { | |
156 | char *store; | |
157 | char *swap; | |
87ddff6e | 158 | CustomLog *accesslogs; |
4d5904f7 | 159 | #if ICAP_CLIENT |
87ddff6e | 160 | CustomLog *icaplogs; |
4d5904f7 FC |
161 | #endif |
162 | int rotateNumber; | |
163 | } Log; | |
164 | char *adminEmail; | |
165 | char *EmailFrom; | |
166 | char *EmailProgram; | |
167 | char *effectiveUser; | |
168 | char *visible_appname_string; | |
169 | char *effectiveGroup; | |
170 | ||
171 | struct { | |
4d5904f7 | 172 | wordlist *redirect; |
a8a0b1c2 | 173 | wordlist *store_id; |
4d5904f7 FC |
174 | #if USE_UNLINKD |
175 | ||
176 | char *unlinkd; | |
177 | #endif | |
178 | ||
179 | char *diskd; | |
cb4f4424 | 180 | #if USE_OPENSSL |
4d5904f7 FC |
181 | |
182 | char *ssl_password; | |
183 | #endif | |
184 | ||
185 | } Program; | |
4d5904f7 | 186 | |
76d9b994 AJ |
187 | Helper::ChildConfig redirectChildren; |
188 | Helper::ChildConfig storeIdChildren; | |
4d5904f7 FC |
189 | time_t authenticateGCInterval; |
190 | time_t authenticateTTL; | |
191 | time_t authenticateIpTTL; | |
192 | ||
193 | struct { | |
194 | char *surrogate_id; | |
195 | } Accel; | |
196 | char *appendDomain; | |
197 | size_t appendDomainLen; | |
198 | char *pidFilename; | |
199 | char *netdbFilename; | |
200 | char *mimeTablePathname; | |
201 | char *etcHostsPath; | |
202 | char *visibleHostname; | |
203 | char *uniqueHostname; | |
204 | wordlist *hostnameAliases; | |
205 | char *errHtmlText; | |
206 | ||
207 | struct { | |
208 | char *host; | |
209 | char *file; | |
210 | time_t period; | |
211 | unsigned short port; | |
212 | } Announce; | |
213 | ||
214 | struct { | |
215 | ||
216 | Ip::Address udp_incoming; | |
217 | Ip::Address udp_outgoing; | |
218 | #if SQUID_SNMP | |
219 | Ip::Address snmp_incoming; | |
220 | Ip::Address snmp_outgoing; | |
221 | #endif | |
222 | /* FIXME INET6 : this should really be a CIDR value */ | |
223 | Ip::Address client_netmask; | |
224 | } Addrs; | |
225 | size_t tcpRcvBufsz; | |
226 | size_t udpMaxHitObjsz; | |
4d5904f7 FC |
227 | wordlist *mcast_group_list; |
228 | wordlist *dns_nameservers; | |
a3c6762c | 229 | CachePeer *peers; |
4d5904f7 FC |
230 | int npeers; |
231 | ||
232 | struct { | |
233 | int size; | |
234 | int low; | |
235 | int high; | |
236 | } ipcache; | |
237 | ||
238 | struct { | |
239 | int size; | |
240 | } fqdncache; | |
241 | int minDirectHops; | |
242 | int minDirectRtt; | |
613924ee | 243 | Mgr::ActionPasswordList *passwd_list; |
4d5904f7 FC |
244 | |
245 | struct { | |
246 | int objectsPerBucket; | |
247 | int64_t avgObjectSize; | |
248 | int64_t maxObjectSize; | |
249 | int64_t minObjectSize; | |
250 | size_t maxInMemObjSize; | |
251 | } Store; | |
252 | ||
253 | struct { | |
254 | int high; | |
255 | int low; | |
256 | time_t period; | |
257 | } Netdb; | |
258 | ||
259 | struct { | |
260 | int log_udp; | |
261 | int res_defnames; | |
262 | int anonymizer; | |
263 | int client_db; | |
264 | int query_icmp; | |
265 | int icp_hit_stale; | |
266 | int buffered_logs; | |
267 | int common_log; | |
268 | int log_mime_hdrs; | |
269 | int log_fqdn; | |
270 | int announce; | |
271 | int mem_pools; | |
272 | int test_reachability; | |
273 | int half_closed_clients; | |
274 | int refresh_all_ims; | |
275 | #if USE_HTTP_VIOLATIONS | |
276 | ||
277 | int reload_into_ims; | |
278 | #endif | |
279 | ||
280 | int offline; | |
281 | int redir_rewrites_host; | |
282 | int prefer_direct; | |
283 | int nonhierarchical_direct; | |
284 | int strip_query_terms; | |
285 | int redirector_bypass; | |
a8a0b1c2 | 286 | int store_id_bypass; |
4d5904f7 FC |
287 | int ignore_unknown_nameservers; |
288 | int client_pconns; | |
289 | int server_pconns; | |
290 | int error_pconns; | |
291 | #if USE_CACHE_DIGESTS | |
292 | ||
293 | int digest_generation; | |
294 | #endif | |
295 | ||
296 | int ie_refresh; | |
297 | int vary_ignore_expire; | |
4d5904f7 FC |
298 | int surrogate_is_remote; |
299 | int request_entities; | |
300 | int detect_broken_server_pconns; | |
301 | int balance_on_multiple_ip; | |
302 | int relaxed_header_parser; | |
303 | int check_hostnames; | |
304 | int allow_underscore; | |
305 | int via; | |
96598f93 | 306 | int cache_miss_revalidate; |
4d5904f7 FC |
307 | int emailErrData; |
308 | int httpd_suppress_version_string; | |
309 | int global_internal_static; | |
55eae904 | 310 | int collapsed_forwarding; |
4d5904f7 FC |
311 | |
312 | #if FOLLOW_X_FORWARDED_FOR | |
313 | int acl_uses_indirect_client; | |
314 | int delay_pool_uses_indirect_client; | |
315 | int log_uses_indirect_client; | |
316 | #if LINUX_NETFILTER | |
317 | int tproxy_uses_indirect_client; | |
318 | #endif | |
319 | #endif /* FOLLOW_X_FORWARDED_FOR */ | |
320 | ||
321 | int WIN32_IpAddrChangeMonitor; | |
322 | int memory_cache_first; | |
323 | int memory_cache_disk; | |
324 | int hostStrictVerify; | |
325 | int client_dst_passthru; | |
bce61b00 | 326 | int dns_mdns; |
4d5904f7 FC |
327 | } onoff; |
328 | ||
079a8480 AJ |
329 | int pipeline_max_prefetch; |
330 | ||
4d5904f7 FC |
331 | int forward_max_tries; |
332 | int connect_retries; | |
333 | ||
334 | class ACL *aclList; | |
335 | ||
336 | struct { | |
337 | acl_access *http; | |
338 | acl_access *adapted_http; | |
339 | acl_access *icp; | |
340 | acl_access *miss; | |
341 | acl_access *NeverDirect; | |
342 | acl_access *AlwaysDirect; | |
343 | acl_access *ASlists; | |
344 | acl_access *noCache; | |
70706149 AR |
345 | acl_access *sendHit; |
346 | acl_access *storeMiss; | |
8ebad780 | 347 | acl_access *stats_collection; |
4d5904f7 FC |
348 | #if SQUID_SNMP |
349 | ||
350 | acl_access *snmp; | |
351 | #endif | |
352 | #if USE_HTTP_VIOLATIONS | |
353 | acl_access *brokenPosts; | |
354 | #endif | |
355 | acl_access *redirector; | |
a8a0b1c2 | 356 | acl_access *store_id; |
4d5904f7 | 357 | acl_access *reply; |
0dc8ffa5 | 358 | AclAddress *outgoing_address; |
4d5904f7 FC |
359 | #if USE_HTCP |
360 | ||
361 | acl_access *htcp; | |
362 | acl_access *htcp_clr; | |
363 | #endif | |
364 | ||
cb4f4424 | 365 | #if USE_OPENSSL |
4d5904f7 FC |
366 | acl_access *ssl_bump; |
367 | #endif | |
33b24cf0 | 368 | #if FOLLOW_X_FORWARDED_FOR |
4d5904f7 | 369 | acl_access *followXFF; |
33b24cf0 | 370 | #endif /* FOLLOW_X_FORWARDED_FOR */ |
4d5904f7 | 371 | |
d3d92daa AJ |
372 | /// acceptible PROXY protocol clients |
373 | acl_access *proxyProtocol; | |
374 | ||
0d901ef4 SH |
375 | /// spoof_client_ip squid.conf acl. |
376 | /// nil unless configured | |
377 | acl_access* spoof_client_ip; | |
ddf5aa2b CT |
378 | |
379 | acl_access *ftp_epsv; | |
ec69bdb2 CT |
380 | |
381 | acl_access *forceRequestBodyContinuation; | |
4d5904f7 | 382 | } accessList; |
7f0b3324 | 383 | AclDenyInfoList *denyInfoList; |
4d5904f7 FC |
384 | |
385 | struct { | |
386 | size_t list_width; | |
387 | int list_wrap; | |
388 | char *anon_user; | |
389 | int passive; | |
390 | int epsv_all; | |
391 | int epsv; | |
392 | int eprt; | |
393 | int sanitycheck; | |
394 | int telnet; | |
395 | } Ftp; | |
8d9a8184 | 396 | RefreshPattern *Refresh; |
4d5904f7 FC |
397 | |
398 | struct _cacheSwap { | |
399 | RefCount<SwapDir> *swapDirs; | |
400 | int n_allocated; | |
401 | int n_configured; | |
402 | /// number of disk processes required to support all cache_dirs | |
403 | int n_strands; | |
404 | } cacheSwap; | |
405 | /* | |
406 | * I'm sick of having to keep doing this .. | |
407 | */ | |
408 | #define INDEXSD(i) (Config.cacheSwap.swapDirs[(i)].getRaw()) | |
409 | ||
410 | struct { | |
411 | char *directory; | |
412 | int use_short_names; | |
413 | } icons; | |
414 | char *errorDirectory; | |
415 | #if USE_ERR_LOCALES | |
416 | char *errorDefaultLanguage; | |
417 | int errorLogMissingLanguages; | |
418 | #endif | |
419 | char *errorStylesheet; | |
420 | ||
421 | struct { | |
422 | int onerror; | |
423 | } retry; | |
424 | ||
425 | struct { | |
426 | int64_t limit; | |
427 | } MemPools; | |
428 | #if USE_DELAY_POOLS | |
429 | ||
430 | DelayConfig Delay; | |
431 | ClientDelayConfig ClientDelay; | |
432 | #endif | |
433 | ||
434 | struct { | |
435 | struct { | |
436 | int average; | |
437 | int min_poll; | |
438 | } dns, udp, tcp; | |
439 | } comm_incoming; | |
440 | int max_open_disk_fds; | |
441 | int uri_whitespace; | |
1328cfb7 | 442 | AclSizeLimit *rangeOffsetLimit; |
4d5904f7 FC |
443 | #if MULTICAST_MISS_STREAM |
444 | ||
445 | struct { | |
446 | ||
447 | Ip::Address addr; | |
448 | int ttl; | |
449 | unsigned short port; | |
450 | char *encode_key; | |
451 | } mcast_miss; | |
452 | #endif | |
453 | ||
454 | /// request_header_access and request_header_replace | |
455 | HeaderManglers *request_header_access; | |
456 | /// reply_header_access and reply_header_replace | |
457 | HeaderManglers *reply_header_access; | |
458 | ///request_header_add access list | |
459 | HeaderWithAclList *request_header_add; | |
d7f4a0b7 CT |
460 | ///note |
461 | Notes notes; | |
4d5904f7 FC |
462 | char *coredump_dir; |
463 | char *chroot_dir; | |
464 | #if USE_CACHE_DIGESTS | |
465 | ||
466 | struct { | |
467 | int bits_per_entry; | |
468 | time_t rebuild_period; | |
469 | time_t rewrite_period; | |
470 | size_t swapout_chunk_size; | |
471 | int rebuild_chunk_percentage; | |
472 | } digest; | |
473 | #endif | |
cb4f4424 | 474 | #if USE_OPENSSL |
4d5904f7 FC |
475 | |
476 | struct { | |
477 | int unclean_shutdown; | |
478 | char *ssl_engine; | |
10a69fc0 CT |
479 | int session_ttl; |
480 | size_t sessionCacheSize; | |
3c26b00a | 481 | char *certSignHash; |
4d5904f7 FC |
482 | } SSL; |
483 | #endif | |
484 | ||
485 | wordlist *ext_methods; | |
486 | ||
487 | struct { | |
488 | int high_rptm; | |
489 | int high_pf; | |
490 | size_t high_memory; | |
491 | } warnings; | |
492 | char *store_dir_select_algorithm; | |
493 | int sleep_after_fork; /* microseconds */ | |
494 | time_t minimum_expiry_time; /* seconds */ | |
495 | external_acl *externalAclHelperList; | |
496 | ||
cb4f4424 | 497 | #if USE_OPENSSL |
4d5904f7 FC |
498 | |
499 | struct { | |
500 | char *cert; | |
501 | char *key; | |
502 | int version; | |
503 | char *options; | |
504 | char *cipher; | |
505 | char *cafile; | |
506 | char *capath; | |
507 | char *crlfile; | |
508 | char *flags; | |
509 | acl_access *cert_error; | |
510 | SSL_CTX *sslContext; | |
511 | sslproxy_cert_sign *cert_sign; | |
512 | sslproxy_cert_adapt *cert_adapt; | |
513 | } ssl_client; | |
514 | #endif | |
515 | ||
516 | char *accept_filter; | |
517 | int umask; | |
518 | int max_filedescriptors; | |
519 | int workers; | |
520 | CpuAffinityMap *cpuAffinityMap; | |
521 | ||
522 | #if USE_LOADABLE_MODULES | |
523 | wordlist *loadable_module_names; | |
524 | #endif | |
525 | ||
526 | int client_ip_max_connections; | |
527 | ||
b11724bb CT |
528 | char *redirector_extras; |
529 | ||
530 | char *storeId_extras; | |
531 | ||
4d5904f7 FC |
532 | struct { |
533 | int v4_first; ///< Place IPv4 first in the order of DNS results. | |
534 | ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies. | |
535 | } dns; | |
536 | ||
537 | }; | |
538 | ||
539 | extern SquidConfig Config; | |
540 | ||
5fed1735 AJ |
541 | class SquidConfig2 |
542 | { | |
543 | public: | |
7957fca1 FC |
544 | struct { |
545 | int enable_purge; | |
546 | int mangle_request_headers; | |
547 | } onoff; | |
548 | uid_t effectiveUserID; | |
549 | gid_t effectiveGroupID; | |
550 | }; | |
551 | ||
552 | extern SquidConfig2 Config2; | |
553 | ||
4d5904f7 | 554 | #endif /* SQUID_SQUIDCONFIG_H_ */ |