]>
Commit | Line | Data |
---|---|---|
65d448bc AJ |
1 | #ifndef SQUID_ANYP_PORTCFG_H |
2 | #define SQUID_ANYP_PORTCFG_H | |
1b26be8f | 3 | |
6a25a046 | 4 | #include "anyp/TrafficMode.h" |
1b26be8f | 5 | #include "cbdata.h" |
00406b24 | 6 | #include "comm/Connection.h" |
1b26be8f | 7 | |
95d2589c CT |
8 | #if USE_SSL |
9 | #include "ssl/gadgets.h" | |
10 | #endif | |
11 | ||
65d448bc AJ |
12 | namespace AnyP |
13 | { | |
14 | ||
5fed1735 AJ |
15 | class PortCfg |
16 | { | |
17 | public: | |
65d448bc AJ |
18 | PortCfg(const char *aProtocol); |
19 | ~PortCfg(); | |
20 | AnyP::PortCfg *clone() const; | |
f4e4d4d6 | 21 | #if USE_SSL |
7a957a93 | 22 | /// creates, configures, and validates SSL context and related port options |
f4e4d4d6 CT |
23 | void configureSslServerContext(); |
24 | #endif | |
1b26be8f | 25 | |
65d448bc | 26 | PortCfg *next; |
1b26be8f | 27 | |
b7ac5457 | 28 | Ip::Address s; |
1b26be8f | 29 | char *protocol; /* protocol name */ |
30 | char *name; /* visible name */ | |
31 | char *defaultsite; /* default web site */ | |
32 | ||
6a25a046 FC |
33 | TrafficMode flags; ///< flags indicating what type of traffic to expect via this port. |
34 | ||
86ab7a90 FC |
35 | bool allow_direct; ///< Allow direct forwarding in accelerator mode |
36 | bool vhost; ///< uses host header | |
37 | bool actAsOrigin; ///< update replies to conform with RFC 2616 | |
38 | bool ignore_cc; ///< Ignore request Cache-Control directives | |
1b26be8f | 39 | |
86ab7a90 FC |
40 | bool connection_auth_disabled; ///< Don't support connection oriented auth |
41 | ||
42 | int vport; ///< virtual port support. -1 if dynamic, >0 static | |
1b26be8f | 43 | int disable_pmtu_discovery; |
f1e0717c | 44 | |
1b26be8f | 45 | struct { |
26ac0430 AJ |
46 | unsigned int idle; |
47 | unsigned int interval; | |
48 | unsigned int timeout; | |
86ab7a90 | 49 | bool enabled; |
1b26be8f | 50 | } tcp_keepalive; |
51 | ||
04f55905 | 52 | /** |
8bbb16e3 AJ |
53 | * The listening socket details. |
54 | * If Comm::ConnIsOpen() we are actively listening for client requests. | |
55 | * use listenConn->close() to stop. | |
04f55905 | 56 | */ |
8bbb16e3 | 57 | Comm::ConnectionPointer listenConn; |
04f55905 | 58 | |
1b26be8f | 59 | #if USE_SSL |
1b26be8f | 60 | char *cert; |
61 | char *key; | |
62 | int version; | |
63 | char *cipher; | |
64 | char *options; | |
65 | char *clientca; | |
66 | char *cafile; | |
67 | char *capath; | |
68 | char *crlfile; | |
69 | char *dhfile; | |
70 | char *sslflags; | |
95d2589c CT |
71 | char *sslContextSessionId; ///< "session id context" for staticSslContext |
72 | bool generateHostCertificates; ///< dynamically make host cert for sslBump | |
73 | size_t dynamicCertMemCacheSize; ///< max size of generated certificates memory cache | |
74 | ||
75 | Ssl::SSL_CTX_Pointer staticSslContext; ///< for HTTPS accelerator or static sslBump | |
76 | Ssl::X509_Pointer signingCert; ///< x509 certificate for signing generated certificates | |
77 | Ssl::EVP_PKEY_Pointer signPkey; ///< private key for sighing generated certificates | |
a594dbfa | 78 | Ssl::X509_STACK_Pointer certsToChain; ///< x509 certificates to send with the generated cert |
95588170 CT |
79 | Ssl::X509_Pointer untrustedSigningCert; ///< x509 certificate for signing untrusted generated certificates |
80 | Ssl::EVP_PKEY_Pointer untrustedSignPkey; ///< private key for signing untrusted generated certificates | |
86660d64 CT |
81 | |
82 | Ssl::X509_CRL_STACK_Pointer clientVerifyCrls; ///< additional CRL lists to use when verifying the client certificate | |
83 | Ssl::X509_NAME_STACK_Pointer clientCA; ///< CA certificates to use when verifying client certificates | |
84 | Ssl::DH_Pointer dhParams; ///< DH parameters for temporary/ephemeral DH key exchanges | |
85 | Ssl::ContextMethod contextMethod; ///< The context method (SSL_METHOD) to use when creating certificates | |
86 | long sslContextFlags; ///< flags modifying the use of SSL | |
87 | long sslOptions; ///< SSL engine options | |
1b26be8f | 88 | #endif |
89 | ||
65d448bc | 90 | CBDATA_CLASS2(PortCfg); // namespaced |
1b26be8f | 91 | }; |
92 | ||
65d448bc AJ |
93 | } // namespace AnyP |
94 | ||
95 | // Max number of TCP listening ports | |
96 | #define MAXTCPLISTENPORTS 128 | |
97 | ||
98 | // TODO: kill this global array. Need to check performance of array vs list though. | |
99 | extern int NHttpSockets; | |
100 | extern int HttpSockets[MAXTCPLISTENPORTS]; | |
101 | ||
102 | #endif /* SQUID_ANYP_PORTCFG_H */ |