]> git.ipfire.org Git - thirdparty/squid.git/blame - src/cache_cf.cc
projects / thirdparty / squid.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
No need to require s->key to be set: s->cert is used instead when needed.
[thirdparty/squid.git] / src / cache_cf.cc
CommitLineData
30a4f2a8 1/*
262a0e14 2 * $Id$
30a4f2a8 3 *
b510f3a1 4 * DEBUG: section 03 Configuration File Parsing
30a4f2a8 5 * AUTHOR: Harvest Derived
6 *
2b6662ba 7 * SQUID Web Proxy Cache http://www.squid-cache.org/
e25c139f 8 * ----------------------------------------------------------
30a4f2a8 9 *
2b6662ba 10 * Squid is the result of efforts by numerous individuals from
11 * the Internet community; see the CONTRIBUTORS file for full
12 * details. Many organizations have provided support for Squid's
13 * development; see the SPONSORS file for full details. Squid is
14 * Copyrighted (C) 2001 by the Regents of the University of
15 * California; see the COPYRIGHT file for full details. Squid
16 * incorporates software developed and/or copyrighted by other
17 * sources; see the CREDITS file for full details.
30a4f2a8 18 *
19 * This program is free software; you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License as published by
21 * the Free Software Foundation; either version 2 of the License, or
22 * (at your option) any later version.
26ac0430 23 *
30a4f2a8 24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
26ac0430 28 *
30a4f2a8 29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
cbdec147 31 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
e25c139f 32 *
30a4f2a8 33 */
cf5fd929 34
44a47c6e 35#include "squid.h"
82b7abe3
AJ		 36
37#include "acl/Acl.h"
38#include "acl/Gadgets.h"
39#include "acl/MethodData.h"
40#if USE_ADAPTATION
41#include "adaptation/Config.h"
42#endif
43#if ICAP_CLIENT
44#include "adaptation/icap/Config.h"
45#endif
46#if USE_ECAP
47#include "adaptation/ecap/Config.h"
48#endif
95d2589c 49#if USE_SSL
4db984be 50#include "ssl/support.h"
95d2589c
CT		 51#include "ssl/Config.h"
52#endif
2f1431ea 53#if USE_AUTH
2d2b0bb7
AR		 54#include "auth/Config.h"
55#include "auth/Scheme.h"
2f1431ea 56#endif
a80a77cf 57#include "ConfigParser.h"
96c2bb61 58#include "CpuAffinityMap.h"
3b581957 59#include "DiskIO/DiskIOModule.h"
82b7abe3
AJ		 60#include "eui/Config.h"
61#if USE_SQUID_ESI
62#include "esi/Parser.h"
63#endif
38e16f92 64#include "format/Format.h"
82b7abe3
AJ		 65#include "HttpRequestMethod.h"
66#include "ident/Config.h"
96d89ea0 67#include "ip/Intercept.h"
b7ac5457 68#include "ip/QosConfig.h"
055421ee 69#include "ip/tools.h"
82b7abe3
AJ		 70#include "log/Config.h"
71#include "MemBuf.h"
8822ebee 72#include "mgr/Registration.h"
c8f4eac4 73#include "Parsing.h"
82b7abe3 74#include "ProtoPort.h"
1fa9b1a7 75#include "rfc1738.h"
82b7abe3
AJ		 76#if SQUID_SNMP
77#include "snmp.h"
78#endif
79#include "Store.h"
80#include "StoreFileSystem.h"
81#include "SwapDir.h"
d295d770 82#include "wordlist.h"
40daaeb8 83#include "ipc/Kids.h"
04f87469 84
52303a3d 85#if HAVE_GLOB_H
592a09dc 86#include <glob.h>
52303a3d 87#endif
1df370e3 88
425de4c8
AJ		 89#if HAVE_LIMITS_H
90#include <limits>
91#endif
92
95d2589c
CT		 93#if USE_SSL
94#include "ssl/gadgets.h"
95#endif
96
62c7f90e 97#if USE_ADAPTATION
62c7f90e 98static void parse_adaptation_service_set_type();
a22e6cd3 99static void parse_adaptation_service_chain_type();
62c7f90e 100static void parse_adaptation_access_type();
71be37e0
CT		 101static void parse_adaptation_meta_type(Adaptation::Config::MetaHeaders *);
102static void dump_adaptation_meta_type(StoreEntry *, const char *, Adaptation::Config::MetaHeaders &);
103static void free_adaptation_meta_type(Adaptation::Config::MetaHeaders *);
62c7f90e
AR		 104#endif
105
3a69ddf3 106#if ICAP_CLIENT
26cc52cb
AR		 107static void parse_icap_service_type(Adaptation::Icap::Config *);
108static void dump_icap_service_type(StoreEntry *, const char *, const Adaptation::Icap::Config &);
109static void free_icap_service_type(Adaptation::Icap::Config *);
c939dc70
AR		 110static void parse_icap_class_type();
111static void parse_icap_access_type();
8277060a
CT		 112
113static void parse_icap_service_failure_limit(Adaptation::Icap::Config *);
114static void dump_icap_service_failure_limit(StoreEntry *, const char *, const Adaptation::Icap::Config &);
115static void free_icap_service_failure_limit(Adaptation::Icap::Config *);
3a69ddf3 116#endif
117
21a26d31 118#if USE_ECAP
574b508c
AR		 119static void parse_ecap_service_type(Adaptation::Ecap::Config *);
120static void dump_ecap_service_type(StoreEntry *, const char *, const Adaptation::Ecap::Config &);
121static void free_ecap_service_type(Adaptation::Ecap::Config *);
21a26d31
AR		 122#endif
123
f5691f9c 124CBDATA_TYPE(peer);
125
fd0f51c4 126static const char *const T_MILLISECOND_STR = "millisecond";
8813e606 127static const char *const T_SECOND_STR = "second";
128static const char *const T_MINUTE_STR = "minute";
129static const char *const T_HOUR_STR = "hour";
130static const char *const T_DAY_STR = "day";
131static const char *const T_WEEK_STR = "week";
132static const char *const T_FORTNIGHT_STR = "fortnight";
133static const char *const T_MONTH_STR = "month";
134static const char *const T_YEAR_STR = "year";
135static const char *const T_DECADE_STR = "decade";
aa0a0c7c 136
9906e724 137static const char *const B_BYTES_STR = "bytes";
138static const char *const B_KBYTES_STR = "KB";
139static const char *const B_MBYTES_STR = "MB";
140static const char *const B_GBYTES_STR = "GB";
141
4db43fab 142static const char *const list_sep = ", \t\n\r";
b0e7d2d5 143
7684c4b1 144static void parse_access_log(customlog ** customlog_definitions);
d64bef4c 145static int check_null_access_log(customlog *customlog_definitions);
7684c4b1 146static void dump_access_log(StoreEntry * entry, const char *name, customlog * definitions);
7684c4b1 147static void free_access_log(customlog ** definitions);
148
cd748f27 149static void update_maxobjsize(void);
f5b8bbc4 150static void configDoConfigure(void);
151static void parse_refreshpattern(refresh_t **);
9b741834
CT		 152static uint64_t parseTimeUnits(const char *unit, bool allowMsec);
153static void parseTimeLine(time_msec_t * tptr, const char *units, bool allowMsec);
f45dd259 154static void parse_u_short(unsigned short * var);
f5b8bbc4 155static void parse_string(char **);
f5b8bbc4 156static void default_all(void);
157static void defaults_if_none(void);
158static int parse_line(char *);
76f44481 159static void parse_obsolete(const char *);
f5b8bbc4 160static void parseBytesLine(size_t * bptr, const char *units);
95d2589c
CT		 161#if USE_SSL
162static void parseBytesOptionValue(size_t * bptr, const char *units, char const * value);
163#endif
e210930b
AJ		 164#if !USE_DNSSERVERS
165static void parseBytesLineSigned(ssize_t * bptr, const char *units);
166#endif
f5b8bbc4 167static size_t parseBytesUnits(const char *unit);
f5b8bbc4 168static void free_all(void);
94439e4e 169void requirePathnameExists(const char *name, const char *path);
ed7f5615 170static OBJH dump_config;
626096be 171#if USE_HTTP_VIOLATIONS
6bccf575 172static void dump_http_header_access(StoreEntry * entry, const char *name, header_mangler header[]);
173static void parse_http_header_access(header_mangler header[]);
174static void free_http_header_access(header_mangler header[]);
175static void dump_http_header_replace(StoreEntry * entry, const char *name, header_mangler header[]);
176static void parse_http_header_replace(header_mangler * header);
177static void free_http_header_replace(header_mangler * header);
9e8b2f1c 178#endif
6bccf575 179static void parse_denyinfo(acl_deny_info_list ** var);
180static void dump_denyinfo(StoreEntry * entry, const char *name, acl_deny_info_list * var);
181static void free_denyinfo(acl_deny_info_list ** var);
e1a88700 182
0b0cfcf2 183#if USE_WCCPv2
b7ac5457
AJ		 184static void parse_IpAddress_list(Ip::Address_list **);
185static void dump_IpAddress_list(StoreEntry *, const char *, const Ip::Address_list *);
186static void free_IpAddress_list(Ip::Address_list **);
0b0cfcf2 187#if CURRENTLY_UNUSED
b7ac5457 188static int check_null_IpAddress_list(const Ip::Address_list *);
3f38a55e 189#endif /* CURRENTLY_UNUSED */
e1a88700 190#endif /* USE_WCCPv2 */
191
3f38a55e 192static void parse_http_port_list(http_port_list **);
193static void dump_http_port_list(StoreEntry *, const char *, const http_port_list *);
194static void free_http_port_list(http_port_list **);
e1a88700 195
d193a436 196#if USE_SSL
197static void parse_https_port_list(https_port_list **);
198static void dump_https_port_list(StoreEntry *, const char *, const https_port_list *);
199static void free_https_port_list(https_port_list **);
fb2178bb
CT		 200static void parse_sslproxy_cert_adapt(sslproxy_cert_adapt **cert_adapt);
201static void dump_sslproxy_cert_adapt(StoreEntry *entry, const char *name, sslproxy_cert_adapt *cert_adapt);
202static void free_sslproxy_cert_adapt(sslproxy_cert_adapt **cert_adapt);
d193a436 203#if 0
204static int check_null_https_port_list(const https_port_list *);
205#endif
206#endif /* USE_SSL */
e1a88700 207
ef1955a5 208static void parse_b_size_t(size_t * var);
47f6e231 209static void parse_b_int64_t(int64_t * var);
270b86af 210
96c2bb61
AR		 211static bool parseNamedIntList(const char *data, const String &name, Vector<int> &list);
212
213static void parse_CpuAffinityMap(CpuAffinityMap **const cpuAffinityMap);
214static void dump_CpuAffinityMap(StoreEntry *const entry, const char *const name, const CpuAffinityMap *const cpuAffinityMap);
215static void free_CpuAffinityMap(CpuAffinityMap **const cpuAffinityMap);
216
cfcb6b30 217static int parseOneConfigFile(const char *file_name, unsigned int depth);
218
a385afc3 219/*
220 * LegacyParser is a parser for legacy code that uses the global
221 * approach. This is static so that it is only exposed to cache_cf.
222 * Other modules needing access to a ConfigParser should have it
223 * provided to them in their parserFOO methods.
224 */
225static ConfigParser LegacyParser = ConfigParser();
a9f20260 226
0e4e0e7d 227void
0673c0ba 228self_destruct(void)
090089c4 229{
a9f20260 230 LegacyParser.destruct();
6b8e7481 231}
232
cd748f27 233static void
234update_maxobjsize(void)
235{
236 int i;
47f6e231 237 int64_t ms = -1;
cd748f27 238
239 for (i = 0; i < Config.cacheSwap.n_configured; i++) {
c8f4eac4 240 assert (Config.cacheSwap.swapDirs[i].getRaw());
62e76326 241
c8f4eac4 242 if (dynamic_cast<SwapDir *>(Config.cacheSwap.swapDirs[i].getRaw())->
243 max_objsize > ms)
244 ms = dynamic_cast<SwapDir *>(Config.cacheSwap.swapDirs[i].getRaw())->max_objsize;
cd748f27 245 }
246 store_maxobjsize = ms;
247}
248
76b9daa5 249static void
250SetConfigFilename(char const *file_name, bool is_pipe)
251{
252 cfg_filename = file_name;
253
254 char const *token;
255
256 if (is_pipe)
257 cfg_filename = file_name + 1;
258 else if ((token = strrchr(cfg_filename, '/')))
259 cfg_filename = token + 1;
260}
261
130bff33 262static const char*
263skip_ws(const char* s)
264{
265 while (xisspace(*s))
266 ++s;
267
268 return s;
269}
270
cfcb6b30 271static int
272parseManyConfigFiles(char* files, int depth)
273{
274 int error_count = 0;
d7ac36b9 275 char* saveptr = NULL;
52303a3d 276#if HAVE_GLOB
592a09dc 277 char *path;
278 glob_t globbuf;
279 int i;
280 memset(&globbuf, 0, sizeof(globbuf));
281 for (path = strwordtok(files, &saveptr); path; path = strwordtok(NULL, &saveptr)) {
26ac0430
AJ		 282 if (glob(path, globbuf.gl_pathc ? GLOB_APPEND : 0, NULL, &globbuf) != 0) {
283 fatalf("Unable to find configuration file: %s: %s",
284 path, xstrerror());
285 }
286 }
592a09dc 287 for (i = 0; i < (int)globbuf.gl_pathc; i++) {
26ac0430 288 error_count += parseOneConfigFile(globbuf.gl_pathv[i], depth);
cfcb6b30 289 }
592a09dc 290 globfree(&globbuf);
52303a3d 291#else
292 char* file = strwordtok(files, &saveptr);
293 while (file != NULL) {
26ac0430
AJ		 294 error_count += parseOneConfigFile(file, depth);
295 file = strwordtok(NULL, &saveptr);
52303a3d 296 }
297#endif /* HAVE_GLOB */
cfcb6b30 298 return error_count;
299}
300
d4a3e179
AR		 301static void
302ReplaceSubstr(char*& str, int& len, unsigned substrIdx, unsigned substrLen, const char* newSubstr)
303{
304 assert(str != NULL);
305 assert(newSubstr != NULL);
306
307 unsigned newSubstrLen = strlen(newSubstr);
308 if (newSubstrLen > substrLen)
309 str = (char*)realloc(str, len - substrLen + newSubstrLen + 1);
310
311 // move tail part including zero
312 memmove(str + substrIdx + newSubstrLen, str + substrIdx + substrLen, len - substrIdx - substrLen + 1);
313 // copy new substring in place
314 memcpy(str + substrIdx, newSubstr, newSubstrLen);
315
316 len = strlen(str);
317}
318
319static void
320SubstituteMacro(char*& line, int& len, const char* macroName, const char* substStr)
321{
322 assert(line != NULL);
323 assert(macroName != NULL);
324 assert(substStr != NULL);
325 unsigned macroNameLen = strlen(macroName);
326 while (const char* macroPos = strstr(line, macroName)) // we would replace all occurrences
327 ReplaceSubstr(line, len, macroPos - line, macroNameLen, substStr);
328}
329
330static void
331ProcessMacros(char*& line, int& len)
332{
9de6c973 333 SubstituteMacro(line, len, "${process_name}", TheKidName);
d4a3e179
AR		 334 SubstituteMacro(line, len, "${process_number}", xitoa(KidIdentifier));
335}
336
a7ea9b13
AR		 337static void
338trim_trailing_ws(char* str)
339{
340 assert(str != NULL);
341 unsigned i = strlen(str);
342 while ((i > 0) && xisspace(str[i - 1]))
343 --i;
344 str[i] = '\0';
345}
346
347static const char*
348FindStatement(const char* line, const char* statement)
349{
350 assert(line != NULL);
351 assert(statement != NULL);
352
353 const char* str = skip_ws(line);
354 unsigned len = strlen(statement);
355 if (strncmp(str, statement, len) == 0) {
356 str += len;
357 if (*str == '\0')
358 return str;
359 else if (xisspace(*str))
360 return skip_ws(str);
361 }
362
363 return NULL;
364}
365
366static bool
367StrToInt(const char* str, long& number)
368{
369 assert(str != NULL);
370
371 char* end;
372 number = strtol(str, &end, 0);
373
374 return (end != str) && (*end == '\0'); // returns true if string contains nothing except number
375}
376
377static bool
378EvalBoolExpr(const char* expr)
379{
380 assert(expr != NULL);
381 if (strcmp(expr, "true") == 0) {
382 return true;
383 } else if (strcmp(expr, "false") == 0) {
384 return false;
385 } else if (const char* equation = strchr(expr, '=')) {
386 const char* rvalue = skip_ws(equation + 1);
387 char* lvalue = (char*)xmalloc(equation - expr + 1);
388 xstrncpy(lvalue, expr, equation - expr + 1);
389 trim_trailing_ws(lvalue);
390
391 long number1;
392 if (!StrToInt(lvalue, number1))
393 fatalf("String is not a integer number: '%s'\n", lvalue);
394 long number2;
395 if (!StrToInt(rvalue, number2))
396 fatalf("String is not a integer number: '%s'\n", rvalue);
397
398 xfree(lvalue);
399 return number1 == number2;
400 }
401 fatalf("Unable to evaluate expression '%s'\n", expr);
402 return false; // this place cannot be reached
403}
404
cfcb6b30 405static int
406parseOneConfigFile(const char *file_name, unsigned int depth)
2546fcb3 407{
270b86af 408 FILE *fp = NULL;
cfcb6b30 409 const char *orig_cfg_filename = cfg_filename;
410 const int orig_config_lineno = config_lineno;
270b86af 411 char *token = NULL;
81c161d0 412 char *tmp_line = NULL;
413 int tmp_line_len = 0;
e13ee7ad 414 int err_count = 0;
1741cbad 415 int is_pipe = 0;
cfcb6b30 416
417 debugs(3, 1, "Processing Configuration File: " << file_name << " (depth " << depth << ")");
418 if (depth > 16) {
419 fatalf("WARNING: can't include %s: includes are nested too deeply (>16)!\n", file_name);
420 return 1;
421 }
62e76326 422
1741cbad 423 if (file_name[0] == '!' || file_name[0] == '|') {
62e76326 424 fp = popen(file_name + 1, "r");
425 is_pipe = 1;
1741cbad 426 } else {
62e76326 427 fp = fopen(file_name, "r");
1741cbad 428 }
62e76326 429
1741cbad 430 if (fp == NULL)
cfcb6b30 431 fatalf("Unable to open configuration file: %s: %s", file_name, xstrerror());
62e76326 432
be266cb2 433#if _SQUID_WINDOWS_
c4aefe96 434 setmode(fileno(fp), O_TEXT);
435#endif
62e76326 436
76b9daa5 437 SetConfigFilename(file_name, bool(is_pipe));
62e76326 438
270b86af 439 memset(config_input_line, '\0', BUFSIZ);
62e76326 440
270b86af 441 config_lineno = 0;
62e76326 442
a7ea9b13 443 Vector<bool> if_states;
270b86af 444 while (fgets(config_input_line, BUFSIZ, fp)) {
62e76326 445 config_lineno++;
446
447 if ((token = strchr(config_input_line, '\n')))
448 *token = '\0';
449
d866e2ad 450 if ((token = strchr(config_input_line, '\r')))
451 *token = '\0';
452
f068973f
AJ		 453 // strip any prefix whitespace off the line.
454 const char *p = skip_ws(config_input_line);
455 if (config_input_line != p)
456 memmove(config_input_line, p, strlen(p)+1);
457
62e76326 458 if (strncmp(config_input_line, "#line ", 6) == 0) {
459 static char new_file_name[1024];
460 static char *file;
461 static char new_lineno;
462 token = config_input_line + 6;
463 new_lineno = strtol(token, &file, 0) - 1;
464
465 if (file == token)
466 continue; /* Not a valid #line directive, may be a comment */
467
e4755e29 468 while (*file && xisspace((unsigned char) *file))
62e76326 469 file++;
470
471 if (*file) {
472 if (*file != '"')
473 continue; /* Not a valid #line directive, may be a comment */
474
475 xstrncpy(new_file_name, file + 1, sizeof(new_file_name));
476
477 if ((token = strchr(new_file_name, '"')))
478 *token = '\0';
479
480 cfg_filename = new_file_name;
62e76326 481 }
482
483 config_lineno = new_lineno;
484 }
485
486 if (config_input_line[0] == '#')
487 continue;
488
489 if (config_input_line[0] == '\0')
490 continue;
491
130bff33 492 const char* append = tmp_line_len ? skip_ws(config_input_line) : config_input_line;
493
494 size_t append_len = strlen(append);
62e76326 495
130bff33 496 tmp_line = (char*)xrealloc(tmp_line, tmp_line_len + append_len + 1);
81c161d0 497
130bff33 498 strcpy(tmp_line + tmp_line_len, append);
81c161d0 499
130bff33 500 tmp_line_len += append_len;
81c161d0 501
502 if (tmp_line[tmp_line_len-1] == '\\') {
bf8fe701 503 debugs(3, 5, "parseConfigFile: tmp_line='" << tmp_line << "'");
81c161d0 504 tmp_line[--tmp_line_len] = '\0';
505 continue;
506 }
507
a7ea9b13 508 trim_trailing_ws(tmp_line);
d4a3e179 509 ProcessMacros(tmp_line, tmp_line_len);
dad047ab 510 debugs(3, (opt_parse_cfg_only?1:5), "Processing: " << tmp_line);
62e76326 511
a7ea9b13
AR		 512 if (const char* expr = FindStatement(tmp_line, "if")) {
513 if_states.push_back(EvalBoolExpr(expr)); // store last if-statement meaning
514 } else if (FindStatement(tmp_line, "endif")) {
515 if (!if_states.empty())
516 if_states.pop_back(); // remove last if-statement meaning
517 else
518 fatalf("'endif' without 'if'\n");
519 } else if (FindStatement(tmp_line, "else")) {
520 if (!if_states.empty())
521 if_states.back() = !if_states.back();
522 else
523 fatalf("'else' without 'if'\n");
524 } else if (if_states.empty() || if_states.back()) { // test last if-statement meaning if present
525 /* Handle includes here */
526 if (tmp_line_len >= 9 && strncmp(tmp_line, "include", 7) == 0 && xisspace(tmp_line[7])) {
527 err_count += parseManyConfigFiles(tmp_line + 8, depth + 1);
528 } else if (!parse_line(tmp_line)) {
529 debugs(3, 0, HERE << cfg_filename << ":" << config_lineno << " unrecognized: '" << tmp_line << "'");
530 err_count++;
531 }
26ac0430 532 }
62e76326 533
534 safe_free(tmp_line);
81c161d0 535 tmp_line_len = 0;
536
270b86af 537 }
a7ea9b13
AR		 538 if (!if_states.empty())
539 fatalf("if-statement without 'endif'\n");
62e76326 540
1741cbad 541 if (is_pipe) {
62e76326 542 int ret = pclose(fp);
543
544 if (ret != 0)
545 fatalf("parseConfigFile: '%s' failed with exit code %d\n", file_name, ret);
1741cbad 546 } else {
62e76326 547 fclose(fp);
1741cbad 548 }
62e76326 549
cfcb6b30 550 cfg_filename = orig_cfg_filename;
551 config_lineno = orig_config_lineno;
552
553 return err_count;
554}
555
556int
dd9b1081 557parseConfigFile(const char *file_name)
cfcb6b30 558{
559 int err_count = 0;
560
5817ee13
AJ		 561 debugs(5, 4, HERE);
562
cfcb6b30 563 configFreeMemory();
564
5491c11e 565 ACLMethodData::ThePurgeCount = 0;
cfcb6b30 566 default_all();
567
568 err_count = parseOneConfigFile(file_name, 0);
569
f0b19334 570 defaults_if_none();
f9ad0106 571
9c46ca97 572 /*
573 * We must call configDoConfigure() before leave_suid() because
574 * configDoConfigure() is where we turn username strings into
575 * uid values.
576 */
577 configDoConfigure();
578
f9ad0106 579 if (!Config.chroot_dir) {
580 leave_suid();
c642c141 581 setUmask(Config.umask);
62493678 582 _db_init(Debug::cache_log, Debug::debugOptions);
f9ad0106 583 enter_suid();
584 }
585
478c4f2f 586 if (opt_send_signal == -1) {
8822ebee 587 Mgr::RegisterAction("config",
d9fc6862
A		 588 "Current Squid Configuration",
589 dump_config,
590 1, 1);
478c4f2f 591 }
592
e13ee7ad 593 return err_count;
f0b19334 594}
270b86af 595
cfcb6b30 596
f0b19334 597static void
598configDoConfigure(void)
599{
f0b19334 600 memset(&Config2, '\0', sizeof(SquidConfig2));
7021844c 601 /* init memory as early as possible */
602 memConfigure();
270b86af 603 /* Sanity checks */
62e76326 604
7895fa18
AJ		 605 if (Config.cacheSwap.swapDirs == NULL) {
606 /* Memory-only cache probably in effect. */
607 /* turn off the cache rebuild delays... */
608 StoreController::store_dirs_rebuilding = 0;
3b581957
DK		 609 } else if (InDaemonMode()) { // no diskers in non-daemon mode
610 for (int i = 0; i < Config.cacheSwap.n_configured; ++i) {
611 const RefCount<SwapDir> sd = Config.cacheSwap.swapDirs[i];
612 if (sd->needsDiskStrand())
613 sd->disker = Config.workers + (++Config.cacheSwap.n_strands);
614 }
7895fa18
AJ		 615 }
616
47df1aa7
AJ		 617 if (Debug::rotateNumber < 0) {
618 Debug::rotateNumber = Config.Log.rotateNumber;
619 }
620
5aecb102 621#if SIZEOF_OFF_T <= 4
622 if (Config.Store.maxObjectSize > 0x7FFF0000) {
26ac0430
AJ		 623 debugs(3, 0, "WARNING: This Squid binary can not handle files larger than 2GB. Limiting maximum_object_size to just below 2GB");
624 Config.Store.maxObjectSize = 0x7FFF0000;
5aecb102 625 }
626#endif
c8f4eac4 627 if (0 == Store::Root().maxSize())
62e76326 628 /* people might want a zero-sized cache on purpose */
629 (void) 0;
cc34568d 630 else if (Store::Root().maxSize() < Config.memMaxSize)
c8f4eac4 631 /* This is bogus. folk with NULL caches will want this */
bf8fe701 632 debugs(3, 0, "WARNING cache_mem is larger than total disk cache space!");
62e76326 633
84f42bac 634 if (Config.Announce.period > 0) {
62e76326 635 Config.onoff.announce = 1;
84f42bac 636 } else if (Config.Announce.period < 1) {
62e76326 637 Config.Announce.period = 86400 * 365; /* one year */
638 Config.onoff.announce = 0;
270b86af 639 }
62e76326 640
d3caee79 641 if (Config.onoff.httpd_suppress_version_string)
642 visible_appname_string = (char *)appname_string;
643 else
7dbca7a4 644 visible_appname_string = (char const *)APP_FULLNAME;
d3caee79 645
6b53c392 646#if USE_DNSSERVERS
d3caee79 647
48d54e4d 648 if (Config.dnsChildren.n_max < 1)
62e76326 649 fatal("No dnsservers allocated");
650
efd900cb 651#endif
62e76326 652
270b86af 653 if (Config.Program.redirect) {
48d54e4d
AJ		 654 if (Config.redirectChildren.n_max < 1) {
655 Config.redirectChildren.n_max = 0;
62e76326 656 wordlistDestroy(&Config.Program.redirect);
657 }
fea2e6e0 658 }
62e76326 659
f1dc9b30 660 if (Config.appendDomain)
62e76326 661 if (*Config.appendDomain != '.')
662 fatal("append_domain must begin with a '.'");
663
270b86af 664 if (Config.errHtmlText == NULL)
62e76326 665 Config.errHtmlText = xstrdup(null_string);
666
1b7fae06
AJ		 667#if !HAVE_SETRLIMIT || !defined(RLIMIT_NOFILE)
668 if (Config.max_filedescriptors > 0) {
3a9087af 669 debugs(0, DBG_IMPORTANT, "WARNING: max_filedescriptors disabled. Operating System setrlimit(RLIMIT_NOFILE) is missing.");
1b7fae06
AJ		 670 }
671#elif USE_SELECT || USE_SELECT_WIN32
672 if (Config.max_filedescriptors > FD_SETSIZE) {
3a9087af 673 debugs(0, DBG_IMPORTANT, "WARNING: max_filedescriptors limited to " << FD_SETSIZE << " by select() algorithm.");
1b7fae06
AJ		 674 }
675#endif
676
270b86af 677 storeConfigure();
62e76326 678
52f772de 679 snprintf(ThisCache, sizeof(ThisCache), "%s (%s)",
62e76326 680 uniqueHostname(),
d3caee79 681 visible_appname_string);
fbdba7c4 682
38a6c74e 683 /*
684 * the extra space is for loop detection in client_side.c -- we search
685 * for substrings in the Via header.
686 */
52f772de 687 snprintf(ThisCache2, sizeof(ThisCache), " %s (%s)",
62e76326 688 uniqueHostname(),
d3caee79 689 visible_appname_string);
62e76326 690
b2b40d8c
AJ		 691 /* Use visible_hostname as default surrogate_id */
692 if (!Config.Accel.surrogate_id) {
693 const char *t = getMyHostname();
694 Config.Accel.surrogate_id = xstrdup( (t?t:"unset-id") );
695 }
696
270b86af 697 if (!Config.udpMaxHitObjsz || Config.udpMaxHitObjsz > SQUID_UDP_SO_SNDBUF)
62e76326 698 Config.udpMaxHitObjsz = SQUID_UDP_SO_SNDBUF;
699
270b86af 700 if (Config.appendDomain)
62e76326 701 Config.appendDomainLen = strlen(Config.appendDomain);
270b86af 702 else
62e76326 703 Config.appendDomainLen = 0;
704
31ef19cd
AJ		 705 if (Config.connect_retries > 10) {
706 debugs(0,DBG_CRITICAL, "WARNING: connect_retries cannot be larger than 10. Resetting to 10.");
707 Config.connect_retries = 10;
5210854d 708 }
62e76326 709
f0b19334 710 requirePathnameExists("MIME Config Table", Config.mimeTablePathname);
6b53c392 711#if USE_DNSSERVERS
62e76326 712
f0b19334 713 requirePathnameExists("cache_dns_program", Config.Program.dnsserver);
efd900cb 714#endif
a3d0a19d 715#if USE_UNLINKD
62e76326 716
f0b19334 717 requirePathnameExists("unlinkd_program", Config.Program.unlinkd);
a3d0a19d 718#endif
82b7abe3 719 requirePathnameExists("logfile_daemon", Log::TheConfig.logfile_daemon);
f0b19334 720 if (Config.Program.redirect)
62e76326 721 requirePathnameExists("redirect_program", Config.Program.redirect->key);
722
f0b19334 723 requirePathnameExists("Icon Directory", Config.icons.directory);
62e76326 724
26ac0430 725 if (Config.errorDirectory)
43000484 726 requirePathnameExists("Error Directory", Config.errorDirectory);
62e76326 727
626096be 728#if USE_HTTP_VIOLATIONS
62e76326 729
9f60cfdf 730 {
62e76326 731 const refresh_t *R;
732
26ac0430 733 for (R = Config.Refresh; R; R = R->next) {
62e76326 734 if (!R->flags.override_expire)
735 continue;
736
bf8fe701 737 debugs(22, 1, "WARNING: use of 'override-expire' in 'refresh_pattern' violates HTTP");
62e76326 738
739 break;
740 }
741
26ac0430 742 for (R = Config.Refresh; R; R = R->next) {
62e76326 743 if (!R->flags.override_lastmod)
744 continue;
745
bf8fe701 746 debugs(22, 1, "WARNING: use of 'override-lastmod' in 'refresh_pattern' violates HTTP");
62e76326 747
748 break;
749 }
750
26ac0430 751 for (R = Config.Refresh; R; R = R->next) {
38f9c547 752 if (!R->flags.reload_into_ims)
753 continue;
754
bf8fe701 755 debugs(22, 1, "WARNING: use of 'reload-into-ims' in 'refresh_pattern' violates HTTP");
38f9c547 756
757 break;
758 }
759
26ac0430 760 for (R = Config.Refresh; R; R = R->next) {
38f9c547 761 if (!R->flags.ignore_reload)
762 continue;
763
bf8fe701 764 debugs(22, 1, "WARNING: use of 'ignore-reload' in 'refresh_pattern' violates HTTP");
38f9c547 765
766 break;
767 }
768
26ac0430 769 for (R = Config.Refresh; R; R = R->next) {
38f9c547 770 if (!R->flags.ignore_no_cache)
771 continue;
772
bf8fe701 773 debugs(22, 1, "WARNING: use of 'ignore-no-cache' in 'refresh_pattern' violates HTTP");
38f9c547 774
775 break;
776 }
777
26ac0430 778 for (R = Config.Refresh; R; R = R->next) {
38f9c547 779 if (!R->flags.ignore_no_store)
780 continue;
781
bf8fe701 782 debugs(22, 1, "WARNING: use of 'ignore-no-store' in 'refresh_pattern' violates HTTP");
38f9c547 783
784 break;
785 }
786
4ca08219 787 for (R = Config.Refresh; R; R = R->next) {
04f7fd38
AJ		 788 if (!R->flags.ignore_must_revalidate)
789 continue;
790 debugs(22, 1, "WARNING: use of 'ignore-must-revalidate' in 'refresh_pattern' violates HTTP");
791 break;
4ca08219
AJ		 792 }
793
26ac0430 794 for (R = Config.Refresh; R; R = R->next) {
38f9c547 795 if (!R->flags.ignore_private)
796 continue;
797
bf8fe701 798 debugs(22, 1, "WARNING: use of 'ignore-private' in 'refresh_pattern' violates HTTP");
38f9c547 799
800 break;
801 }
802
26ac0430 803 for (R = Config.Refresh; R; R = R->next) {
38f9c547 804 if (!R->flags.ignore_auth)
805 continue;
806
bf8fe701 807 debugs(22, 1, "WARNING: use of 'ignore-auth' in 'refresh_pattern' violates HTTP");
38f9c547 808
809 break;
810 }
811
9f60cfdf 812 }
c2f5c744 813#endif
626096be 814#if !USE_HTTP_VIOLATIONS
c2f5c744 815 Config.onoff.via = 1;
816#else
62e76326 817
c2f5c744 818 if (!Config.onoff.via)
bf8fe701 819 debugs(22, 1, "WARNING: HTTP requires the use of Via");
62e76326 820
9f60cfdf 821#endif
62e76326 822
5491c11e
AR		 823 // we enable runtime PURGE checks if there is at least one PURGE method ACL
824 // TODO: replace with a dedicated "purge" ACL option?
3d9019c7 825 Config2.onoff.enable_purge = (ACLMethodData::ThePurgeCount > 0);
62e76326 826
4f56514c 827 Config2.onoff.mangle_request_headers = httpReqHdrManglersConfigured();
5967c0bf 828
8749fa47 829 if (geteuid() == 0) {
62e76326 830 if (NULL != Config.effectiveUser) {
831
832 struct passwd *pwd = getpwnam(Config.effectiveUser);
833
5ad8d199 834 if (NULL == pwd) {
62e76326 835 /*
836 * Andres Kroonmaa <andre@online.ee>:
837 * Some getpwnam() implementations (Solaris?) require
838 * an available FD < 256 for opening a FILE* to the
839 * passwd file.
840 * DW:
841 * This should be safe at startup, but might still fail
842 * during reconfigure.
843 */
844 fatalf("getpwnam failed to find userid for effective user '%s'",
845 Config.effectiveUser);
5ad8d199 846 return;
847 }
62e76326 848
849 Config2.effectiveUserID = pwd->pw_uid;
850
851 Config2.effectiveGroupID = pwd->pw_gid;
08ac5ea7 852
cff61cb8 853#if HAVE_PUTENV
854
855 if (pwd->pw_dir && *pwd->pw_dir) {
856 int len;
857 char *env_str = (char *)xcalloc((len = strlen(pwd->pw_dir) + 6), 1);
858 snprintf(env_str, len, "HOME=%s", pwd->pw_dir);
859 putenv(env_str);
860 }
861
862#endif
863
62e76326 864 }
8749fa47 865 } else {
62e76326 866 Config2.effectiveUserID = geteuid();
867 Config2.effectiveGroupID = getegid();
d20b1cd0 868 }
62e76326 869
d20b1cd0 870 if (NULL != Config.effectiveGroup) {
62e76326 871
872 struct group *grp = getgrnam(Config.effectiveGroup);
873
5ad8d199 874 if (NULL == grp) {
62e76326 875 fatalf("getgrnam failed to find groupid for effective group '%s'",
876 Config.effectiveGroup);
5ad8d199 877 return;
878 }
62e76326 879
880 Config2.effectiveGroupID = grp->gr_gid;
d20b1cd0 881 }
62e76326 882
985c86bc 883 HttpRequestMethod::Configure(Config);
a7ad6e4e 884#if USE_SSL
62e76326 885
bf8fe701 886 debugs(3, 1, "Initializing https proxy context");
f9ad0106 887
a82a4fe4 888 Config.ssl_client.sslContext = sslCreateClientContext(Config.ssl_client.cert, Config.ssl_client.key, Config.ssl_client.version, Config.ssl_client.cipher, Config.ssl_client.options, Config.ssl_client.flags, Config.ssl_client.cafile, Config.ssl_client.capath, Config.ssl_client.crlfile);
f9ad0106 889
890 {
891
892 peer *p;
893
894 for (p = Config.peers; p != NULL; p = p->next) {
895 if (p->use_ssl) {
bf8fe701 896 debugs(3, 1, "Initializing cache_peer " << p->name << " SSL context");
a82a4fe4 897 p->sslContext = sslCreateClientContext(p->sslcert, p->sslkey, p->sslversion, p->sslcipher, p->ssloptions, p->sslflags, p->sslcafile, p->sslcapath, p->sslcrlfile);
f9ad0106 898 }
899 }
900 }
901
154dc884 902 {
903
904 http_port_list *s;
905
906 for (s = Config.Sockaddr.http; s != NULL; s = (http_port_list *) s->next) {
d0c1eed4 907 if (!s->cert)
154dc884 908 continue;
909
910 debugs(3, 1, "Initializing http_port " << s->http.s << " SSL context");
911
95d2589c
CT		 912 s->staticSslContext.reset(
913 sslCreateServerContext(s->cert, s->key,
914 s->version, s->cipher, s->options, s->sslflags, s->clientca,
915 s->cafile, s->capath, s->crlfile, s->dhfile,
916 s->sslContextSessionId));
917
a594dbfa 918 Ssl::readCertChainAndPrivateKeyFromFiles(s->signingCert, s->signPkey, s->certsToChain, s->cert, s->key);
154dc884 919 }
920 }
921
f9ad0106 922 {
923
924 https_port_list *s;
925
b844522c 926 for (s = Config.Sockaddr.https; s != NULL; s = (https_port_list *) s->http.next) {
cc192b50 927 debugs(3, 1, "Initializing https_port " << s->http.s << " SSL context");
bf8fe701 928
95d2589c
CT		 929 s->staticSslContext.reset(
930 sslCreateServerContext(s->cert, s->key,
931 s->version, s->cipher, s->options, s->sslflags, s->clientca,
932 s->cafile, s->capath, s->crlfile, s->dhfile,
933 s->sslContextSessionId));
061bbdec 934
d0c1eed4 935 if (s->cert && s->sslBump)
061bbdec 936 Ssl::readCertChainAndPrivateKeyFromFiles(s->signingCert, s->signPkey, s->certsToChain, s->cert, s->key);
f9ad0106 937 }
938 }
939
a7ad6e4e 940#endif
1f771fed
AJ		 941
942 // prevent infinite fetch loops in the request parser
943 // due to buffer full but not enough data recived to finish parse
944 if (Config.maxRequestBufferSize <= Config.maxRequestHeaderSize) {
d0bbf50e 945 fatalf("Client request buffer of %u bytes cannot hold a request with %u bytes of headers." \
1f771fed 946 " Change client_request_buffer_max or request_header_max_size limits.",
d0bbf50e 947 (uint32_t)Config.maxRequestBufferSize, (uint32_t)Config.maxRequestHeaderSize);
1f771fed 948 }
a0e23afd 949
2f1431ea 950#if USE_AUTH
a0e23afd
AJ		 951 /*
952 * disable client side request pipelining. There is a race with
953 * Negotiate and NTLM when the client sends a second request on an
954 * connection before the authenticate challenge is sent. With
955 * pipelining OFF, the client may fail to authenticate, but squid's
956 * state will be preserved.
957 */
958 if (Config.onoff.pipeline_prefetch) {
9f3d2b2e
AJ		 959 Auth::Config *nego = Auth::Config::Find("Negotiate");
960 Auth::Config *ntlm = Auth::Config::Find("NTLM");
a0e23afd
AJ		 961 if ((nego && nego->active()) || (ntlm && ntlm->active())) {
962 debugs(3, DBG_IMPORTANT, "WARNING: pipeline_prefetch breaks NTLM and Negotiate authentication. Forced OFF.");
963 Config.onoff.pipeline_prefetch = 0;
964 }
965 }
2f1431ea 966#endif
090089c4 967}
968
76f44481
AJ		 969/** Parse a line containing an obsolete directive.
970 * To upgrade it where possible instead of just "Bungled config" for
971 * directives which cannot be marked as simply aliases of the some name.
972 * For example if the parameter order and content has changed.
973 * Or if the directive has been completely removed.
974 */
975void
976parse_obsolete(const char *name)
977{
978 // Directives which have been radically changed rather than removed
979 if (!strcmp(name, "url_rewrite_concurrency")) {
254d8ef1
AJ		 980 int cval;
981 parse_int(&cval);
76f44481 982 debugs(3, DBG_CRITICAL, "WARNING: url_rewrite_concurrency upgrade overriding url_rewrite_children settings.");
254d8ef1 983 Config.redirectChildren.concurrency = cval;
76f44481
AJ		 984 }
985}
986
270b86af 987/* Parse a time specification from the config file. Store the
f1dc9b30 988 * result in 'tptr', after converting it to 'units' */
8203a132 989static void
9b741834 990parseTimeLine(time_msec_t * tptr, const char *units, bool allowMsec)
090089c4 991{
992 char *token;
270b86af 993 double d;
fd0f51c4
CT		 994 time_msec_t m;
995 time_msec_t u;
62e76326 996
9b741834 997 if ((u = parseTimeUnits(units, allowMsec)) == 0)
62e76326 998 self_destruct();
999
270b86af 1000 if ((token = strtok(NULL, w_space)) == NULL)
62e76326 1001 self_destruct();
1002
5c20d6fa 1003 d = xatof(token);
62e76326 1004
270b86af 1005 m = u; /* default to 'units' if none specified */
62e76326 1006
10738561 1007 if (0 == d)
62e76326 1008 (void) 0;
10738561 1009 else if ((token = strtok(NULL, w_space)) == NULL)
26ac0430
AJ		 1010 debugs(3, 0, "WARNING: No units on '" <<
1011 config_input_line << "', assuming " <<
1012 d << " " << units );
9b741834 1013 else if ((m = parseTimeUnits(token, allowMsec)) == 0)
62e76326 1014 self_destruct();
1015
fd0f51c4 1016 *tptr = static_cast<time_msec_t>(m * d);
090089c4 1017}
1018
fd0f51c4 1019static uint64_t
9b741834 1020parseTimeUnits(const char *unit, bool allowMsec)
270b86af 1021{
9b741834 1022 if (allowMsec && !strncasecmp(unit, T_MILLISECOND_STR, strlen(T_MILLISECOND_STR)))
62e76326 1023 return 1;
1024
fd0f51c4
CT		 1025 if (!strncasecmp(unit, T_SECOND_STR, strlen(T_SECOND_STR)))
1026 return 1000;
1027
270b86af 1028 if (!strncasecmp(unit, T_MINUTE_STR, strlen(T_MINUTE_STR)))
fd0f51c4 1029 return 60 * 1000;
62e76326 1030
270b86af 1031 if (!strncasecmp(unit, T_HOUR_STR, strlen(T_HOUR_STR)))
fd0f51c4 1032 return 3600 * 1000;
62e76326 1033
270b86af 1034 if (!strncasecmp(unit, T_DAY_STR, strlen(T_DAY_STR)))
fd0f51c4 1035 return 86400 * 1000;
62e76326 1036
270b86af 1037 if (!strncasecmp(unit, T_WEEK_STR, strlen(T_WEEK_STR)))
fd0f51c4 1038 return 86400 * 7 * 1000;
62e76326 1039
270b86af 1040 if (!strncasecmp(unit, T_FORTNIGHT_STR, strlen(T_FORTNIGHT_STR)))
fd0f51c4 1041 return 86400 * 14 * 1000;
62e76326 1042
270b86af 1043 if (!strncasecmp(unit, T_MONTH_STR, strlen(T_MONTH_STR)))
fd0f51c4 1044 return static_cast<uint64_t>(86400) * 30 * 1000;
62e76326 1045
270b86af 1046 if (!strncasecmp(unit, T_YEAR_STR, strlen(T_YEAR_STR)))
fd0f51c4 1047 return static_cast<uint64_t>(86400 * 1000 * 365.2522);
62e76326 1048
270b86af 1049 if (!strncasecmp(unit, T_DECADE_STR, strlen(T_DECADE_STR)))
fd0f51c4 1050 return static_cast<uint64_t>(86400 * 1000 * 365.2522 * 10);
62e76326 1051
bf8fe701 1052 debugs(3, 1, "parseTimeUnits: unknown time unit '" << unit << "'");
62e76326 1053
270b86af 1054 return 0;
1055}
1056
47f6e231 1057static void
1058parseBytesLine64(int64_t * bptr, const char *units)
1059{
1060 char *token;
1061 double d;
1062 int64_t m;
1063 int64_t u;
1064
9eeb8e4b 1065 if ((u = parseBytesUnits(units)) == 0) {
47f6e231 1066 self_destruct();
9eeb8e4b 1067 return;
1068 }
47f6e231 1069
9eeb8e4b 1070 if ((token = strtok(NULL, w_space)) == NULL) {
47f6e231 1071 self_destruct();
9eeb8e4b 1072 return;
1073 }
47f6e231 1074
1075 if (strcmp(token, "none") == 0 || strcmp(token, "-1") == 0) {
bc41416d 1076 *bptr = -1;
47f6e231 1077 return;
1078 }
1079
1080 d = xatof(token);
1081
1082 m = u; /* default to 'units' if none specified */
1083
1084 if (0.0 == d)
1085 (void) 0;
1086 else if ((token = strtok(NULL, w_space)) == NULL)
26ac0430
AJ		 1087 debugs(3, 0, "WARNING: No units on '" <<
1088 config_input_line << "', assuming " <<
1089 d << " " << units );
9eeb8e4b 1090 else if ((m = parseBytesUnits(token)) == 0) {
47f6e231 1091 self_destruct();
9eeb8e4b 1092 return;
1093 }
47f6e231 1094
1095 *bptr = static_cast<int64_t>(m * d / u);
1096
1097 if (static_cast<double>(*bptr) * 2 != m * d / u * 2)
1098 self_destruct();
1099}
1100
1101
9906e724 1102static void
9e975e4e 1103parseBytesLine(size_t * bptr, const char *units)
9906e724 1104{
1105 char *token;
1106 double d;
47f6e231 1107 int m;
1108 int u;
62e76326 1109
9eeb8e4b 1110 if ((u = parseBytesUnits(units)) == 0) {
62e76326 1111 self_destruct();
9eeb8e4b 1112 return;
1113 }
62e76326 1114
9eeb8e4b 1115 if ((token = strtok(NULL, w_space)) == NULL) {
62e76326 1116 self_destruct();
9eeb8e4b 1117 return;
1118 }
62e76326 1119
f8ecd7d7 1120 if (strcmp(token, "none") == 0 || strcmp(token, "-1") == 0) {
b2d729e6 1121 *bptr = static_cast<size_t>(-1);
ef1955a5 1122 return;
1123 }
1124
5c20d6fa 1125 d = xatof(token);
62e76326 1126
9906e724 1127 m = u; /* default to 'units' if none specified */
62e76326 1128
343f47a3 1129 if (0.0 == d)
62e76326 1130 (void) 0;
4860dc1b 1131 else if ((token = strtok(NULL, w_space)) == NULL)
26ac0430
AJ		 1132 debugs(3, 0, "WARNING: No units on '" <<
1133 config_input_line << "', assuming " <<
1134 d << " " << units );
9eeb8e4b 1135 else if ((m = parseBytesUnits(token)) == 0) {
62e76326 1136 self_destruct();
9eeb8e4b 1137 return;
1138 }
62e76326 1139
e6ccf245 1140 *bptr = static_cast<size_t>(m * d / u);
347ae7c4 1141
a69d485c 1142 if (static_cast<double>(*bptr) * 2 != m * d / u * 2)
347ae7c4 1143 self_destruct();
9906e724 1144}
1145
e210930b
AJ		 1146#if !USE_DNSSERVERS
1147static void
1148parseBytesLineSigned(ssize_t * bptr, const char *units)
1149{
1150 char *token;
1151 double d;
1152 int m;
1153 int u;
1154
1155 if ((u = parseBytesUnits(units)) == 0) {
1156 self_destruct();
1157 return;
1158 }
1159
1160 if ((token = strtok(NULL, w_space)) == NULL) {
1161 self_destruct();
1162 return;
1163 }
1164
1165 if (strcmp(token, "none") == 0 || token[0] == '-' /* -N */) {
1166 *bptr = -1;
1167 return;
1168 }
1169
1170 d = xatof(token);
1171
1172 m = u; /* default to 'units' if none specified */
1173
1174 if (0.0 == d)
1175 (void) 0;
1176 else if ((token = strtok(NULL, w_space)) == NULL)
1177 debugs(3, 0, "WARNING: No units on '" <<
1178 config_input_line << "', assuming " <<
1179 d << " " << units );
1180 else if ((m = parseBytesUnits(token)) == 0) {
1181 self_destruct();
1182 return;
1183 }
1184
1185 *bptr = static_cast<size_t>(m * d / u);
1186
1187 if (static_cast<double>(*bptr) * 2 != m * d / u * 2)
1188 self_destruct();
1189}
1190#endif
1191
95d2589c
CT		 1192#if USE_SSL
1193/**
1194 * Parse bytes from a string.
1195 * Similar to the parseBytesLine function but parses the string value instead of
1196 * the current token value.
1197 */
1198static void parseBytesOptionValue(size_t * bptr, const char *units, char const * value)
1199{
1200 int u;
1201 if ((u = parseBytesUnits(units)) == 0) {
1202 self_destruct();
1203 return;
1204 }
1205
1206 // Find number from string beginning.
1207 char const * number_begin = value;
1208 char const * number_end = value;
1209
1210 while ((*number_end >= '0' && *number_end <= '9')) {
1211 number_end++;
1212 }
1213
1214 String number;
1215 number.limitInit(number_begin, number_end - number_begin);
1216
1217 int d = xatoi(number.termedBuf());
1218 int m;
1219 if ((m = parseBytesUnits(number_end)) == 0) {
1220 self_destruct();
1221 return;
1222 }
1223
1224 *bptr = static_cast<size_t>(m * d / u);
1225 if (static_cast<double>(*bptr) * 2 != m * d / u * 2)
1226 self_destruct();
1227}
1228#endif
1229
9906e724 1230static size_t
1231parseBytesUnits(const char *unit)
1232{
1233 if (!strncasecmp(unit, B_BYTES_STR, strlen(B_BYTES_STR)))
62e76326 1234 return 1;
1235
9906e724 1236 if (!strncasecmp(unit, B_KBYTES_STR, strlen(B_KBYTES_STR)))
62e76326 1237 return 1 << 10;
1238
9906e724 1239 if (!strncasecmp(unit, B_MBYTES_STR, strlen(B_MBYTES_STR)))
62e76326 1240 return 1 << 20;
1241
9906e724 1242 if (!strncasecmp(unit, B_GBYTES_STR, strlen(B_GBYTES_STR)))
62e76326 1243 return 1 << 30;
1244
fa37412f 1245 debugs(3, DBG_CRITICAL, "WARNING: Unknown bytes unit '" << unit << "'");
62e76326 1246
9906e724 1247 return 0;
1248}
1249
270b86af 1250/*****************************************************************************
1251 * Max
1252 *****************************************************************************/
1253
8203a132 1254static void
97427e90 1255dump_acl(StoreEntry * entry, const char *name, ACL * ae)
090089c4 1256{
56b63fa1 1257 wordlist *w;
1258 wordlist *v;
62e76326 1259
9ef28b60 1260 while (ae != NULL) {
bf8fe701 1261 debugs(3, 3, "dump_acl: " << name << " " << ae->name);
62e76326 1262 storeAppendPrintf(entry, "%s %s %s ",
1263 name,
1264 ae->name,
1265 ae->typeString());
6bf4f823 1266 v = w = ae->dump();
62e76326 1267
1268 while (v != NULL) {
bf8fe701 1269 debugs(3, 3, "dump_acl: " << name << " " << ae->name << " " << v->key);
62e76326 1270 storeAppendPrintf(entry, "%s ", v->key);
1271 v = v->next;
1272 }
1273
1274 storeAppendPrintf(entry, "\n");
1275 wordlistDestroy(&w);
1276 ae = ae->next;
56b63fa1 1277 }
090089c4 1278}
1279
8203a132 1280static void
97427e90 1281parse_acl(ACL ** ae)
090089c4 1282{
a9f20260 1283 ACL::ParseAclLine(LegacyParser, ae);
f1dc9b30 1284}
1285
1286static void
97427e90 1287free_acl(ACL ** ae)
f1dc9b30 1288{
9ef28b60 1289 aclDestroyAcls(ae);
090089c4 1290}
1291
425de4c8 1292void
76cd39d7 1293dump_acl_list(StoreEntry * entry, ACLList * head)
30a4f2a8 1294{
76cd39d7 1295 ACLList *l;
62e76326 1296
d6827718 1297 for (l = head; l; l = l->next) {
62e76326 1298 storeAppendPrintf(entry, " %s%s",
1299 l->op ? null_string : "!",
1300 l->_acl->name);
d6827718 1301 }
1302}
1303
b67e2c8c 1304void
d6827718 1305dump_acl_access(StoreEntry * entry, const char *name, acl_access * head)
1306{
1307 acl_access *l;
62e76326 1308
d6827718 1309 for (l = head; l; l = l->next) {
62e76326 1310 storeAppendPrintf(entry, "%s %s",
1311 name,
1312 l->allow ? "Allow" : "Deny");
1313 dump_acl_list(entry, l->aclList);
1314 storeAppendPrintf(entry, "\n");
56b63fa1 1315 }
30a4f2a8 1316}
090089c4 1317
8203a132 1318static void
16300b58 1319parse_acl_access(acl_access ** head)
090089c4 1320{
a9f20260 1321 aclParseAccessLine(LegacyParser, head);
090089c4 1322}
1323
0153d498 1324static void
16300b58 1325free_acl_access(acl_access ** head)
0153d498 1326{
a47b9029 1327 aclDestroyAccessList(head);
0153d498 1328}
1329
8203a132 1330static void
b7ac5457 1331dump_address(StoreEntry * entry, const char *name, Ip::Address &addr)
270b86af 1332{
cc192b50 1333 char buf[MAX_IPSTRLEN];
1334 storeAppendPrintf(entry, "%s %s\n", name, addr.NtoA(buf,MAX_IPSTRLEN) );
270b86af 1335}
1336
1337static void
b7ac5457 1338parse_address(Ip::Address *addr)
090089c4 1339{
270b86af 1340 char *token = strtok(NULL, w_space);
1341
9eeb8e4b 1342 if (!token) {
62e76326 1343 self_destruct();
9eeb8e4b 1344 return;
1345 }
62e76326 1346
26ac0430 1347 if (!strcmp(token,"any_addr")) {
cc192b50 1348 addr->SetAnyAddr();
26ac0430
AJ		 1349 (void) 0;
1350 } else if ( (!strcmp(token,"no_addr")) || (!strcmp(token,"full_mask")) ) {
cc192b50 1351 addr->SetNoAddr();
26ac0430
AJ		 1352 (void) 0;
1353 } else
cc192b50 1354 *addr = token;
090089c4 1355}
1356
0153d498 1357static void
b7ac5457 1358free_address(Ip::Address *addr)
0153d498 1359{
cc192b50 1360 addr->SetEmpty();
0153d498 1361}
1362
d6827718 1363CBDATA_TYPE(acl_address);
1364
1365static void
1366dump_acl_address(StoreEntry * entry, const char *name, acl_address * head)
1367{
cc192b50 1368 char buf[MAX_IPSTRLEN];
d6827718 1369 acl_address *l;
62e76326 1370
d6827718 1371 for (l = head; l; l = l->next) {
cc192b50 1372 if (!l->addr.IsAnyAddr())
1373 storeAppendPrintf(entry, "%s %s", name, l->addr.NtoA(buf,MAX_IPSTRLEN));
62e76326 1374 else
1375 storeAppendPrintf(entry, "%s autoselect", name);
1376
1377 dump_acl_list(entry, l->aclList);
1378
1379 storeAppendPrintf(entry, "\n");
d6827718 1380 }
1381}
1382
1383static void
1384freed_acl_address(void *data)
1385{
e6ccf245 1386 acl_address *l = static_cast<acl_address *>(data);
29b8d8d6 1387 aclDestroyAclList(&l->aclList);
d6827718 1388}
1389
1390static void
1391parse_acl_address(acl_address ** head)
1392{
1393 acl_address *l;
1394 acl_address **tail = head; /* sane name below */
1395 CBDATA_INIT_TYPE_FREECB(acl_address, freed_acl_address);
1396 l = cbdataAlloc(acl_address);
1397 parse_address(&l->addr);
a9f20260 1398 aclParseAclList(LegacyParser, &l->aclList);
62e76326 1399
d6827718 1400 while (*tail)
62e76326 1401 tail = &(*tail)->next;
1402
d6827718 1403 *tail = l;
1404}
1405
1406static void
1407free_acl_address(acl_address ** head)
1408{
1409 while (*head) {
62e76326 1410 acl_address *l = *head;
1411 *head = l->next;
1412 cbdataFree(l);
d6827718 1413 }
1414}
1415
1416CBDATA_TYPE(acl_tos);
1417
1418static void
1419dump_acl_tos(StoreEntry * entry, const char *name, acl_tos * head)
1420{
1421 acl_tos *l;
62e76326 1422
d6827718 1423 for (l = head; l; l = l->next) {
62e76326 1424 if (l->tos > 0)
1425 storeAppendPrintf(entry, "%s 0x%02X", name, l->tos);
1426 else
1427 storeAppendPrintf(entry, "%s none", name);
1428
1429 dump_acl_list(entry, l->aclList);
1430
1431 storeAppendPrintf(entry, "\n");
d6827718 1432 }
1433}
1434
1435static void
1436freed_acl_tos(void *data)
1437{
e6ccf245 1438 acl_tos *l = static_cast<acl_tos *>(data);
29b8d8d6 1439 aclDestroyAclList(&l->aclList);
d6827718 1440}
1441
1442static void
1443parse_acl_tos(acl_tos ** head)
1444{
1445 acl_tos *l;
1446 acl_tos **tail = head; /* sane name below */
425de4c8 1447 unsigned int tos; /* Initially uint for strtoui. Casted to tos_t before return */
d6827718 1448 char *token = strtok(NULL, w_space);
62e76326 1449
9eeb8e4b 1450 if (!token) {
62e76326 1451 self_destruct();
9eeb8e4b 1452 return;
1453 }
62e76326 1454
425de4c8 1455 if (!xstrtoui(token, NULL, &tos, 0, std::numeric_limits<tos_t>::max())) {
62e76326 1456 self_destruct();
9eeb8e4b 1457 return;
1458 }
62e76326 1459
d6827718 1460 CBDATA_INIT_TYPE_FREECB(acl_tos, freed_acl_tos);
62e76326 1461
d6827718 1462 l = cbdataAlloc(acl_tos);
62e76326 1463
425de4c8 1464 l->tos = (tos_t)tos;
62e76326 1465
a9f20260 1466 aclParseAclList(LegacyParser, &l->aclList);
62e76326 1467
d6827718 1468 while (*tail)
62e76326 1469 tail = &(*tail)->next;
1470
d6827718 1471 *tail = l;
1472}
1473
1474static void
1475free_acl_tos(acl_tos ** head)
1476{
1477 while (*head) {
62e76326 1478 acl_tos *l = *head;
1479 *head = l->next;
1480 l->next = NULL;
1481 cbdataFree(l);
d6827718 1482 }
1483}
1484
11e8cfe3 1485#if SO_MARK && USE_LIBCAP
f4f6c2e0 1486
425de4c8
AJ		 1487CBDATA_TYPE(acl_nfmark);
1488
1489static void
1490dump_acl_nfmark(StoreEntry * entry, const char *name, acl_nfmark * head)
1491{
1492 acl_nfmark *l;
1493
1494 for (l = head; l; l = l->next) {
1495 if (l->nfmark > 0)
1496 storeAppendPrintf(entry, "%s 0x%02X", name, l->nfmark);
1497 else
1498 storeAppendPrintf(entry, "%s none", name);
1499
1500 dump_acl_list(entry, l->aclList);
1501
1502 storeAppendPrintf(entry, "\n");
1503 }
1504}
1505
1506static void
1507freed_acl_nfmark(void *data)
1508{
1509 acl_nfmark *l = static_cast<acl_nfmark *>(data);
1510 aclDestroyAclList(&l->aclList);
1511}
1512
1513static void
1514parse_acl_nfmark(acl_nfmark ** head)
1515{
1516 acl_nfmark *l;
1517 acl_nfmark **tail = head; /* sane name below */
1518 nfmark_t mark;
1519 char *token = strtok(NULL, w_space);
1520
1521 if (!token) {
1522 self_destruct();
1523 return;
1524 }
1525
1526 if (!xstrtoui(token, NULL, &mark, 0, std::numeric_limits<nfmark_t>::max())) {
1527 self_destruct();
1528 return;
1529 }
1530
1531 CBDATA_INIT_TYPE_FREECB(acl_nfmark, freed_acl_nfmark);
1532
1533 l = cbdataAlloc(acl_nfmark);
1534
1535 l->nfmark = mark;
1536
1537 aclParseAclList(LegacyParser, &l->aclList);
1538
1539 while (*tail)
1540 tail = &(*tail)->next;
1541
1542 *tail = l;
1543}
1544
1545static void
1546free_acl_nfmark(acl_nfmark ** head)
1547{
1548 while (*head) {
1549 acl_nfmark *l = *head;
1550 *head = l->next;
1551 l->next = NULL;
1552 cbdataFree(l);
1553 }
1554}
f4f6c2e0 1555#endif /* SO_MARK */
425de4c8 1556
ef1955a5 1557CBDATA_TYPE(acl_size_t);
1558
1559static void
1560dump_acl_b_size_t(StoreEntry * entry, const char *name, acl_size_t * head)
1561{
1562 acl_size_t *l;
1563
1564 for (l = head; l; l = l->next) {
ed013b6c 1565 if (l->size != -1)
ef1955a5 1566 storeAppendPrintf(entry, "%s %d %s\n", name, (int) l->size, B_BYTES_STR);
1567 else
1568 storeAppendPrintf(entry, "%s none", name);
1569
1570 dump_acl_list(entry, l->aclList);
1571
1572 storeAppendPrintf(entry, "\n");
1573 }
1574}
1575
1576static void
1577freed_acl_b_size_t(void *data)
1578{
1579 acl_size_t *l = static_cast<acl_size_t *>(data);
1580 aclDestroyAclList(&l->aclList);
1581}
1582
1583static void
1584parse_acl_b_size_t(acl_size_t ** head)
1585{
1586 acl_size_t *l;
1587 acl_size_t **tail = head; /* sane name below */
1588
1589 CBDATA_INIT_TYPE_FREECB(acl_size_t, freed_acl_b_size_t);
1590
1591 l = cbdataAlloc(acl_size_t);
1592
47f6e231 1593 parse_b_int64_t(&l->size);
ef1955a5 1594
a9f20260 1595 aclParseAclList(LegacyParser, &l->aclList);
ef1955a5 1596
1597 while (*tail)
1598 tail = &(*tail)->next;
1599
1600 *tail = l;
1601}
1602
1603static void
1604free_acl_b_size_t(acl_size_t ** head)
1605{
1606 while (*head) {
1607 acl_size_t *l = *head;
1608 *head = l->next;
1609 l->next = NULL;
1610 cbdataFree(l);
1611 }
1612}
1613
9a0a18de 1614#if USE_DELAY_POOLS
59715b38 1615
b67e2c8c 1616#include "DelayPools.h"
1617#include "DelayConfig.h"
59715b38 1618/* do nothing - free_delay_pool_count is the magic free function.
ae870270 1619 * this is why delay_pool_count isn't just marked TYPE: u_short
59715b38 1620 */
1621#define free_delay_pool_class(X)
1622#define free_delay_pool_access(X)
1623#define free_delay_pool_rates(X)
1624#define dump_delay_pool_class(X, Y, Z)
1625#define dump_delay_pool_access(X, Y, Z)
1626#define dump_delay_pool_rates(X, Y, Z)
1627
1628static void
b67e2c8c 1629free_delay_pool_count(DelayConfig * cfg)
59715b38 1630{
b67e2c8c 1631 cfg->freePoolCount();
59715b38 1632}
1633
1634static void
b67e2c8c 1635dump_delay_pool_count(StoreEntry * entry, const char *name, DelayConfig &cfg)
59715b38 1636{
b67e2c8c 1637 cfg.dumpPoolCount (entry, name);
59715b38 1638}
1639
1640static void
b67e2c8c 1641parse_delay_pool_count(DelayConfig * cfg)
59715b38 1642{
b67e2c8c 1643 cfg->parsePoolCount();
59715b38 1644}
1645
1646static void
b67e2c8c 1647parse_delay_pool_class(DelayConfig * cfg)
59715b38 1648{
b67e2c8c 1649 cfg->parsePoolClass();
59715b38 1650}
1651
1652static void
b67e2c8c 1653parse_delay_pool_rates(DelayConfig * cfg)
59715b38 1654{
b67e2c8c 1655 cfg->parsePoolRates();
59715b38 1656}
1657
1658static void
b67e2c8c 1659parse_delay_pool_access(DelayConfig * cfg)
59715b38 1660{
a9f20260 1661 cfg->parsePoolAccess(LegacyParser);
59715b38 1662}
62e76326 1663
59715b38 1664#endif
1665
9a0a18de 1666#if USE_DELAY_POOLS
b4cd430a
CT		 1667#include "ClientDelayConfig.h"
1668/* do nothing - free_client_delay_pool_count is the magic free function.
ae870270 1669 * this is why client_delay_pool_count isn't just marked TYPE: u_short
b4cd430a
CT		 1670 */
1671
1672#define free_client_delay_pool_access(X)
1673#define free_client_delay_pool_rates(X)
1674#define dump_client_delay_pool_access(X, Y, Z)
1675#define dump_client_delay_pool_rates(X, Y, Z)
1676
1677static void
1678free_client_delay_pool_count(ClientDelayConfig * cfg)
1679{
1680 cfg->freePoolCount();
1681}
1682
1683static void
1684dump_client_delay_pool_count(StoreEntry * entry, const char *name, ClientDelayConfig &cfg)
1685{
1686 cfg.dumpPoolCount (entry, name);
1687}
1688
1689static void
1690parse_client_delay_pool_count(ClientDelayConfig * cfg)
1691{
1692 cfg->parsePoolCount();
1693}
1694
1695static void
1696parse_client_delay_pool_rates(ClientDelayConfig * cfg)
1697{
1698 cfg->parsePoolRates();
1699}
1700
1701static void
1702parse_client_delay_pool_access(ClientDelayConfig * cfg)
1703{
1704 cfg->parsePoolAccess(LegacyParser);
1705}
1706#endif
1707
626096be 1708#if USE_HTTP_VIOLATIONS
97474590 1709static void
6bccf575 1710dump_http_header_access(StoreEntry * entry, const char *name, header_mangler header[])
e3dd531e 1711{
efd900cb 1712 int i;
62e76326 1713
6bccf575 1714 for (i = 0; i < HDR_ENUM_END; i++) {
62e76326 1715 if (header[i].access_list != NULL) {
1716 storeAppendPrintf(entry, "%s ", name);
1717 dump_acl_access(entry, httpHeaderNameById(i),
1718 header[i].access_list);
1719 }
efd900cb 1720 }
97474590 1721}
e3dd531e 1722
97474590 1723static void
6bccf575 1724parse_http_header_access(header_mangler header[])
97474590 1725{
6bccf575 1726 int id, i;
97474590 1727 char *t = NULL;
62e76326 1728
97474590 1729 if ((t = strtok(NULL, w_space)) == NULL) {
bf8fe701 1730 debugs(3, 0, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
1731 debugs(3, 0, "parse_http_header_access: missing header name.");
62e76326 1732 return;
97474590 1733 }
62e76326 1734
6bccf575 1735 /* Now lookup index of header. */
1736 id = httpHeaderIdByNameDef(t, strlen(t));
62e76326 1737
6bccf575 1738 if (strcmp(t, "All") == 0)
62e76326 1739 id = HDR_ENUM_END;
6bccf575 1740 else if (strcmp(t, "Other") == 0)
62e76326 1741 id = HDR_OTHER;
6bccf575 1742 else if (id == -1) {
bf8fe701 1743 debugs(3, 0, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
1744 debugs(3, 0, "parse_http_header_access: unknown header name '" << t << "'");
62e76326 1745 return;
97474590 1746 }
62e76326 1747
6bccf575 1748 if (id != HDR_ENUM_END) {
62e76326 1749 parse_acl_access(&header[id].access_list);
6bccf575 1750 } else {
62e76326 1751 char *next_string = t + strlen(t) - 1;
1752 *next_string = 'A';
1753 *(next_string + 1) = ' ';
1754
1755 for (i = 0; i < HDR_ENUM_END; i++) {
1756 char *new_string = xstrdup(next_string);
1757 strtok(new_string, w_space);
1758 parse_acl_access(&header[i].access_list);
1759 safe_free(new_string);
1760 }
97474590 1761 }
6bccf575 1762}
1763
1764static void
1765free_http_header_access(header_mangler header[])
1766{
1767 int i;
62e76326 1768
6bccf575 1769 for (i = 0; i < HDR_ENUM_END; i++) {
62e76326 1770 free_acl_access(&header[i].access_list);
6bccf575 1771 }
1772}
1773
1774static void
1775dump_http_header_replace(StoreEntry * entry, const char *name, header_mangler
62e76326 1776 header[])
6bccf575 1777{
1778 int i;
62e76326 1779
6bccf575 1780 for (i = 0; i < HDR_ENUM_END; i++) {
62e76326 1781 if (NULL == header[i].replacement)
1782 continue;
1783
1784 storeAppendPrintf(entry, "%s %s %s\n", name, httpHeaderNameById(i),
1785 header[i].replacement);
97474590 1786 }
1787}
e3dd531e 1788
97474590 1789static void
6bccf575 1790parse_http_header_replace(header_mangler header[])
e3dd531e 1791{
6bccf575 1792 int id, i;
1793 char *t = NULL;
62e76326 1794
6bccf575 1795 if ((t = strtok(NULL, w_space)) == NULL) {
bf8fe701 1796 debugs(3, 0, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
1797 debugs(3, 0, "parse_http_header_replace: missing header name.");
62e76326 1798 return;
6bccf575 1799 }
62e76326 1800
6bccf575 1801 /* Now lookup index of header. */
1802 id = httpHeaderIdByNameDef(t, strlen(t));
62e76326 1803
6bccf575 1804 if (strcmp(t, "All") == 0)
62e76326 1805 id = HDR_ENUM_END;
6bccf575 1806 else if (strcmp(t, "Other") == 0)
62e76326 1807 id = HDR_OTHER;
6bccf575 1808 else if (id == -1) {
bf8fe701 1809 debugs(3, 0, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
1810 debugs(3, 0, "parse_http_header_replace: unknown header name " << t << ".");
1811
62e76326 1812 return;
6bccf575 1813 }
62e76326 1814
6bccf575 1815 if (id != HDR_ENUM_END) {
62e76326 1816 if (header[id].replacement != NULL)
1817 safe_free(header[id].replacement);
1818
1819 header[id].replacement = xstrdup(t + strlen(t) + 1);
6bccf575 1820 } else {
62e76326 1821 for (i = 0; i < HDR_ENUM_END; i++) {
1822 if (header[i].replacement != NULL)
1823 safe_free(header[i].replacement);
1824
1825 header[i].replacement = xstrdup(t + strlen(t) + 1);
1826 }
6bccf575 1827 }
1828}
1829
1830static void
1831free_http_header_replace(header_mangler header[])
1832{
1833 int i;
62e76326 1834
6bccf575 1835 for (i = 0; i < HDR_ENUM_END; i++) {
62e76326 1836 if (header[i].replacement != NULL)
1837 safe_free(header[i].replacement);
6bccf575 1838 }
97474590 1839}
62e76326 1840
9e8b2f1c 1841#endif
97474590 1842
e90100aa 1843static void
e1f7507e 1844dump_cachedir(StoreEntry * entry, const char *name, SquidConfig::_cacheSwap swap)
e90100aa 1845{
f53b06f9 1846 SwapDir *s;
1847 int i;
d3b3ab85 1848 assert (entry);
62e76326 1849
a7d59104 1850 for (i = 0; i < swap.n_configured; i++) {
c8f4eac4 1851 s = dynamic_cast<SwapDir *>(swap.swapDirs[i].getRaw());
26ac0430 1852 if (!s) continue;
59b2d47f 1853 storeAppendPrintf(entry, "%s %s %s", name, s->type(), s->path);
62e76326 1854 s->dump(*entry);
62e76326 1855 storeAppendPrintf(entry, "\n");
f53b06f9 1856 }
1857}
1858
53ad48e6 1859static int
1860check_null_string(char *s)
1861{
1862 return s == NULL;
1863}
1864
2f1431ea 1865#if USE_AUTH
94439e4e 1866static void
9f3d2b2e 1867parse_authparam(Auth::ConfigVector * config)
94439e4e 1868{
1869 char *type_str;
1870 char *param_str;
94439e4e 1871
1872 if ((type_str = strtok(NULL, w_space)) == NULL)
62e76326 1873 self_destruct();
94439e4e 1874
1875 if ((param_str = strtok(NULL, w_space)) == NULL)
62e76326 1876 self_destruct();
94439e4e 1877
5817ee13 1878 /* find a configuration for the scheme in the currently parsed configs... */
9f3d2b2e 1879 Auth::Config *schemeCfg = Auth::Config::Find(type_str);
62e76326 1880
5817ee13
AJ		 1881 if (schemeCfg == NULL) {
1882 /* Create a configuration based on the scheme info */
c6cf8dee 1883 Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
f5691f9c 1884
5817ee13
AJ		 1885 if (theScheme == NULL) {
1886 debugs(3, DBG_CRITICAL, "Parsing Config File: Unknown authentication scheme '" << type_str << "'.");
1887 self_destruct();
62e76326 1888 }
94439e4e 1889
f5691f9c 1890 config->push_back(theScheme->createConfig());
9f3d2b2e 1891 schemeCfg = Auth::Config::Find(type_str);
5817ee13
AJ		 1892 if (schemeCfg == NULL) {
1893 debugs(3, DBG_CRITICAL, "Parsing Config File: Corruption configuring authentication scheme '" << type_str << "'.");
1894 self_destruct();
1895 }
94439e4e 1896 }
62e76326 1897
5817ee13 1898 schemeCfg->parse(schemeCfg, config->size(), param_str);
94439e4e 1899}
1900
1901static void
9f3d2b2e 1902free_authparam(Auth::ConfigVector * cfg)
94439e4e 1903{
5817ee13
AJ		 1904 /* Wipe the Auth globals and Detach/Destruct component config + state. */
1905 cfg->clean();
62e76326 1906
5817ee13 1907 /* remove our pointers to the probably-dead sub-configs */
f5691f9c 1908 while (cfg->size()) {
5817ee13
AJ		 1909 cfg->pop_back();
1910 }
1911
1912 /* on reconfigure initialize new auth schemes for the new config. */
ec5858ff 1913 if (reconfiguring) {
ccd8a22a 1914 Auth::Init();
94439e4e 1915 }
94439e4e 1916}
1917
1918static void
9f3d2b2e 1919dump_authparam(StoreEntry * entry, const char *name, Auth::ConfigVector cfg)
94439e4e 1920{
9f3d2b2e 1921 for (Auth::ConfigVector::iterator i = cfg.begin(); i != cfg.end(); ++i)
f5691f9c 1922 (*i)->dump(entry, name, (*i));
94439e4e 1923}
2f1431ea 1924#endif /* USE_AUTH */
94439e4e 1925
59b2d47f 1926/* TODO: just return the object, the # is irrelevant */
cd748f27 1927static int
1928find_fstype(char *type)
1929{
59b2d47f 1930 for (size_t i = 0; i < StoreFileSystem::FileSystems().size(); ++i)
1931 if (strcasecmp(type, StoreFileSystem::FileSystems().items[i]->type()) == 0)
1932 return (int)i;
62e76326 1933
cd748f27 1934 return (-1);
1935}
1936
0e4e0e7d 1937static void
e1f7507e 1938parse_cachedir(SquidConfig::_cacheSwap * swap)
0e4e0e7d 1939{
1940 char *type_str;
cd748f27 1941 char *path_str;
c8f4eac4 1942 RefCount<SwapDir> sd;
cd748f27 1943 int i;
1944 int fs;
cd748f27 1945
0e4e0e7d 1946 if ((type_str = strtok(NULL, w_space)) == NULL)
62e76326 1947 self_destruct();
cd748f27 1948
cd748f27 1949 if ((path_str = strtok(NULL, w_space)) == NULL)
62e76326 1950 self_destruct();
cd748f27 1951
c9e2e0e8 1952 fs = find_fstype(type_str);
1953
1954 if (fs < 0)
1955 self_destruct();
1956
1957 /* reconfigure existing dir */
cd748f27 1958
1959 for (i = 0; i < swap->n_configured; i++) {
c8f4eac4 1960 assert (swap->swapDirs[i].getRaw());
62e76326 1961
2c9e9cba 1962 if ((strcasecmp(path_str, dynamic_cast<SwapDir *>(swap->swapDirs[i].getRaw())->path)) == 0) {
c9e2e0e8 1963 /* this is specific to on-fs Stores. The right
26ac0430 1964 * way to handle this is probably to have a mapping
c9e2e0e8 1965 * from paths to stores, and have on-fs stores
1966 * register with that, and lookip in that in their
1967 * own setup logic. RBC 20041225. TODO.
1968 */
c8f4eac4 1969
1970 sd = dynamic_cast<SwapDir *>(swap->swapDirs[i].getRaw());
1971
ca6483eb 1972 if (strcmp(sd->type(), StoreFileSystem::FileSystems().items[fs]->type()) != 0) {
bf8fe701 1973 debugs(3, 0, "ERROR: Can't change type of existing cache_dir " <<
1974 sd->type() << " " << sd->path << " to " << type_str << ". Restart required");
c9e2e0e8 1975 return;
1976 }
1977
afa75e4b 1978 sd->reconfigure();
c8f4eac4 1979
62e76326 1980 update_maxobjsize();
c8f4eac4 1981
62e76326 1982 return;
1983 }
cd748f27 1984 }
1985
c9e2e0e8 1986 /* new cache_dir */
af6a12ee 1987 if (swap->n_configured > 63) {
2c9e9cba
AJ		 1988 /* 7 bits, signed */
1989 debugs(3, DBG_CRITICAL, "WARNING: There is a fixed maximum of 63 cache_dir entries Squid can handle.");
1990 debugs(3, DBG_CRITICAL, "WARNING: '" << path_str << "' is one to many.");
1991 self_destruct();
1992 return;
1993 }
dc986280 1994
cd748f27 1995 allocate_new_swapdir(swap);
c9e2e0e8 1996
59b2d47f 1997 swap->swapDirs[swap->n_configured] = StoreFileSystem::FileSystems().items[fs]->createSwapDir();
c9e2e0e8 1998
c8f4eac4 1999 sd = dynamic_cast<SwapDir *>(swap->swapDirs[swap->n_configured].getRaw());
c9e2e0e8 2000
8e8d4f30 2001 /* parse the FS parameters and options */
d3b3ab85 2002 sd->parse(swap->n_configured, path_str);
c9e2e0e8 2003
d3b3ab85 2004 ++swap->n_configured;
14911a4e 2005
cd748f27 2006 /* Update the max object size */
2007 update_maxobjsize();
752c3b27 2008}
2009
2d72d4fd 2010static const char *
505e35db 2011peer_type_str(const peer_t type)
2012{
1f140227 2013 const char * result;
2014
0cdcddb9 2015 switch (type) {
62e76326 2016
505e35db 2017 case PEER_PARENT:
1f140227 2018 result = "parent";
62e76326 2019 break;
2020
505e35db 2021 case PEER_SIBLING:
1f140227 2022 result = "sibling";
62e76326 2023 break;
2024
505e35db 2025 case PEER_MULTICAST:
1f140227 2026 result = "multicast";
62e76326 2027 break;
2028
505e35db 2029 default:
1f140227 2030 result = "unknown";
62e76326 2031 break;
505e35db 2032 }
1f140227 2033
2034 return result;
505e35db 2035}
2036
f1dc9b30 2037static void
a7d59104 2038dump_peer(StoreEntry * entry, const char *name, peer * p)
98ffb7e4 2039{
505e35db 2040 domain_ping *d;
505e35db 2041 domain_type *t;
2042 LOCAL_ARRAY(char, xname, 128);
62e76326 2043
d41de3c1 2044 while (p != NULL) {
4bc48d15 2045 storeAppendPrintf(entry, "%s %s %s %d %d name=%s",
62e76326 2046 name,
2047 p->host,
2048 neighborTypeStr(p),
2049 p->http_port,
4bc48d15
AJ		 2050 p->icp.port,
2051 p->name);
62e76326 2052 dump_peer_options(entry, p);
2053
2054 for (d = p->peer_domain; d; d = d->next) {
2055 storeAppendPrintf(entry, "cache_peer_domain %s %s%s\n",
2056 p->host,
2057 d->do_ping ? null_string : "!",
2058 d->domain);
2059 }
2060
2061 if (p->access) {
2062 snprintf(xname, 128, "cache_peer_access %s", p->name);
2063 dump_acl_access(entry, xname, p->access);
2064 }
2065
2066 for (t = p->typelist; t; t = t->next) {
2067 storeAppendPrintf(entry, "neighbor_type_domain %s %s %s\n",
2068 p->host,
2069 peer_type_str(t->type),
2070 t->domain);
2071 }
2072
2073 p = p->next;
d41de3c1 2074 }
98ffb7e4 2075}
2076
86ae97bb
AJ		 2077/**
2078 * utility function to prevent getservbyname() being called with a numeric value
2079 * on Windows at least it returns garage results.
2080 */
2081static bool
2082isUnsignedNumeric(const char *str, size_t len)
2083{
2084 if (len < 1) return false;
2085
2086 for (; len >0 && *str; str++, len--) {
2087 if (! isdigit(*str))
2088 return false;
2089 }
2090 return true;
2091}
2092
609fac72 2093/**
2094 \param proto 'tcp' or 'udp' for protocol
2095 \returns Port the named service is supposed to be listening on.
2096 */
f45dd259 2097static unsigned short
609fac72 2098GetService(const char *proto)
2099{
2100 struct servent *port = NULL;
2101 /** Parses a port number or service name from the squid.conf */
2102 char *token = strtok(NULL, w_space);
2103 if (token == NULL) {
26ac0430
AJ		 2104 self_destruct();
2105 return 0; /* NEVER REACHED */
609fac72 2106 }
2107 /** Returns either the service port number from /etc/services */
e1381638 2108 if ( !isUnsignedNumeric(token, strlen(token)) )
86ae97bb 2109 port = getservbyname(token, proto);
609fac72 2110 if (port != NULL) {
f45dd259 2111 return ntohs((unsigned short)port->s_port);
609fac72 2112 }
2113 /** Or a numeric translation of the config text. */
2114 return xatos(token);
2115}
2116
2117/**
2118 \returns Port the named TCP service is supposed to be listening on.
2119 \copydoc GetService(const char *proto)
2120 */
f45dd259 2121inline unsigned short
609fac72 2122GetTcpService(void)
2123{
2124 return GetService("tcp");
2125}
2126
2127/**
2128 \returns Port the named UDP service is supposed to be listening on.
2129 \copydoc GetService(const char *proto)
2130 */
f45dd259 2131inline unsigned short
609fac72 2132GetUdpService(void)
2133{
2134 return GetService("udp");
2135}
2136
8203a132 2137static void
40a1495e 2138parse_peer(peer ** head)
7813c6d5 2139{
270b86af 2140 char *token = NULL;
40a1495e 2141 peer *p;
f5691f9c 2142 CBDATA_INIT_TYPE_FREECB(peer, peerDestroy);
72711e31 2143 p = cbdataAlloc(peer);
40a1495e 2144 p->http_port = CACHE_HTTP_PORT;
399cabec 2145 p->icp.port = CACHE_ICP_PORT;
40a1495e 2146 p->weight = 1;
d1b63fc8 2147 p->basetime = 0;
dc835977 2148 p->stats.logged_state = PEER_ALIVE;
62e76326 2149
e481c2dc 2150 if ((token = strtok(NULL, w_space)) == NULL)
62e76326 2151 self_destruct();
2152
40a1495e 2153 p->host = xstrdup(token);
26ac0430 2154
be753325 2155 p->name = xstrdup(token);
62e76326 2156
e481c2dc 2157 if ((token = strtok(NULL, w_space)) == NULL)
62e76326 2158 self_destruct();
2159
40a1495e 2160 p->type = parseNeighborType(token);
62e76326 2161
0d5a2006 2162 if (p->type == PEER_MULTICAST) {
2163 p->options.no_digest = 1;
2164 p->options.no_netdb_exchange = 1;
2165 }
2166
609fac72 2167 p->http_port = GetTcpService();
62e76326 2168
0e656b69 2169 if (!p->http_port)
2170 self_destruct();
62e76326 2171
609fac72 2172 p->icp.port = GetUdpService();
d67acb4e 2173 p->connection_auth = 2; /* auto */
62e76326 2174
270b86af 2175 while ((token = strtok(NULL, w_space))) {
62e76326 2176 if (!strcasecmp(token, "proxy-only")) {
2177 p->options.proxy_only = 1;
2178 } else if (!strcasecmp(token, "no-query")) {
2179 p->options.no_query = 1;
2180 } else if (!strcasecmp(token, "background-ping")) {
2181 p->options.background_ping = 1;
2182 } else if (!strcasecmp(token, "no-digest")) {
2183 p->options.no_digest = 1;
b0758e04
AJ		 2184 } else if (!strcasecmp(token, "no-tproxy")) {
2185 p->options.no_tproxy = 1;
62e76326 2186 } else if (!strcasecmp(token, "multicast-responder")) {
2187 p->options.mcast_responder = 1;
8a368316 2188#if PEER_MULTICAST_SIBLINGS
79ddb8e2 2189 } else if (!strcasecmp(token, "multicast-siblings")) {
8a368316
AJ		 2190 p->options.mcast_siblings = 1;
2191#endif
62e76326 2192 } else if (!strncasecmp(token, "weight=", 7)) {
2193 p->weight = xatoi(token + 7);
2194 } else if (!strncasecmp(token, "basetime=", 9)) {
2195 p->basetime = xatoi(token + 9);
2196 } else if (!strcasecmp(token, "closest-only")) {
2197 p->options.closest_only = 1;
2198 } else if (!strncasecmp(token, "ttl=", 4)) {
2199 p->mcast.ttl = xatoi(token + 4);
2200
2201 if (p->mcast.ttl < 0)
2202 p->mcast.ttl = 0;
2203
2204 if (p->mcast.ttl > 128)
2205 p->mcast.ttl = 128;
2206 } else if (!strcasecmp(token, "default")) {
2207 p->options.default_parent = 1;
2208 } else if (!strcasecmp(token, "round-robin")) {
2209 p->options.roundrobin = 1;
2210 } else if (!strcasecmp(token, "weighted-round-robin")) {
2211 p->options.weighted_roundrobin = 1;
dc9d133b 2212#if USE_HTCP
62e76326 2213 } else if (!strcasecmp(token, "htcp")) {
2214 p->options.htcp = 1;
18191440
AJ		 2215 } else if (!strncasecmp(token, "htcp=", 5) || !strncasecmp(token, "htcp-", 5)) {
2216 /* Note: The htcp- form is deprecated, replaced by htcp= */
4f4fa815 2217 p->options.htcp = 1;
18191440
AJ		 2218 char *tmp = xstrdup(token+5);
2219 char *mode, *nextmode;
2220 for (mode = nextmode = tmp; mode; mode = nextmode) {
2221 nextmode = strchr(mode, ',');
18191440
AJ		 2222 if (nextmode)
2223 *nextmode++ = '\0';
2224 if (!strcasecmp(mode, "no-clr")) {
2225 if (p->options.htcp_only_clr)
2226 fatalf("parse_peer: can't set htcp-no-clr and htcp-only-clr simultaneously");
2227 p->options.htcp_no_clr = 1;
2228 } else if (!strcasecmp(mode, "no-purge-clr")) {
2229 p->options.htcp_no_purge_clr = 1;
2230 } else if (!strcasecmp(mode, "only-clr")) {
2231 if (p->options.htcp_no_clr)
2232 fatalf("parse_peer: can't set htcp no-clr and only-clr simultaneously");
2233 p->options.htcp_only_clr = 1;
2234 } else if (!strcasecmp(mode, "forward-clr")) {
2235 p->options.htcp_forward_clr = 1;
2236 } else if (!strcasecmp(mode, "oldsquid")) {
2237 p->options.htcp_oldsquid = 1;
2238 } else {
2239 fatalf("invalid HTCP mode '%s'", mode);
2240 }
2241 }
2242 safe_free(tmp);
dc9d133b 2243#endif
62e76326 2244 } else if (!strcasecmp(token, "no-netdb-exchange")) {
2245 p->options.no_netdb_exchange = 1;
62e76326 2246
2247 } else if (!strcasecmp(token, "carp")) {
2248 if (p->type != PEER_PARENT)
2249 fatalf("parse_peer: non-parent carp peer %s/%d\n", p->host, p->http_port);
2250
2251 p->options.carp = 1;
de03b596
FC		 2252 } else if (!strncasecmp(token, "carp-key=", 9)) {
2253 if (p->options.carp != 1)
2254 fatalf("parse_peer: carp-key specified on non-carp peer %s/%d\n", p->host, p->http_port);
2255 p->options.carp_key.set=1;
2256 char *nextkey=token+strlen("carp-key="), *key=nextkey;
2257 for (; key; key = nextkey) {
96f6f33b
A		 2258 nextkey=strchr(key,',');
2259 if (nextkey) ++nextkey; // skip the comma, any
2260 if (0==strncasecmp(key,"scheme",6)) {
2261 p->options.carp_key.scheme=1;
2262 } else if (0==strncasecmp(key,"host",4)) {
2263 p->options.carp_key.host=1;
2264 } else if (0==strncasecmp(key,"port",4)) {
2265 p->options.carp_key.port=1;
2266 } else if (0==strncasecmp(key,"path",4)) {
2267 p->options.carp_key.path=1;
2268 } else if (0==strncasecmp(key,"params",6)) {
2269 p->options.carp_key.params=1;
2270 } else {
2271 fatalf("invalid carp-key '%s'",key);
2272 }
de03b596 2273 }
f7e1d9ce 2274 } else if (!strcasecmp(token, "userhash")) {
2f1431ea 2275#if USE_AUTH
f7e1d9ce
HN		 2276 if (p->type != PEER_PARENT)
2277 fatalf("parse_peer: non-parent userhash peer %s/%d\n", p->host, p->http_port);
2278
2279 p->options.userhash = 1;
2f1431ea
AJ		 2280#else
2281 fatalf("parse_peer: userhash requires authentication. peer %s/%d\n", p->host, p->http_port);
2282#endif
f7e1d9ce
HN		 2283 } else if (!strcasecmp(token, "sourcehash")) {
2284 if (p->type != PEER_PARENT)
2285 fatalf("parse_peer: non-parent sourcehash peer %s/%d\n", p->host, p->http_port);
2286
2287 p->options.sourcehash = 1;
2288
62e76326 2289 } else if (!strcasecmp(token, "no-delay")) {
9a0a18de 2290#if USE_DELAY_POOLS
62e76326 2291 p->options.no_delay = 1;
9a0a18de
AJ		 2292#else
2293 debugs(0, DBG_CRITICAL, "WARNING: cache_peer option 'no-delay' requires --enable-delay-pools");
afd88fbe 2294#endif
62e76326 2295 } else if (!strncasecmp(token, "login=", 6)) {
2296 p->login = xstrdup(token + 6);
2297 rfc1738_unescape(p->login);
2298 } else if (!strncasecmp(token, "connect-timeout=", 16)) {
2299 p->connect_timeout = xatoi(token + 16);
ff9970cc
AJ		 2300 } else if (!strncasecmp(token, "connect-fail-limit=", 19)) {
2301 p->connect_fail_limit = xatoi(token + 19);
7e3ce7b9 2302#if USE_CACHE_DIGESTS
62e76326 2303 } else if (!strncasecmp(token, "digest-url=", 11)) {
2304 p->digest_url = xstrdup(token + 11);
7e3ce7b9 2305#endif
62e76326 2306
2307 } else if (!strcasecmp(token, "allow-miss")) {
2308 p->options.allow_miss = 1;
2309 } else if (!strncasecmp(token, "max-conn=", 9)) {
2310 p->max_conn = xatoi(token + 9);
2311 } else if (!strcasecmp(token, "originserver")) {
2312 p->options.originserver = 1;
2313 } else if (!strncasecmp(token, "name=", 5)) {
2314 safe_free(p->name);
2315
2316 if (token[5])
2317 p->name = xstrdup(token + 5);
2318 } else if (!strncasecmp(token, "forceddomain=", 13)) {
2319 safe_free(p->domain);
2320
2321 if (token[13])
2322 p->domain = xstrdup(token + 13);
2323
a7ad6e4e 2324#if USE_SSL
62e76326 2325
2326 } else if (strcmp(token, "ssl") == 0) {
2327 p->use_ssl = 1;
2328 } else if (strncmp(token, "sslcert=", 8) == 0) {
2329 safe_free(p->sslcert);
2330 p->sslcert = xstrdup(token + 8);
2331 } else if (strncmp(token, "sslkey=", 7) == 0) {
2332 safe_free(p->sslkey);
2333 p->sslkey = xstrdup(token + 7);
2334 } else if (strncmp(token, "sslversion=", 11) == 0) {
2335 p->sslversion = atoi(token + 11);
2336 } else if (strncmp(token, "ssloptions=", 11) == 0) {
2337 safe_free(p->ssloptions);
2338 p->ssloptions = xstrdup(token + 11);
2339 } else if (strncmp(token, "sslcipher=", 10) == 0) {
2340 safe_free(p->sslcipher);
2341 p->sslcipher = xstrdup(token + 10);
2342 } else if (strncmp(token, "sslcafile=", 10) == 0) {
2343 safe_free(p->sslcafile);
a82a4fe4 2344 p->sslcafile = xstrdup(token + 10);
62e76326 2345 } else if (strncmp(token, "sslcapath=", 10) == 0) {
2346 safe_free(p->sslcapath);
a82a4fe4 2347 p->sslcapath = xstrdup(token + 10);
2348 } else if (strncmp(token, "sslcrlfile=", 11) == 0) {
2349 safe_free(p->sslcrlfile);
2350 p->sslcapath = xstrdup(token + 10);
62e76326 2351 } else if (strncmp(token, "sslflags=", 9) == 0) {
2352 safe_free(p->sslflags);
2353 p->sslflags = xstrdup(token + 9);
2354 } else if (strncmp(token, "ssldomain=", 10) == 0) {
2355 safe_free(p->ssldomain);
2356 p->ssldomain = xstrdup(token + 10);
a7ad6e4e 2357#endif
62e76326 2358
2359 } else if (strcmp(token, "front-end-https") == 0) {
2360 p->front_end_https = 1;
2361 } else if (strcmp(token, "front-end-https=on") == 0) {
2362 p->front_end_https = 1;
2363 } else if (strcmp(token, "front-end-https=auto") == 0) {
2364 p->front_end_https = 2;
26ac0430 2365 } else if (strcmp(token, "connection-auth=off") == 0) {
d67acb4e
AJ		 2366 p->connection_auth = 0;
2367 } else if (strcmp(token, "connection-auth") == 0) {
2368 p->connection_auth = 1;
2369 } else if (strcmp(token, "connection-auth=on") == 0) {
2370 p->connection_auth = 1;
2371 } else if (strcmp(token, "connection-auth=auto") == 0) {
2372 p->connection_auth = 2;
62e76326 2373 } else {
bf8fe701 2374 debugs(3, 0, "parse_peer: token='" << token << "'");
62e76326 2375 self_destruct();
2376 }
270b86af 2377 }
62e76326 2378
be753325 2379 if (peerFindByName(p->name))
62e76326 2380 fatalf("ERROR: cache_peer %s specified twice\n", p->name);
2381
40a1495e 2382 if (p->weight < 1)
62e76326 2383 p->weight = 1;
2384
ff9970cc 2385 if (p->connect_fail_limit < 1)
a4d889e0 2386 p->connect_fail_limit = 10;
ff9970cc 2387
399cabec 2388 p->icp.version = ICP_VERSION_CURRENT;
62e76326 2389
cfd66529 2390 p->testing_now = false;
62e76326 2391
e13ee7ad 2392#if USE_CACHE_DIGESTS
62e76326 2393
e13ee7ad 2394 if (!p->options.no_digest) {
62e76326 2395 /* XXX This looks odd.. who has the original pointer
2396 * then?
2397 */
2398 PeerDigest *pd = peerDigestCreate(p);
2399 p->digest = cbdataReference(pd);
8a6218c6 2400 }
62e76326 2401
e13ee7ad 2402#endif
cc192b50 2403
2404 p->index = ++Config.npeers;
2405
0153d498 2406 while (*head != NULL)
62e76326 2407 head = &(*head)->next;
2408
0153d498 2409 *head = p;
62e76326 2410
32a47e3e 2411 peerClearRRStart();
0153d498 2412}
2413
2414static void
40a1495e 2415free_peer(peer ** P)
0153d498 2416{
40a1495e 2417 peer *p;
62e76326 2418
79d39a72 2419 while ((p = *P) != NULL) {
62e76326 2420 *P = p->next;
3855c318 2421#if USE_CACHE_DIGESTS
62e76326 2422
2423 cbdataReferenceDone(p->digest);
3855c318 2424#endif
62e76326 2425
2426 cbdataFree(p);
a47b9029 2427 }
62e76326 2428
987c67d1 2429 Config.npeers = 0;
270b86af 2430}
2431
2432static void
a7d59104 2433dump_cachemgrpasswd(StoreEntry * entry, const char *name, cachemgr_passwd * list)
270b86af 2434{
d41de3c1 2435 wordlist *w;
62e76326 2436
d41de3c1 2437 while (list != NULL) {
62e76326 2438 if (strcmp(list->passwd, "none") && strcmp(list->passwd, "disable"))
2439 storeAppendPrintf(entry, "%s XXXXXXXXXX", name);
2440 else
2441 storeAppendPrintf(entry, "%s %s", name, list->passwd);
2442
2443 for (w = list->actions; w != NULL; w = w->next) {
2444 storeAppendPrintf(entry, " %s", w->key);
2445 }
2446
2447 storeAppendPrintf(entry, "\n");
2448 list = list->next;
d41de3c1 2449 }
270b86af 2450}
2451
2452static void
a47b9029 2453parse_cachemgrpasswd(cachemgr_passwd ** head)
270b86af 2454{
2455 char *passwd = NULL;
2456 wordlist *actions = NULL;
22f3fd98 2457 cachemgr_passwd *p;
2458 cachemgr_passwd **P;
270b86af 2459 parse_string(&passwd);
2460 parse_wordlist(&actions);
e6ccf245 2461 p = static_cast<cachemgr_passwd *>(xcalloc(1, sizeof(cachemgr_passwd)));
22f3fd98 2462 p->passwd = passwd;
2463 p->actions = actions;
62e76326 2464
26aa7e31 2465 for (P = head; *P; P = &(*P)->next) {
62e76326 2466 /*
2467 * See if any of the actions from this line already have a
2468 * password from previous lines. The password checking
2469 * routines in cache_manager.c take the the password from
2470 * the first cachemgr_passwd struct that contains the
2471 * requested action. Thus, we should warn users who might
2472 * think they can have two passwords for the same action.
2473 */
2474 wordlist *w;
2475 wordlist *u;
2476
2477 for (w = (*P)->actions; w; w = w->next) {
2478 for (u = actions; u; u = u->next) {
2479 if (strcmp(w->key, u->key))
2480 continue;
2481
bf8fe701 2482 debugs(0, 0, "WARNING: action '" << u->key << "' (line " << config_lineno << ") already has a password");
62e76326 2483 }
2484 }
26aa7e31 2485 }
62e76326 2486
22f3fd98 2487 *P = p;
270b86af 2488}
2489
2490static void
a47b9029 2491free_cachemgrpasswd(cachemgr_passwd ** head)
270b86af 2492{
a47b9029 2493 cachemgr_passwd *p;
62e76326 2494
79d39a72 2495 while ((p = *head) != NULL) {
62e76326 2496 *head = p->next;
2497 xfree(p->passwd);
2498 wordlistDestroy(&p->actions);
2499 xfree(p);
a47b9029 2500 }
270b86af 2501}
2502
8203a132 2503static void
16300b58 2504dump_denyinfo(StoreEntry * entry, const char *name, acl_deny_info_list * var)
270b86af 2505{
d41de3c1 2506 acl_name_list *a;
62e76326 2507
d41de3c1 2508 while (var != NULL) {
62e76326 2509 storeAppendPrintf(entry, "%s %s", name, var->err_page_name);
2510
2511 for (a = var->acl_list; a != NULL; a = a->next)
2512 storeAppendPrintf(entry, " %s", a->name);
2513
2514 storeAppendPrintf(entry, "\n");
2515
2516 var = var->next;
d41de3c1 2517 }
270b86af 2518}
2519
2520static void
16300b58 2521parse_denyinfo(acl_deny_info_list ** var)
6e40f263 2522{
f1dc9b30 2523 aclParseDenyInfoLine(var);
6e40f263 2524}
403279e0 2525
1273d501 2526void
a47b9029 2527free_denyinfo(acl_deny_info_list ** list)
3c5557f9 2528{
56b63fa1 2529 acl_deny_info_list *a = NULL;
2530 acl_deny_info_list *a_next = NULL;
2531 acl_name_list *l = NULL;
2532 acl_name_list *l_next = NULL;
62e76326 2533
1273d501 2534 for (a = *list; a; a = a_next) {
62e76326 2535 for (l = a->acl_list; l; l = l_next) {
2536 l_next = l->next;
2537 memFree(l, MEM_ACL_NAME_LIST);
2538 l = NULL;
2539 }
2540
2541 a_next = a->next;
2542 memFree(a, MEM_ACL_DENY_INFO_LIST);
2543 a = NULL;
1273d501 2544 }
62e76326 2545
1273d501 2546 *list = NULL;
270b86af 2547}
2548
2549static void
505e35db 2550parse_peer_access(void)
270b86af 2551{
2552 char *host = NULL;
505e35db 2553 peer *p;
62e76326 2554
270b86af 2555 if (!(host = strtok(NULL, w_space)))
62e76326 2556 self_destruct();
2557
0cdcddb9 2558 if ((p = peerFindByName(host)) == NULL) {
bf8fe701 2559 debugs(15, 0, "" << cfg_filename << ", line " << config_lineno << ": No cache_peer '" << host << "'");
62e76326 2560 return;
0cdcddb9 2561 }
62e76326 2562
a9f20260 2563 aclParseAccessLine(LegacyParser, &p->access);
270b86af 2564}
2565
270b86af 2566static void
2567parse_hostdomain(void)
2568{
2569 char *host = NULL;
2570 char *domain = NULL;
62e76326 2571
270b86af 2572 if (!(host = strtok(NULL, w_space)))
62e76326 2573 self_destruct();
2574
f1dc9b30 2575 while ((domain = strtok(NULL, list_sep))) {
62e76326 2576 domain_ping *l = NULL;
2577 domain_ping **L = NULL;
2578 peer *p;
2579
2580 if ((p = peerFindByName(host)) == NULL) {
bf8fe701 2581 debugs(15, 0, "" << cfg_filename << ", line " << config_lineno << ": No cache_peer '" << host << "'");
62e76326 2582 continue;
2583 }
2584
2585 l = static_cast<domain_ping *>(xcalloc(1, sizeof(domain_ping)));
2586 l->do_ping = 1;
2587
2588 if (*domain == '!') { /* check for !.edu */
2589 l->do_ping = 0;
2590 domain++;
2591 }
2592
2593 l->domain = xstrdup(domain);
2594
3d0ac046 2595 for (L = &(p->peer_domain); *L; L = &((*L)->next));
62e76326 2596 *L = l;
f1dc9b30 2597 }
270b86af 2598}
2599
2600static void
2601parse_hostdomaintype(void)
2602{
2603 char *host = NULL;
2604 char *type = NULL;
2605 char *domain = NULL;
62e76326 2606
270b86af 2607 if (!(host = strtok(NULL, w_space)))
62e76326 2608 self_destruct();
2609
270b86af 2610 if (!(type = strtok(NULL, w_space)))
62e76326 2611 self_destruct();
2612
f1dc9b30 2613 while ((domain = strtok(NULL, list_sep))) {
62e76326 2614 domain_type *l = NULL;
2615 domain_type **L = NULL;
2616 peer *p;
2617
2618 if ((p = peerFindByName(host)) == NULL) {
bf8fe701 2619 debugs(15, 0, "" << cfg_filename << ", line " << config_lineno << ": No cache_peer '" << host << "'");
62e76326 2620 return;
2621 }
2622
2623 l = static_cast<domain_type *>(xcalloc(1, sizeof(domain_type)));
2624 l->type = parseNeighborType(type);
2625 l->domain = xstrdup(domain);
2626
3d0ac046 2627 for (L = &(p->typelist); *L; L = &((*L)->next));
62e76326 2628 *L = l;
f1dc9b30 2629 }
270b86af 2630}
2631
270b86af 2632static void
a7d59104 2633dump_int(StoreEntry * entry, const char *name, int var)
270b86af 2634{
f53b06f9 2635 storeAppendPrintf(entry, "%s %d\n", name, var);
270b86af 2636}
c1c29eb6 2637
94439e4e 2638void
270b86af 2639parse_int(int *var)
2640{
270b86af 2641 int i;
0e4e0e7d 2642 i = GetInteger();
270b86af 2643 *var = i;
2644}
090089c4 2645
0153d498 2646static void
2647free_int(int *var)
2648{
a47b9029 2649 *var = 0;
0153d498 2650}
2651
270b86af 2652static void
a7d59104 2653dump_onoff(StoreEntry * entry, const char *name, int var)
270b86af 2654{
f53b06f9 2655 storeAppendPrintf(entry, "%s %s\n", name, var ? "on" : "off");
270b86af 2656}
090089c4 2657
d205783b 2658void
270b86af 2659parse_onoff(int *var)
2660{
2661 char *token = strtok(NULL, w_space);
090089c4 2662
270b86af 2663 if (token == NULL)
62e76326 2664 self_destruct();
2665
270b86af 2666 if (!strcasecmp(token, "on") || !strcasecmp(token, "enable"))
62e76326 2667 *var = 1;
270b86af 2668 else
62e76326 2669 *var = 0;
270b86af 2670}
e90100aa 2671
0153d498 2672#define free_onoff free_int
52d3f198 2673
2674static void
2675dump_tristate(StoreEntry * entry, const char *name, int var)
2676{
2677 const char *state;
2678
2679 if (var > 0)
2680 state = "on";
2681 else if (var < 0)
2682 state = "warn";
2683 else
2684 state = "off";
2685
2686 storeAppendPrintf(entry, "%s %s\n", name, state);
2687}
2688
2689static void
2690parse_tristate(int *var)
2691{
2692 char *token = strtok(NULL, w_space);
2693
2694 if (token == NULL)
2695 self_destruct();
2696
2697 if (!strcasecmp(token, "on") || !strcasecmp(token, "enable"))
2698 *var = 1;
2699 else if (!strcasecmp(token, "warn"))
2700 *var = -1;
2701 else
2702 *var = 0;
2703}
2704
2705#define free_tristate free_int
30a4f2a8 2706
270b86af 2707static void
a7d59104 2708dump_refreshpattern(StoreEntry * entry, const char *name, refresh_t * head)
270b86af 2709{
d41de3c1 2710 while (head != NULL) {
0e1d7629 2711 storeAppendPrintf(entry, "%s%s %s %d %d%% %d",
62e76326 2712 name,
2713 head->flags.icase ? " -i" : null_string,
2714 head->pattern,
2715 (int) head->min / 60,
2716 (int) (100.0 * head->pct + 0.5),
2717 (int) head->max / 60);
4c3ef9b2 2718
570d3f75
AJ		 2719 if (head->max_stale >= 0)
2720 storeAppendPrintf(entry, " max-stale=%d", head->max_stale);
2721
4c3ef9b2 2722 if (head->flags.refresh_ims)
2723 storeAppendPrintf(entry, " refresh-ims");
2724
3d8b6ba4
AJ		 2725 if (head->flags.store_stale)
2726 storeAppendPrintf(entry, " store-stale");
2727
626096be 2728#if USE_HTTP_VIOLATIONS
62e76326 2729
2730 if (head->flags.override_expire)
2731 storeAppendPrintf(entry, " override-expire");
2732
2733 if (head->flags.override_lastmod)
2734 storeAppendPrintf(entry, " override-lastmod");
2735
2736 if (head->flags.reload_into_ims)
2737 storeAppendPrintf(entry, " reload-into-ims");
2738
2739 if (head->flags.ignore_reload)
2740 storeAppendPrintf(entry, " ignore-reload");
2741
38f9c547 2742 if (head->flags.ignore_no_cache)
2743 storeAppendPrintf(entry, " ignore-no-cache");
2744
2745 if (head->flags.ignore_no_store)
2746 storeAppendPrintf(entry, " ignore-no-store");
2747
4ca08219
AJ		 2748 if (head->flags.ignore_must_revalidate)
2749 storeAppendPrintf(entry, " ignore-must-revalidate");
2750
38f9c547 2751 if (head->flags.ignore_private)
2752 storeAppendPrintf(entry, " ignore-private");
2753
2754 if (head->flags.ignore_auth)
2755 storeAppendPrintf(entry, " ignore-auth");
2756
9f60cfdf 2757#endif
62e76326 2758
2759 storeAppendPrintf(entry, "\n");
2760
2761 head = head->next;
d41de3c1 2762 }
270b86af 2763}
090089c4 2764
270b86af 2765static void
f1dc9b30 2766parse_refreshpattern(refresh_t ** head)
270b86af 2767{
f1dc9b30 2768 char *token;
2769 char *pattern;
2770 time_t min = 0;
c3f6d204 2771 double pct = 0.0;
f1dc9b30 2772 time_t max = 0;
4c3ef9b2 2773 int refresh_ims = 0;
3d8b6ba4 2774 int store_stale = 0;
570d3f75 2775 int max_stale = -1;
3d8b6ba4 2776
626096be 2777#if USE_HTTP_VIOLATIONS
62e76326 2778
1dfa1d81 2779 int override_expire = 0;
2780 int override_lastmod = 0;
cbe3a719 2781 int reload_into_ims = 0;
2782 int ignore_reload = 0;
38f9c547 2783 int ignore_no_cache = 0;
2784 int ignore_no_store = 0;
4ca08219 2785 int ignore_must_revalidate = 0;
38f9c547 2786 int ignore_private = 0;
2787 int ignore_auth = 0;
9f60cfdf 2788#endif
62e76326 2789
f1dc9b30 2790 int i;
2791 refresh_t *t;
2792 regex_t comp;
2793 int errcode;
2794 int flags = REG_EXTENDED | REG_NOSUB;
62e76326 2795
9eeb8e4b 2796 if ((token = strtok(NULL, w_space)) == NULL) {
62e76326 2797 self_destruct();
9eeb8e4b 2798 return;
2799 }
62e76326 2800
f1dc9b30 2801 if (strcmp(token, "-i") == 0) {
62e76326 2802 flags |= REG_ICASE;
2803 token = strtok(NULL, w_space);
f1dc9b30 2804 } else if (strcmp(token, "+i") == 0) {
62e76326 2805 flags &= ~REG_ICASE;
2806 token = strtok(NULL, w_space);
f1dc9b30 2807 }
62e76326 2808
9eeb8e4b 2809 if (token == NULL) {
62e76326 2810 self_destruct();
9eeb8e4b 2811 return;
2812 }
62e76326 2813
f1dc9b30 2814 pattern = xstrdup(token);
62e76326 2815
0e4e0e7d 2816 i = GetInteger(); /* token: min */
62e76326 2817
a632ba71
AJ		 2818 /* catch negative and insanely huge values close to 32-bit wrap */
2819 if (i < 0) {
2820 debugs(3, DBG_IMPORTANT, "WARNING: refresh_pattern minimum age negative. Cropped back to zero.");
2821 i = 0;
2822 }
2823 if (i > 60*24*365) {
2824 debugs(3, DBG_IMPORTANT, "WARNING: refresh_pattern minimum age too high. Cropped back to 1 year.");
2825 i = 60*24*365;
2826 }
2827
f1dc9b30 2828 min = (time_t) (i * 60); /* convert minutes to seconds */
62e76326 2829
0e4e0e7d 2830 i = GetInteger(); /* token: pct */
62e76326 2831
c3f6d204 2832 pct = (double) i / 100.0;
62e76326 2833
0e4e0e7d 2834 i = GetInteger(); /* token: max */
62e76326 2835
a632ba71
AJ		 2836 /* catch negative and insanely huge values close to 32-bit wrap */
2837 if (i < 0) {
2838 debugs(3, DBG_IMPORTANT, "WARNING: refresh_pattern maximum age negative. Cropped back to zero.");
2839 i = 0;
2840 }
2841 if (i > 60*24*365) {
2842 debugs(3, DBG_IMPORTANT, "WARNING: refresh_pattern maximum age too high. Cropped back to 1 year.");
2843 i = 60*24*365;
2844 }
2845
f1dc9b30 2846 max = (time_t) (i * 60); /* convert minutes to seconds */
62e76326 2847
1dfa1d81 2848 /* Options */
2849 while ((token = strtok(NULL, w_space)) != NULL) {
4c3ef9b2 2850 if (!strcmp(token, "refresh-ims")) {
2851 refresh_ims = 1;
3d8b6ba4
AJ		 2852 } else if (!strcmp(token, "store-stale")) {
2853 store_stale = 1;
570d3f75
AJ		 2854 } else if (!strncmp(token, "max-stale=", 10)) {
2855 max_stale = atoi(token + 10);
626096be 2856#if USE_HTTP_VIOLATIONS
62e76326 2857
4c3ef9b2 2858 } else if (!strcmp(token, "override-expire"))
62e76326 2859 override_expire = 1;
2860 else if (!strcmp(token, "override-lastmod"))
2861 override_lastmod = 1;
38f9c547 2862 else if (!strcmp(token, "ignore-no-cache"))
2863 ignore_no_cache = 1;
2864 else if (!strcmp(token, "ignore-no-store"))
2865 ignore_no_store = 1;
4ca08219
AJ		 2866 else if (!strcmp(token, "ignore-must-revalidate"))
2867 ignore_must_revalidate = 1;
38f9c547 2868 else if (!strcmp(token, "ignore-private"))
2869 ignore_private = 1;
2870 else if (!strcmp(token, "ignore-auth"))
2871 ignore_auth = 1;
62e76326 2872 else if (!strcmp(token, "reload-into-ims")) {
2873 reload_into_ims = 1;
2874 refresh_nocache_hack = 1;
2875 /* tell client_side.c that this is used */
2876 } else if (!strcmp(token, "ignore-reload")) {
2877 ignore_reload = 1;
2878 refresh_nocache_hack = 1;
2879 /* tell client_side.c that this is used */
9f60cfdf 2880#endif
62e76326 2881
4c3ef9b2 2882 } else
570d3f75 2883 debugs(22, 0, "refreshAddToList: Unknown option '" << pattern << "': " << token);
1dfa1d81 2884 }
62e76326 2885
f1dc9b30 2886 if ((errcode = regcomp(&comp, pattern, flags)) != 0) {
62e76326 2887 char errbuf[256];
2888 regerror(errcode, &comp, errbuf, sizeof errbuf);
bf8fe701 2889 debugs(22, 0, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
2890 debugs(22, 0, "refreshAddToList: Invalid regular expression '" << pattern << "': " << errbuf);
62e76326 2891 return;
f1dc9b30 2892 }
62e76326 2893
c3f6d204 2894 pct = pct < 0.0 ? 0.0 : pct;
f1dc9b30 2895 max = max < 0 ? 0 : max;
e6ccf245 2896 t = static_cast<refresh_t *>(xcalloc(1, sizeof(refresh_t)));
f1dc9b30 2897 t->pattern = (char *) xstrdup(pattern);
2898 t->compiled_pattern = comp;
2899 t->min = min;
c3f6d204 2900 t->pct = pct;
f1dc9b30 2901 t->max = max;
62e76326 2902
c3f6d204 2903 if (flags & REG_ICASE)
62e76326 2904 t->flags.icase = 1;
2905
4c3ef9b2 2906 if (refresh_ims)
2907 t->flags.refresh_ims = 1;
2908
3d8b6ba4
AJ		 2909 if (store_stale)
2910 t->flags.store_stale = 1;
2911
570d3f75
AJ		 2912 t->max_stale = max_stale;
2913
626096be 2914#if USE_HTTP_VIOLATIONS
62e76326 2915
1dfa1d81 2916 if (override_expire)
62e76326 2917 t->flags.override_expire = 1;
2918
1dfa1d81 2919 if (override_lastmod)
62e76326 2920 t->flags.override_lastmod = 1;
2921
cbe3a719 2922 if (reload_into_ims)
62e76326 2923 t->flags.reload_into_ims = 1;
2924
cbe3a719 2925 if (ignore_reload)
62e76326 2926 t->flags.ignore_reload = 1;
2927
38f9c547 2928 if (ignore_no_cache)
2929 t->flags.ignore_no_cache = 1;
2930
2931 if (ignore_no_store)
2932 t->flags.ignore_no_store = 1;
2933
4ca08219
AJ		 2934 if (ignore_must_revalidate)
2935 t->flags.ignore_must_revalidate = 1;
2936
38f9c547 2937 if (ignore_private)
2938 t->flags.ignore_private = 1;
2939
2940 if (ignore_auth)
2941 t->flags.ignore_auth = 1;
2942
9f60cfdf 2943#endif
62e76326 2944
f1dc9b30 2945 t->next = NULL;
62e76326 2946
f1dc9b30 2947 while (*head)
62e76326 2948 head = &(*head)->next;
2949
f1dc9b30 2950 *head = t;
62e76326 2951
f1dc9b30 2952 safe_free(pattern);
270b86af 2953}
090089c4 2954
270b86af 2955static void
a47b9029 2956free_refreshpattern(refresh_t ** head)
270b86af 2957{
f1dc9b30 2958 refresh_t *t;
62e76326 2959
79d39a72 2960 while ((t = *head) != NULL) {
62e76326 2961 *head = t->next;
2962 safe_free(t->pattern);
2963 regfree(&t->compiled_pattern);
2964 safe_free(t);
f1dc9b30 2965 }
c2066637 2966
626096be 2967#if USE_HTTP_VIOLATIONS
c2066637 2968 refresh_nocache_hack = 0;
8970d351 2969
2970#endif
270b86af 2971}
12b9e9b1 2972
270b86af 2973static void
a7d59104 2974dump_string(StoreEntry * entry, const char *name, char *var)
270b86af 2975{
f53b06f9 2976 if (var != NULL)
62e76326 2977 storeAppendPrintf(entry, "%s %s\n", name, var);
270b86af 2978}
98ffb7e4 2979
270b86af 2980static void
0153d498 2981parse_string(char **var)
270b86af 2982{
2983 char *token = strtok(NULL, w_space);
270b86af 2984 safe_free(*var);
62e76326 2985
270b86af 2986 if (token == NULL)
62e76326 2987 self_destruct();
2988
270b86af 2989 *var = xstrdup(token);
2990}
b15e6857 2991
3a69ddf3 2992void
2993ConfigParser::ParseString(char **var)
2994{
2995 parse_string(var);
2996}
2997
2998void
30abd221 2999ConfigParser::ParseString(String *var)
3a69ddf3 3000{
3001 char *token = strtok(NULL, w_space);
3002
3003 if (token == NULL)
3004 self_destruct();
3005
30abd221 3006 var->reset(token);
3a69ddf3 3007}
3008
0153d498 3009static void
3010free_string(char **var)
3011{
027acbaf 3012 safe_free(*var);
0153d498 3013}
caebbe00 3014
94439e4e 3015void
f1dc9b30 3016parse_eol(char *volatile *var)
270b86af 3017{
65657c1a
AJ		 3018 if (!var) {
3019 self_destruct();
3020 return;
3021 }
3022
852751f7 3023 unsigned char *token = (unsigned char *) strtok(NULL, null_string);
270b86af 3024 safe_free(*var);
62e76326 3025
9eeb8e4b 3026 if (!token) {
62e76326 3027 self_destruct();
9eeb8e4b 3028 return;
3029 }
62e76326 3030
e4755e29 3031 while (*token && xisspace(*token))
62e76326 3032 token++;
3033
9eeb8e4b 3034 if (!*token) {
62e76326 3035 self_destruct();
9eeb8e4b 3036 return;
3037 }
62e76326 3038
852751f7 3039 *var = xstrdup((char *) token);
270b86af 3040}
090089c4 3041
52d3f198 3042#define dump_eol dump_string
3043#define free_eol free_string
3044
270b86af 3045static void
a7d59104 3046dump_time_t(StoreEntry * entry, const char *name, time_t var)
090089c4 3047{
f53b06f9 3048 storeAppendPrintf(entry, "%s %d seconds\n", name, (int) var);
090089c4 3049}
3050
94439e4e 3051void
a47b9029 3052parse_time_t(time_t * var)
0ffd22bc 3053{
fd0f51c4 3054 time_msec_t tval;
9b741834 3055 parseTimeLine(&tval, T_SECOND_STR, false);
fd0f51c4 3056 *var = static_cast<time_t>(tval/1000);
0ffd22bc 3057}
3058
270b86af 3059static void
a47b9029 3060free_time_t(time_t * var)
270b86af 3061{
a47b9029 3062 *var = 0;
270b86af 3063}
9906e724 3064
9fc16f39 3065#if !USE_DNSSERVERS
fd0f51c4
CT		 3066static void
3067dump_time_msec(StoreEntry * entry, const char *name, time_msec_t var)
3068{
3069 if (var % 1000)
3070 storeAppendPrintf(entry, "%s %"PRId64" milliseconds\n", name, var);
3071 else
3072 storeAppendPrintf(entry, "%s %d seconds\n", name, (int)(var/1000) );
3073}
3074
3075void
3076parse_time_msec(time_msec_t * var)
3077{
9b741834 3078 parseTimeLine(var, T_SECOND_STR, true);
fd0f51c4
CT		 3079}
3080
3081static void
3082free_time_msec(time_msec_t * var)
3083{
3084 *var = 0;
3085}
9fc16f39 3086#endif
fd0f51c4 3087
0477a072 3088#if UNUSED_CODE
9906e724 3089static void
a7d59104 3090dump_size_t(StoreEntry * entry, const char *name, size_t var)
1b635117 3091{
f53b06f9 3092 storeAppendPrintf(entry, "%s %d\n", name, (int) var);
1b635117 3093}
0477a072 3094#endif
1b635117 3095
3096static void
a7d59104 3097dump_b_size_t(StoreEntry * entry, const char *name, size_t var)
9906e724 3098{
f53b06f9 3099 storeAppendPrintf(entry, "%s %d %s\n", name, (int) var, B_BYTES_STR);
9906e724 3100}
3101
e210930b
AJ		 3102#if !USE_DNSSERVERS
3103static void
3104dump_b_ssize_t(StoreEntry * entry, const char *name, ssize_t var)
3105{
3106 storeAppendPrintf(entry, "%s %d %s\n", name, (int) var, B_BYTES_STR);
3107}
3108#endif
3109
3e62bd58 3110#if UNUSED_CODE
9906e724 3111static void
a7d59104 3112dump_kb_size_t(StoreEntry * entry, const char *name, size_t var)
9906e724 3113{
f53b06f9 3114 storeAppendPrintf(entry, "%s %d %s\n", name, (int) var, B_KBYTES_STR);
9906e724 3115}
3e62bd58 3116#endif
9906e724 3117
47f6e231 3118static void
3119dump_b_int64_t(StoreEntry * entry, const char *name, int64_t var)
3120{
3121 storeAppendPrintf(entry, "%s %"PRId64" %s\n", name, var, B_BYTES_STR);
3122}
3123
3124static void
3125dump_kb_int64_t(StoreEntry * entry, const char *name, int64_t var)
3126{
3127 storeAppendPrintf(entry, "%s %"PRId64" %s\n", name, var, B_KBYTES_STR);
3128}
3129
0477a072 3130#if UNUSED_CODE
9906e724 3131static void
a47b9029 3132parse_size_t(size_t * var)
1b635117 3133{
1b635117 3134 int i;
0e4e0e7d 3135 i = GetInteger();
1b635117 3136 *var = (size_t) i;
3137}
0477a072 3138#endif
1b635117 3139
3140static void
3141parse_b_size_t(size_t * var)
9906e724 3142{
3143 parseBytesLine(var, B_BYTES_STR);
3144}
3145
e210930b
AJ		 3146#if !USE_DNSSERVERS
3147static void
3148parse_b_ssize_t(ssize_t * var)
3149{
3150 parseBytesLineSigned(var, B_BYTES_STR);
3151}
3152#endif
3153
3e62bd58 3154#if UNUSED_CODE
9906e724 3155static void
a47b9029 3156parse_kb_size_t(size_t * var)
9906e724 3157{
3158 parseBytesLine(var, B_KBYTES_STR);
3159}
3e62bd58 3160#endif
9906e724 3161
47f6e231 3162static void
3163parse_b_int64_t(int64_t * var)
3164{
3165 parseBytesLine64(var, B_BYTES_STR);
3166}
3167
3168static void
3169parse_kb_int64_t(int64_t * var)
3170{
3171 parseBytesLine64(var, B_KBYTES_STR);
3172}
3173
9906e724 3174static void
a47b9029 3175free_size_t(size_t * var)
9906e724 3176{
a47b9029 3177 *var = 0;
9906e724 3178}
3179
e210930b
AJ		 3180#if !USE_DNSSERVERS
3181static void
3182free_ssize_t(ssize_t * var)
3183{
3184 *var = 0;
3185}
3186#endif
3187
47f6e231 3188static void
3189free_b_int64_t(int64_t * var)
3190{
3191 *var = 0;
3192}
3193
1b635117 3194#define free_b_size_t free_size_t
e210930b 3195#define free_b_ssize_t free_ssize_t
9906e724 3196#define free_kb_size_t free_size_t
3197#define free_mb_size_t free_size_t
3198#define free_gb_size_t free_size_t
47f6e231 3199#define free_kb_int64_t free_b_int64_t
090089c4 3200
8203a132 3201static void
f45dd259 3202dump_u_short(StoreEntry * entry, const char *name, unsigned short var)
090089c4 3203{
f53b06f9 3204 storeAppendPrintf(entry, "%s %d\n", name, var);
270b86af 3205}
090089c4 3206
0153d498 3207static void
f45dd259 3208free_u_short(unsigned short * u)
0153d498 3209{
3210 *u = 0;
3211}
3212
270b86af 3213static void
f45dd259 3214parse_u_short(unsigned short * var)
b67e2c8c 3215{
3216 ConfigParser::ParseUShort(var);
3217}
3218
3219void
f45dd259 3220ConfigParser::ParseUShort(unsigned short *var)
270b86af 3221{
0e656b69 3222 *var = GetShort();
090089c4 3223}
3224
3a69ddf3 3225void
3226ConfigParser::ParseBool(bool *var)
3227{
3228 int i = GetInteger();
3229
3230 if (0 == i)
3231 *var = false;
3232 else if (1 == i)
3233 *var = true;
3234 else
3235 self_destruct();
3236}
3237
270b86af 3238static void
a7d59104 3239dump_wordlist(StoreEntry * entry, const char *name, wordlist * list)
270b86af 3240{
270b86af 3241 while (list != NULL) {
62e76326 3242 storeAppendPrintf(entry, "%s %s\n", name, list->key);
3243 list = list->next;
429fdbec 3244 }
429fdbec 3245}
3246
3a69ddf3 3247void
3248ConfigParser::ParseWordList(wordlist ** list)
3249{
3250 parse_wordlist(list);
3251}
3252
94439e4e 3253void
270b86af 3254parse_wordlist(wordlist ** list)
429fdbec 3255{
270b86af 3256 char *token;
a3c6890f 3257 char *t = strtok(NULL, "");
62e76326 3258
a3c6890f 3259 while ((token = strwordtok(NULL, &t)))
62e76326 3260 wordlistAdd(list, token);
429fdbec 3261}
270b86af 3262
b3d8a9e8 3263#if 0 /* now unused */
f8d9f54a 3264static int
5da06f20 3265check_null_wordlist(wordlist * w)
f8d9f54a 3266{
3267 return w == NULL;
3268}
b3d8a9e8 3269#endif
f8d9f54a 3270
63e9d884 3271static int
c6d5b87b 3272check_null_acl_access(acl_access * a)
63e9d884 3273{
3274 return a == NULL;
3275}
3276
0153d498 3277#define free_wordlist wordlistDestroy
270b86af 3278
d548ee64 3279#define free_uri_whitespace free_int
3280
3281static void
3282parse_uri_whitespace(int *var)
3283{
3284 char *token = strtok(NULL, w_space);
62e76326 3285
d548ee64 3286 if (token == NULL)
62e76326 3287 self_destruct();
3288
7e3ce7b9 3289 if (!strcasecmp(token, "strip"))
62e76326 3290 *var = URI_WHITESPACE_STRIP;
7e3ce7b9 3291 else if (!strcasecmp(token, "deny"))
62e76326 3292 *var = URI_WHITESPACE_DENY;
d548ee64 3293 else if (!strcasecmp(token, "allow"))
62e76326 3294 *var = URI_WHITESPACE_ALLOW;
d548ee64 3295 else if (!strcasecmp(token, "encode"))
62e76326 3296 *var = URI_WHITESPACE_ENCODE;
d548ee64 3297 else if (!strcasecmp(token, "chop"))
62e76326 3298 *var = URI_WHITESPACE_CHOP;
d548ee64 3299 else
62e76326 3300 self_destruct();
d548ee64 3301}
3302
d548ee64 3303static void
3304dump_uri_whitespace(StoreEntry * entry, const char *name, int var)
3305{
c193c972 3306 const char *s;
62e76326 3307
d548ee64 3308 if (var == URI_WHITESPACE_ALLOW)
62e76326 3309 s = "allow";
d548ee64 3310 else if (var == URI_WHITESPACE_ENCODE)
62e76326 3311 s = "encode";
d548ee64 3312 else if (var == URI_WHITESPACE_CHOP)
62e76326 3313 s = "chop";
7e3ce7b9 3314 else if (var == URI_WHITESPACE_DENY)
62e76326 3315 s = "deny";
7e3ce7b9 3316 else
62e76326 3317 s = "strip";
3318
d548ee64 3319 storeAppendPrintf(entry, "%s %s\n", name, s);
3320}
3321
6a566b9c 3322static void
c1dd71ae 3323free_removalpolicy(RemovalPolicySettings ** settings)
6a566b9c 3324{
3325 if (!*settings)
62e76326 3326 return;
3327
6a566b9c 3328 free_string(&(*settings)->type);
62e76326 3329
6a566b9c 3330 free_wordlist(&(*settings)->args);
62e76326 3331
c8f4eac4 3332 delete *settings;
62e76326 3333
6a566b9c 3334 *settings = NULL;
3335}
3336
3337static void
c1dd71ae 3338parse_removalpolicy(RemovalPolicySettings ** settings)
6a566b9c 3339{
3340 if (*settings)
62e76326 3341 free_removalpolicy(settings);
3342
c8f4eac4 3343 *settings = new RemovalPolicySettings;
62e76326 3344
6a566b9c 3345 parse_string(&(*settings)->type);
62e76326 3346
6a566b9c 3347 parse_wordlist(&(*settings)->args);
3348}
3349
3350static void
c1dd71ae 3351dump_removalpolicy(StoreEntry * entry, const char *name, RemovalPolicySettings * settings)
6a566b9c 3352{
3353 wordlist *args;
3354 storeAppendPrintf(entry, "%s %s", name, settings->type);
3355 args = settings->args;
62e76326 3356
6a566b9c 3357 while (args) {
62e76326 3358 storeAppendPrintf(entry, " %s", args->key);
3359 args = args->next;
6a566b9c 3360 }
62e76326 3361
be58afb5 3362 storeAppendPrintf(entry, "\n");
6a566b9c 3363}
c1dd71ae 3364
57af1e3f
AR		 3365void
3366YesNoNone::configure(bool beSet)
3367{
3368 option = beSet ? +1 : -1;
3369}
3370
3371YesNoNone::operator void*() const
3372{
3373 assert(option != 0); // must call configure() first
3374 return option > 0 ? (void*)this : NULL;
3375}
3376
3377
de0cb3d8
AR		 3378inline void
3379free_YesNoNone(YesNoNone *)
57af1e3f 3380{
de0cb3d8 3381 // do nothing: no explicit cleanup is required
57af1e3f
AR		 3382}
3383
3384static void
3385parse_YesNoNone(YesNoNone *option)
3386{
3387 int value = 0;
3388 parse_onoff(&value);
3389 option->configure(value > 0);
3390}
3391
3392static void
3393dump_YesNoNone(StoreEntry * entry, const char *name, YesNoNone &option)
3394{
3395 if (option.configured())
3396 dump_onoff(entry, name, option ? 1 : 0);
3397}
3398
ea21d497
HN		 3399static void
3400free_memcachemode(SquidConfig * config)
3401{
3402 return;
3403}
3404
3405static void
3406parse_memcachemode(SquidConfig * config)
3407{
3408 char *token = strtok(NULL, w_space);
3409 if (!token)
e1381638 3410 self_destruct();
ea21d497 3411
10aeba1d 3412 if (strcmp(token, "always") == 0) {
e1381638
AJ		 3413 Config.onoff.memory_cache_first = 1;
3414 Config.onoff.memory_cache_disk = 1;
10aeba1d 3415 } else if (strcmp(token, "disk") == 0) {
e1381638
AJ		 3416 Config.onoff.memory_cache_first = 0;
3417 Config.onoff.memory_cache_disk = 1;
ea21d497 3418 } else if (strncmp(token, "net", 3) == 0) {
e1381638
AJ		 3419 Config.onoff.memory_cache_first = 1;
3420 Config.onoff.memory_cache_disk = 0;
10aeba1d 3421 } else if (strcmp(token, "never") == 0) {
e1381638
AJ		 3422 Config.onoff.memory_cache_first = 0;
3423 Config.onoff.memory_cache_disk = 0;
ea21d497 3424 } else
e1381638 3425 self_destruct();
ea21d497
HN		 3426}
3427
3428static void
3429dump_memcachemode(StoreEntry * entry, const char *name, SquidConfig &config)
3430{
3431 storeAppendPrintf(entry, "%s ", name);
3432 if (Config.onoff.memory_cache_first && Config.onoff.memory_cache_disk)
e1381638 3433 storeAppendPrintf(entry, "always");
ea21d497 3434 else if (!Config.onoff.memory_cache_first && Config.onoff.memory_cache_disk)
e1381638 3435 storeAppendPrintf(entry, "disk");
ea21d497 3436 else if (Config.onoff.memory_cache_first && !Config.onoff.memory_cache_disk)
e1381638 3437 storeAppendPrintf(entry, "network");
ea21d497 3438 else if (!Config.onoff.memory_cache_first && !Config.onoff.memory_cache_disk)
e1381638 3439 storeAppendPrintf(entry, "none");
ea21d497
HN		 3440 storeAppendPrintf(entry, "\n");
3441}
3442
cca8ba0d 3443#include "cf_parser.cci"
f1dc9b30 3444
3445peer_t
3446parseNeighborType(const char *s)
3447{
3448 if (!strcasecmp(s, "parent"))
62e76326 3449 return PEER_PARENT;
3450
f1dc9b30 3451 if (!strcasecmp(s, "neighbor"))
62e76326 3452 return PEER_SIBLING;
3453
f1dc9b30 3454 if (!strcasecmp(s, "neighbour"))
62e76326 3455 return PEER_SIBLING;
3456
f1dc9b30 3457 if (!strcasecmp(s, "sibling"))
62e76326 3458 return PEER_SIBLING;
3459
f1dc9b30 3460 if (!strcasecmp(s, "multicast"))
62e76326 3461 return PEER_MULTICAST;
3462
bf8fe701 3463 debugs(15, 0, "WARNING: Unknown neighbor type: " << s);
62e76326 3464
f1dc9b30 3465 return PEER_SIBLING;
3466}
f150dd4b 3467
0b0cfcf2 3468#if USE_WCCPv2
52f772de 3469static void
b7ac5457 3470parse_IpAddress_list(Ip::Address_list ** head)
52f772de 3471{
3472 char *token;
b7ac5457
AJ		 3473 Ip::Address_list *s;
3474 Ip::Address ipa;
62e76326 3475
52f772de 3476 while ((token = strtok(NULL, w_space))) {
82b7abe3
AJ		 3477 if (GetHostWithPort(token, &ipa)) {
3478
3479 while (*head)
3480 head = &(*head)->next;
3481
b7ac5457 3482 s = static_cast<Ip::Address_list *>(xcalloc(1, sizeof(*s)));
82b7abe3
AJ		 3483 s->s = ipa;
3484
3485 *head = s;
9d65168e 3486 } else
82b7abe3 3487 self_destruct();
7e3ce7b9 3488 }
3489}
3490
3491static void
b7ac5457 3492dump_IpAddress_list(StoreEntry * e, const char *n, const Ip::Address_list * s)
7e3ce7b9 3493{
cc192b50 3494 char ntoabuf[MAX_IPSTRLEN];
3495
7e3ce7b9 3496 while (s) {
cc192b50 3497 storeAppendPrintf(e, "%s %s\n",
62e76326 3498 n,
cc192b50 3499 s->s.NtoA(ntoabuf,MAX_IPSTRLEN));
62e76326 3500 s = s->next;
7e3ce7b9 3501 }
3502}
3503
3504static void
b7ac5457 3505free_IpAddress_list(Ip::Address_list ** head)
7e3ce7b9 3506{
26ac0430
AJ		 3507 if (*head) delete *head;
3508 *head = NULL;
7e3ce7b9 3509}
3510
0b0cfcf2 3511#if CURRENTLY_UNUSED
3512/* This code was previously used by http_port. Left as it really should
3513 * be used by icp_port and htcp_port
3514 */
7e3ce7b9 3515static int
b7ac5457 3516check_null_IpAddress_list(const Ip::Address_list * s)
7e3ce7b9 3517{
3518 return NULL == s;
3519}
62e76326 3520
3f38a55e 3521#endif /* CURRENTLY_UNUSED */
0b0cfcf2 3522#endif /* USE_WCCPv2 */
7e3ce7b9 3523
154dc884 3524CBDATA_CLASS_INIT(http_port_list);
3525
d193a436 3526static void
3f38a55e 3527parse_http_port_specification(http_port_list * s, char *token)
d193a436 3528{
3f38a55e 3529 char *host = NULL;
3f38a55e 3530 unsigned short port = 0;
cc192b50 3531 char *t = NULL;
3532 char *junk = NULL;
62e76326 3533
5529ca8a 3534 s->disable_pmtu_discovery = DISABLE_PMTU_OFF;
13adaf1f 3535 s->name = xstrdup(token);
d67acb4e 3536 s->connection_auth_disabled = false;
5529ca8a 3537
cc192b50 3538 if (*token == '[') {
3539 /* [ipv6]:port */
26ac0430
AJ		 3540 host = token + 1;
3541 t = strchr(host, ']');
3542 if (!t) {
cc192b50 3543 debugs(3, 0, "http(s)_port: missing ']' on IPv6 address: " << token);
26ac0430 3544 self_destruct();
cc192b50 3545 }
26ac0430
AJ		 3546 *t++ = '\0';
3547 if (*t != ':') {
cc192b50 3548 debugs(3, 0, "http(s)_port: missing Port in: " << token);
26ac0430 3549 self_destruct();
cc192b50 3550 }
055421ee
AJ		 3551 if (!Ip::EnableIpv6) {
3552 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: IPv6 is not available.");
26ac0430
AJ		 3553 self_destruct();
3554 }
055421ee
AJ		 3555 port = xatos(t + 1);
3556 } else if ((t = strchr(token, ':'))) {
3557 /* host:port */
3558 /* ipv4:port */
3559 host = token;
3560 *t = '\0';
3561 port = xatos(t + 1);
3562
3563 } else if ((port = strtol(token, &junk, 10)), !*junk) {
3564 /* port */
3565 debugs(3, 3, "http(s)_port: found Listen on Port: " << port);
3566 } else {
3567 debugs(3, 0, "http(s)_port: missing Port: " << token);
3568 self_destruct();
3569 }
62e76326 3570
cc192b50 3571 if (port == 0) {
3572 debugs(3, 0, "http(s)_port: Port cannot be 0: " << token);
0e656b69 3573 self_destruct();
cc192b50 3574 }
0e656b69 3575
cc192b50 3576 if (NULL == host) {
3577 s->s.SetAnyAddr();
3578 s->s.SetPort(port);
6df7ad56
AJ		 3579 if (!Ip::EnableIpv6)
3580 s->s.SetIPv4();
7e07ced1 3581 debugs(3, 3, "http(s)_port: found Listen on wildcard address: *:" << s->s.GetPort() );
c49d44e1 3582 } else if ( (s->s = host) ) { /* check/parse numeric IPA */
cc192b50 3583 s->s.SetPort(port);
6df7ad56
AJ		 3584 if (!Ip::EnableIpv6)
3585 s->s.SetIPv4();
cc192b50 3586 debugs(3, 3, "http(s)_port: Listen on Host/IP: " << host << " --> " << s->s);
26ac0430 3587 } else if ( s->s.GetHostByName(host) ) { /* check/parse for FQDN */
62e76326 3588 /* dont use ipcache */
62e76326 3589 s->defaultsite = xstrdup(host);
cc192b50 3590 s->s.SetPort(port);
6df7ad56
AJ		 3591 if (!Ip::EnableIpv6)
3592 s->s.SetIPv4();
cc192b50 3593 debugs(3, 3, "http(s)_port: found Listen as Host " << s->defaultsite << " on IP: " << s->s);
26ac0430 3594 } else {
cc192b50 3595 debugs(3, 0, "http(s)_port: failed to resolve Host/IP: " << host);
62e76326 3596 self_destruct();
cc192b50 3597 }
3f38a55e 3598}
3599
3600static void
3601parse_http_port_option(http_port_list * s, char *token)
3602{
c7b1dd5d
AJ		 3603 /* modes first */
3604
3605 if (strcmp(token, "accel") == 0) {
3606 if (s->intercepted || s->spoof_client_ip) {
3607 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: Accelerator mode requires its own port. It cannot be shared with other modes.");
3608 self_destruct();
3609 }
cf673853 3610 s->accel = s->vhost = 1;
c7b1dd5d
AJ		 3611 } else if (strcmp(token, "transparent") == 0 || strcmp(token, "intercept") == 0) {
3612 if (s->accel || s->spoof_client_ip) {
3613 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: Intercept mode requires its own interception port. It cannot be shared with other modes.");
3614 self_destruct();
3615 }
3616 s->intercepted = 1;
3617 Ip::Interceptor.StartInterception();
3618 /* Log information regarding the port modes under interception. */
3619 debugs(3, DBG_IMPORTANT, "Starting Authentication on port " << s->s);
3620 debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (interception enabled)");
3621
c7b1dd5d 3622 /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */
055421ee
AJ		 3623 if (Ip::EnableIpv6)
3624 debugs(3, DBG_IMPORTANT, "Disabling IPv6 on port " << s->s << " (interception enabled)");
c7b1dd5d 3625 if ( !s->s.SetIPv4() ) {
40d34a62 3626 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: IPv6 addresses cannot NAT intercept (protocol does not provide NAT)" << s->s );
c7b1dd5d
AJ		 3627 self_destruct();
3628 }
c7b1dd5d
AJ		 3629 } else if (strcmp(token, "tproxy") == 0) {
3630 if (s->intercepted || s->accel) {
3631 debugs(3,DBG_CRITICAL, "FATAL: http(s)_port: TPROXY option requires its own interception port. It cannot be shared with other modes.");
3632 self_destruct();
3633 }
3634 s->spoof_client_ip = 1;
3635 Ip::Interceptor.StartTransparency();
3636 /* Log information regarding the port modes under transparency. */
3637 debugs(3, DBG_IMPORTANT, "Starting IP Spoofing on port " << s->s);
3638 debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (IP spoofing enabled)");
3639
3640 if (!Ip::Interceptor.ProbeForTproxy(s->s)) {
3641 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: TPROXY support in the system does not work.");
3642 self_destruct();
3643 }
3644
3645 } else if (strncmp(token, "defaultsite=", 12) == 0) {
3646 if (!s->accel) {
3647 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: defaultsite option requires Acceleration mode flag.");
3648 self_destruct();
3649 }
62e76326 3650 safe_free(s->defaultsite);
3651 s->defaultsite = xstrdup(token + 12);
3f38a55e 3652 } else if (strcmp(token, "vhost") == 0) {
c7b1dd5d 3653 if (!s->accel) {
cf673853
AJ		 3654 debugs(3, DBG_CRITICAL, "WARNING: http(s)_port: vhost option is deprecated. Use 'accel' mode flag instead.");
3655 }
3656 s->accel = s->vhost = 1;
3657 } else if (strcmp(token, "no-vhost") == 0) {
3658 if (!s->accel) {
3659 debugs(3, DBG_IMPORTANT, "ERROR: http(s)_port: no-vhost option requires Acceleration mode flag.");
c7b1dd5d 3660 }
cf673853 3661 s->vhost = 0;
3f38a55e 3662 } else if (strcmp(token, "vport") == 0) {
c7b1dd5d
AJ		 3663 if (!s->accel) {
3664 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
3665 self_destruct();
3666 }
62e76326 3667 s->vport = -1;
3f38a55e 3668 } else if (strncmp(token, "vport=", 6) == 0) {
c7b1dd5d
AJ		 3669 if (!s->accel) {
3670 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
3671 self_destruct();
3672 }
0e656b69 3673 s->vport = xatos(token + 6);
3f38a55e 3674 } else if (strncmp(token, "protocol=", 9) == 0) {
c7b1dd5d
AJ		 3675 if (!s->accel) {
3676 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: protocol option requires Acceleration mode flag.");
3677 self_destruct();
3678 }
62e76326 3679 s->protocol = xstrdup(token + 9);
7f7bdd96 3680 } else if (strcmp(token, "allow-direct") == 0) {
c7b1dd5d 3681 if (!s->accel) {
90fa5816 3682 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: allow-direct option requires Acceleration mode flag.");
c7b1dd5d
AJ		 3683 self_destruct();
3684 }
7f7bdd96 3685 s->allow_direct = 1;
90fa5816
AJ		 3686 } else if (strcmp(token, "act-as-origin") == 0) {
3687 if (!s->accel) {
3688 debugs(3, DBG_IMPORTANT, "ERROR: http(s)_port: act-as-origin option requires Acceleration mode flag.");
3689 } else
3690 s->actAsOrigin = 1;
432bc83c 3691 } else if (strcmp(token, "ignore-cc") == 0) {
626096be 3692#if !USE_HTTP_VIOLATIONS
838daf3f 3693 if (!s->accel) {
c7b1dd5d 3694 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: ignore-cc option requires Scceleration mode flag.");
838daf3f
A		 3695 self_destruct();
3696 }
432bc83c 3697#endif
c7b1dd5d
AJ		 3698 s->ignore_cc = 1;
3699 } else if (strncmp(token, "name=", 5) == 0) {
3700 safe_free(s->name);
3701 s->name = xstrdup(token + 5);
d67acb4e
AJ		 3702 } else if (strcmp(token, "no-connection-auth") == 0) {
3703 s->connection_auth_disabled = true;
3704 } else if (strcmp(token, "connection-auth=off") == 0) {
26ac0430 3705 s->connection_auth_disabled = true;
d67acb4e 3706 } else if (strcmp(token, "connection-auth") == 0) {
26ac0430 3707 s->connection_auth_disabled = false;
d67acb4e 3708 } else if (strcmp(token, "connection-auth=on") == 0) {
26ac0430 3709 s->connection_auth_disabled = false;
5529ca8a 3710 } else if (strncmp(token, "disable-pmtu-discovery=", 23) == 0) {
3711 if (!strcasecmp(token + 23, "off"))
3712 s->disable_pmtu_discovery = DISABLE_PMTU_OFF;
3713 else if (!strcasecmp(token + 23, "transparent"))
3714 s->disable_pmtu_discovery = DISABLE_PMTU_TRANSPARENT;
3715 else if (!strcasecmp(token + 23, "always"))
3716 s->disable_pmtu_discovery = DISABLE_PMTU_ALWAYS;
3717 else
3718 self_destruct();
cc192b50 3719 } else if (strcmp(token, "ipv4") == 0) {
26ac0430 3720 if ( !s->s.SetIPv4() ) {
055421ee 3721 debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: IPv6 addresses cannot be used as IPv4-Only. " << s->s );
cc192b50 3722 self_destruct();
3723 }
26ac0430
AJ		 3724 } else if (strcmp(token, "tcpkeepalive") == 0) {
3725 s->tcp_keepalive.enabled = 1;
b2130d58 3726 } else if (strncmp(token, "tcpkeepalive=", 13) == 0) {
26ac0430
AJ		 3727 char *t = token + 13;
3728 s->tcp_keepalive.enabled = 1;
3729 s->tcp_keepalive.idle = atoi(t);
3730 t = strchr(t, ',');
3731 if (t) {
3732 t++;
3733 s->tcp_keepalive.interval = atoi(t);
3734 t = strchr(t, ',');
3735 }
3736 if (t) {
3737 t++;
3738 s->tcp_keepalive.timeout = atoi(t);
3739 t = strchr(t, ',');
3740 }
154dc884 3741#if USE_SSL
3a0c8eb5
AR		 3742 } else if (strcasecmp(token, "sslBump") == 0) {
3743 debugs(3, DBG_CRITICAL, "WARNING: '" << token << "' is deprecated " <<
9945bf3f 3744 "in http_port. Use 'ssl-bump' instead.");
3a0c8eb5
AR		 3745 s->sslBump = 1; // accelerated when bumped, otherwise not
3746 } else if (strcmp(token, "ssl-bump") == 0) {
c7b1dd5d 3747 s->sslBump = 1; // accelerated when bumped, otherwise not
154dc884 3748 } else if (strncmp(token, "cert=", 5) == 0) {
3749 safe_free(s->cert);
3750 s->cert = xstrdup(token + 5);
3751 } else if (strncmp(token, "key=", 4) == 0) {
3752 safe_free(s->key);
3753 s->key = xstrdup(token + 4);
3754 } else if (strncmp(token, "version=", 8) == 0) {
3755 s->version = xatoi(token + 8);
154dc884 3756 if (s->version < 1 || s->version > 4)
3757 self_destruct();
3758 } else if (strncmp(token, "options=", 8) == 0) {
3759 safe_free(s->options);
3760 s->options = xstrdup(token + 8);
3761 } else if (strncmp(token, "cipher=", 7) == 0) {
3762 safe_free(s->cipher);
3763 s->cipher = xstrdup(token + 7);
3764 } else if (strncmp(token, "clientca=", 9) == 0) {
3765 safe_free(s->clientca);
3766 s->clientca = xstrdup(token + 9);
3767 } else if (strncmp(token, "cafile=", 7) == 0) {
3768 safe_free(s->cafile);
3769 s->cafile = xstrdup(token + 7);
3770 } else if (strncmp(token, "capath=", 7) == 0) {
3771 safe_free(s->capath);
3772 s->capath = xstrdup(token + 7);
3773 } else if (strncmp(token, "crlfile=", 8) == 0) {
3774 safe_free(s->crlfile);
3775 s->crlfile = xstrdup(token + 8);
3776 } else if (strncmp(token, "dhparams=", 9) == 0) {
3777 safe_free(s->dhfile);
3778 s->dhfile = xstrdup(token + 9);
3779 } else if (strncmp(token, "sslflags=", 9) == 0) {
3780 safe_free(s->sslflags);
3781 s->sslflags = xstrdup(token + 9);
3782 } else if (strncmp(token, "sslcontext=", 11) == 0) {
95d2589c
CT		 3783 safe_free(s->sslContextSessionId);
3784 s->sslContextSessionId = xstrdup(token + 11);
3785 } else if (strcmp(token, "generate-host-certificates") == 0) {
3786 s->generateHostCertificates = true;
3787 } else if (strcmp(token, "generate-host-certificates=on") == 0) {
3788 s->generateHostCertificates = true;
3789 } else if (strcmp(token, "generate-host-certificates=off") == 0) {
3790 s->generateHostCertificates = false;
3791 } else if (strncmp(token, "dynamic_cert_mem_cache_size=", 28) == 0) {
3792 parseBytesOptionValue(&s->dynamicCertMemCacheSize, B_BYTES_STR, token + 28);
154dc884 3793#endif
3f38a55e 3794 } else {
62e76326 3795 self_destruct();
3f38a55e 3796 }
3797}
3798
3f38a55e 3799static http_port_list *
3800create_http_port(char *portspec)
3801{
154dc884 3802 http_port_list *s = new http_port_list("http");
3f38a55e 3803 parse_http_port_specification(s, portspec);
3804 return s;
3805}
3806
3807void
3808add_http_port(char *portspec)
3809{
3810 http_port_list *s = create_http_port(portspec);
7e07ced1
AJ		 3811 // we may need to merge better of the above returns a list with clones
3812 assert(s->next == NULL);
3f38a55e 3813 s->next = Config.Sockaddr.http;
3814 Config.Sockaddr.http = s;
3815}
3816
7e07ced1
AJ		 3817http_port_list *
3818clone_http_port_list(http_port_list *a)
3819{
3820 http_port_list *b = new http_port_list(a->protocol);
3821
3822 b->s = a->s;
3823 if (a->name)
3824 b->name = xstrdup(a->name);
3825 if (a->defaultsite)
3826 b->defaultsite = xstrdup(a->defaultsite);
3827
3828 b->intercepted = a->intercepted;
3829 b->spoof_client_ip = a->spoof_client_ip;
3830 b->accel = a->accel;
3831 b->allow_direct = a->allow_direct;
3832 b->vhost = a->vhost;
3833 b->sslBump = a->sslBump;
3834 b->vport = a->vport;
3835 b->connection_auth_disabled = a->connection_auth_disabled;
3836 b->disable_pmtu_discovery = a->disable_pmtu_discovery;
3837
3838 memcpy( &(b->tcp_keepalive), &(a->tcp_keepalive), sizeof(a->tcp_keepalive));
3839
3840#if 0
3841 // AYJ: 2009-07-18: for now SSL does not clone. Configure separate ports with IPs and SSL settings
3842
3843#if USE_SSL
3844 // XXX: temporary hack to ease move of SSL options to http_port
3845 http_port_list &http;
3846
3847 char *cert;
3848 char *key;
3849 int version;
3850 char *cipher;
3851 char *options;
3852 char *clientca;
3853 char *cafile;
3854 char *capath;
3855 char *crlfile;
3856 char *dhfile;
3857 char *sslflags;
95d2589c 3858 char *sslContextSessionId;
7e07ced1
AJ		 3859 SSL_CTX *sslContext;
3860#endif
3861
3862#endif /*0*/
3863
3864 return b;
3865}
7e07ced1 3866
3f38a55e 3867static void
3868parse_http_port_list(http_port_list ** head)
3869{
3870 char *token = strtok(NULL, w_space);
62e76326 3871
9eeb8e4b 3872 if (!token) {
62e76326 3873 self_destruct();
9eeb8e4b 3874 return;
3875 }
62e76326 3876
3f38a55e 3877 http_port_list *s = create_http_port(token);
62e76326 3878
3f38a55e 3879 /* parse options ... */
3880 while ((token = strtok(NULL, w_space))) {
62e76326 3881 parse_http_port_option(s, token);
3f38a55e 3882 }
62e76326 3883
055421ee 3884 if (Ip::EnableIpv6&IPV6_SPECIAL_SPLITSTACK && s->s.IsAnyAddr()) {
7e07ced1
AJ		 3885 // clone the port options from *s to *(s->next)
3886 s->next = clone_http_port_list(s);
3887 s->next->s.SetIPv4();
3888 debugs(3, 3, "http(s)_port: clone wildcard address for split-stack: " << s->s << " and " << s->next->s);
3889 }
7e07ced1 3890
3f38a55e 3891 while (*head)
62e76326 3892 head = &(*head)->next;
3893
3f38a55e 3894 *head = s;
3895}
3896
3897static void
3898dump_generic_http_port(StoreEntry * e, const char *n, const http_port_list * s)
3899{
cc192b50 3900 char buf[MAX_IPSTRLEN];
3901
3902 storeAppendPrintf(e, "%s %s",
62e76326 3903 n,
cc192b50 3904 s->s.ToURL(buf,MAX_IPSTRLEN));
62e76326 3905
df1b20e4 3906 // MODES and specific sub-options.
2ad20b4f
AJ		 3907 if (s->intercepted)
3908 storeAppendPrintf(e, " intercept");
62e76326 3909
df1b20e4 3910 else if (s->spoof_client_ip)
c7b1dd5d
AJ		 3911 storeAppendPrintf(e, " tproxy");
3912
df1b20e4 3913 else if (s->accel) {
c7b1dd5d
AJ		 3914 storeAppendPrintf(e, " accel");
3915
df1b20e4
AJ		 3916 if (s->vhost)
3917 storeAppendPrintf(e, " vhost");
62e76326 3918
df1b20e4
AJ		 3919 if (s->vport < 0)
3920 storeAppendPrintf(e, " vport");
3921 else if (s->vport > 0)
3922 storeAppendPrintf(e, " vport=%d", s->vport);
5529ca8a 3923
df1b20e4
AJ		 3924 if (s->defaultsite)
3925 storeAppendPrintf(e, " defaultsite=%s", s->defaultsite);
3926
3927 if (s->protocol && strcmp(s->protocol,"http") != 0)
3928 storeAppendPrintf(e, " protocol=%s", s->protocol);
3929
3930 if (s->allow_direct)
3931 storeAppendPrintf(e, " allow-direct");
3932
3933 if (s->ignore_cc)
3934 storeAppendPrintf(e, " ignore-cc");
3935
3936 }
3937
3938 // Generic independent options
3939
3940 if (s->name)
3941 storeAppendPrintf(e, " name=%s", s->name);
3942
33e701f3 3943#if USE_HTTP_VIOLATIONS
df1b20e4
AJ		 3944 if (!s->accel && s->ignore_cc)
3945 storeAppendPrintf(e, " ignore-cc");
3946#endif
c7b1dd5d 3947
d67acb4e
AJ		 3948 if (s->connection_auth_disabled)
3949 storeAppendPrintf(e, " connection-auth=off");
3950 else
3951 storeAppendPrintf(e, " connection-auth=on");
3952
5529ca8a 3953 if (s->disable_pmtu_discovery != DISABLE_PMTU_OFF) {
3954 const char *pmtu;
3955
3956 if (s->disable_pmtu_discovery == DISABLE_PMTU_ALWAYS)
3957 pmtu = "always";
3958 else
3959 pmtu = "transparent";
3960
3961 storeAppendPrintf(e, " disable-pmtu-discovery=%s", pmtu);
3962 }
b2130d58 3963
df1b20e4
AJ		 3964 if (s->s.IsAnyAddr() && !s->s.IsIPv6())
3965 storeAppendPrintf(e, " ipv4");
3966
b2130d58 3967 if (s->tcp_keepalive.enabled) {
26ac0430 3968 if (s->tcp_keepalive.idle || s->tcp_keepalive.interval || s->tcp_keepalive.timeout) {
68924b6d 3969 storeAppendPrintf(e, " tcpkeepalive=%d,%d,%d", s->tcp_keepalive.idle, s->tcp_keepalive.interval, s->tcp_keepalive.timeout);
26ac0430 3970 } else {
68924b6d 3971 storeAppendPrintf(e, " tcpkeepalive");
26ac0430 3972 }
b2130d58 3973 }
154dc884 3974
3975#if USE_SSL
c7b1dd5d 3976 if (s->sslBump)
df1b20e4 3977 storeAppendPrintf(e, " ssl-bump");
c7b1dd5d 3978
26ac0430
AJ		 3979 if (s->cert)
3980 storeAppendPrintf(e, " cert=%s", s->cert);
154dc884 3981
26ac0430
AJ		 3982 if (s->key)
3983 storeAppendPrintf(e, " key=%s", s->key);
154dc884 3984
26ac0430
AJ		 3985 if (s->version)
3986 storeAppendPrintf(e, " version=%d", s->version);
154dc884 3987
26ac0430
AJ		 3988 if (s->options)
3989 storeAppendPrintf(e, " options=%s", s->options);
154dc884 3990
26ac0430
AJ		 3991 if (s->cipher)
3992 storeAppendPrintf(e, " cipher=%s", s->cipher);
154dc884 3993
26ac0430
AJ		 3994 if (s->cafile)
3995 storeAppendPrintf(e, " cafile=%s", s->cafile);
154dc884 3996
26ac0430
AJ		 3997 if (s->capath)
3998 storeAppendPrintf(e, " capath=%s", s->capath);
154dc884 3999
26ac0430
AJ		 4000 if (s->crlfile)
4001 storeAppendPrintf(e, " crlfile=%s", s->crlfile);
154dc884 4002
26ac0430
AJ		 4003 if (s->dhfile)
4004 storeAppendPrintf(e, " dhparams=%s", s->dhfile);
154dc884 4005
26ac0430
AJ		 4006 if (s->sslflags)
4007 storeAppendPrintf(e, " sslflags=%s", s->sslflags);
154dc884 4008
95d2589c
CT		 4009 if (s->sslContextSessionId)
4010 storeAppendPrintf(e, " sslcontext=%s", s->sslContextSessionId);
4011
4012 if (s->generateHostCertificates)
4013 storeAppendPrintf(e, " generate-host-certificates");
4014
4015 if (s->dynamicCertMemCacheSize != std::numeric_limits<size_t>::max())
4016 storeAppendPrintf(e, "dynamic_cert_mem_cache_size=%lu%s\n", (unsigned long)s->dynamicCertMemCacheSize, B_BYTES_STR);
154dc884 4017#endif
3f38a55e 4018}
62e76326 4019
3f38a55e 4020static void
4021dump_http_port_list(StoreEntry * e, const char *n, const http_port_list * s)
4022{
4023 while (s) {
62e76326 4024 dump_generic_http_port(e, n, s);
4025 storeAppendPrintf(e, "\n");
4026 s = s->next;
3f38a55e 4027 }
4028}
4029
4030static void
4031free_http_port_list(http_port_list ** head)
4032{
4033 http_port_list *s;
62e76326 4034
3f38a55e 4035 while ((s = *head) != NULL) {
62e76326 4036 *head = s->next;
154dc884 4037 delete s;
3f38a55e 4038 }
4039}
4040
3f38a55e 4041#if USE_SSL
3f38a55e 4042
154dc884 4043// TODO: merge better with parse_http_port_list
3f38a55e 4044static void
4045parse_https_port_list(https_port_list ** head)
4046{
3f38a55e 4047 char *token;
4048 https_port_list *s;
154dc884 4049
3f38a55e 4050 token = strtok(NULL, w_space);
62e76326 4051
3f38a55e 4052 if (!token)
62e76326 4053 self_destruct();
4054
154dc884 4055 s = new https_port_list;
3f38a55e 4056 parse_http_port_specification(&s->http, token);
62e76326 4057
d193a436 4058 /* parse options ... */
4059 while ((token = strtok(NULL, w_space))) {
154dc884 4060 parse_http_port_option(s, token);
d193a436 4061 }
62e76326 4062
4090b8be
AR		 4063 /* ssl-bump requires either tproxy or intercepted, and vice versa */
4064 const bool hijacked = s->spoof_client_ip || s->intercepted;
4065 if (s->sslBump && !hijacked) {
4066 debugs(3, DBG_CRITICAL, "FATAL: ssl-bump on https_port requires tproxy/intercepted which is missing.");
379e8c1c
AR		 4067 self_destruct();
4068 }
4090b8be
AR		 4069 if (hijacked && !s->sslBump) {
4070 debugs(3, DBG_CRITICAL, "FATAL: tproxy/intercepted on https_port requires ssl-bump which is missing.");
379e8c1c
AR		 4071 self_destruct();
4072 }
4073
8abf232c 4074 while (*head) {
4075 http_port_list ** headTmp = &(*head)->http.next;
4076 head = (https_port_list **)headTmp;
4077 }
62e76326 4078
d193a436 4079 *head = s;
4080}
4081
4082static void
4083dump_https_port_list(StoreEntry * e, const char *n, const https_port_list * s)
4084{
154dc884 4085 dump_http_port_list(e, n, s);
d193a436 4086}
4087
4088static void
4089free_https_port_list(https_port_list ** head)
4090{
154dc884 4091 free_http_port_list((http_port_list**)head);
d193a436 4092}
4093
4094#if 0
4095static int
4096check_null_https_port_list(const https_port_list * s)
4097{
4098 return NULL == s;
4099}
62e76326 4100
d193a436 4101#endif
4102
4103#endif /* USE_SSL */
4104
f150dd4b 4105void
4106configFreeMemory(void)
4107{
23ff6968 4108 free_all();
29bf4910
CT		 4109#if USE_SSL
4110 SSL_CTX_free(Config.ssl_client.sslContext);
4111#endif
f150dd4b 4112}
f0b19334 4113
94439e4e 4114void
f0b19334 4115requirePathnameExists(const char *name, const char *path)
4116{
62e76326 4117
f0b19334 4118 struct stat sb;
08577e16 4119 char pathbuf[BUFSIZ];
f0b19334 4120 assert(path != NULL);
62e76326 4121
0b796acd 4122 if (Config.chroot_dir && (geteuid() == 0)) {
62e76326 4123 snprintf(pathbuf, BUFSIZ, "%s/%s", Config.chroot_dir, path);
4124 path = pathbuf;
08577e16 4125 }
62e76326 4126
a572d8be 4127 if (stat(path, &sb) < 0) {
a32a190b
AJ		 4128 debugs(0, DBG_CRITICAL, (opt_parse_cfg_only?"FATAL ":"") << "ERROR: " << name << " " << path << ": " << xstrerror());
4129 // keep going to find more issues if we are only checking the config file with "-k parse"
4130 if (opt_parse_cfg_only)
4131 return;
4132 // this is fatal if it is found during startup or reconfigure
a572d8be 4133 if (opt_send_signal == -1 || opt_send_signal == SIGHUP)
4134 fatalf("%s %s: %s", name, path, xstrerror());
a572d8be 4135 }
f0b19334 4136}
d860a1aa 4137
4138char *
4139strtokFile(void)
4140{
d295d770 4141 return ConfigParser::strtokFile();
d860a1aa 4142}
7684c4b1 4143
450e0c10 4144#include "AccessLogEntry.h"
7684c4b1 4145
4146static void
4147parse_access_log(customlog ** logs)
4148{
4149 const char *filename, *logdef_name;
7684c4b1 4150
38e16f92 4151 customlog *cl = (customlog *)xcalloc(1, sizeof(*cl));
7684c4b1 4152
9eeb8e4b 4153 if ((filename = strtok(NULL, w_space)) == NULL) {
7684c4b1 4154 self_destruct();
9eeb8e4b 4155 return;
4156 }
7684c4b1 4157
4158 if (strcmp(filename, "none") == 0) {
20efa1c2 4159 cl->type = Log::Format::CLF_NONE;
6375a714
AJ		 4160 aclParseAclList(LegacyParser, &cl->aclList);
4161 while (*logs)
4162 logs = &(*logs)->next;
4163 *logs = cl;
4164 return;
7684c4b1 4165 }
4166
4167 if ((logdef_name = strtok(NULL, w_space)) == NULL)
20efa1c2 4168 logdef_name = "squid";
7684c4b1 4169
bf8fe701 4170 debugs(3, 9, "Log definition name '" << logdef_name << "' file '" << filename << "'");
7684c4b1 4171
4172 cl->filename = xstrdup(filename);
4173
4174 /* look for the definition pointer corresponding to this name */
38e16f92 4175 Format::Format *lf = Log::TheConfig.logformats;
7684c4b1 4176
4177 while (lf != NULL) {
bf8fe701 4178 debugs(3, 9, "Comparing against '" << lf->name << "'");
7684c4b1 4179
4180 if (strcmp(lf->name, logdef_name) == 0)
4181 break;
4182
4183 lf = lf->next;
4184 }
4185
4186 if (lf != NULL) {
20efa1c2 4187 cl->type = Log::Format::CLF_CUSTOM;
7684c4b1 4188 cl->logFormat = lf;
4189 } else if (strcmp(logdef_name, "auto") == 0) {
20efa1c2
AJ		 4190 debugs(0,0, "WARNING: Log format 'auto' no longer exists. Using 'squid' instead.");
4191 cl->type = Log::Format::CLF_SQUID;
7684c4b1 4192 } else if (strcmp(logdef_name, "squid") == 0) {
20efa1c2 4193 cl->type = Log::Format::CLF_SQUID;
7684c4b1 4194 } else if (strcmp(logdef_name, "common") == 0) {
20efa1c2
AJ		 4195 cl->type = Log::Format::CLF_COMMON;
4196 } else if (strcmp(logdef_name, "combined") == 0) {
4197 cl->type = Log::Format::CLF_COMBINED;
3ff65596
AR		 4198#if ICAP_CLIENT
4199 } else if (strcmp(logdef_name, "icap_squid") == 0) {
20efa1c2 4200 cl->type = Log::Format::CLF_ICAP_SQUID;
3ff65596 4201#endif
20efa1c2
AJ		 4202 } else if (strcmp(logdef_name, "useragent") == 0) {
4203 cl->type = Log::Format::CLF_USERAGENT;
4204 } else if (strcmp(logdef_name, "referrer") == 0) {
4205 cl->type = Log::Format::CLF_REFERER;
7684c4b1 4206 } else {
bf8fe701 4207 debugs(3, 0, "Log format '" << logdef_name << "' is not defined");
7684c4b1 4208 self_destruct();
9eeb8e4b 4209 return;
7684c4b1 4210 }
4211
a9f20260 4212 aclParseAclList(LegacyParser, &cl->aclList);
7684c4b1 4213
4214 while (*logs)
4215 logs = &(*logs)->next;
4216
4217 *logs = cl;
4218}
4219
d64bef4c 4220static int
4221check_null_access_log(customlog *customlog_definitions)
4222{
4223 return customlog_definitions == NULL;
4224}
4225
7684c4b1 4226static void
4227dump_access_log(StoreEntry * entry, const char *name, customlog * logs)
4228{
4229 customlog *log;
4230
4231 for (log = logs; log; log = log->next) {
4232 storeAppendPrintf(entry, "%s ", name);
4233
4234 switch (log->type) {
4235
20efa1c2 4236 case Log::Format::CLF_CUSTOM:
7684c4b1 4237 storeAppendPrintf(entry, "%s %s", log->filename, log->logFormat->name);
4238 break;
4239
20efa1c2 4240 case Log::Format::CLF_NONE:
7684c4b1 4241 storeAppendPrintf(entry, "none");
4242 break;
4243
20efa1c2 4244 case Log::Format::CLF_SQUID:
7684c4b1 4245 storeAppendPrintf(entry, "%s squid", log->filename);
4246 break;
4247
20efa1c2
AJ		 4248 case Log::Format::CLF_COMBINED:
4249 storeAppendPrintf(entry, "%s combined", log->filename);
4250 break;
4251
4252 case Log::Format::CLF_COMMON:
4253 storeAppendPrintf(entry, "%s common", log->filename);
7684c4b1 4254 break;
20efa1c2 4255
3ff65596 4256#if ICAP_CLIENT
20efa1c2 4257 case Log::Format::CLF_ICAP_SQUID:
3ff65596
AR		 4258 storeAppendPrintf(entry, "%s icap_squid", log->filename);
4259 break;
4260#endif
20efa1c2
AJ		 4261 case Log::Format::CLF_USERAGENT:
4262 storeAppendPrintf(entry, "%s useragent", log->filename);
4263 break;
7684c4b1 4264
20efa1c2
AJ		 4265 case Log::Format::CLF_REFERER:
4266 storeAppendPrintf(entry, "%s referrer", log->filename);
7684c4b1 4267 break;
4268
20efa1c2 4269 case Log::Format::CLF_UNKNOWN:
7684c4b1 4270 break;
4271 }
4272
4273 if (log->aclList)
4274 dump_acl_list(entry, log->aclList);
4275
4276 storeAppendPrintf(entry, "\n");
4277 }
4278}
4279
7684c4b1 4280static void
4281free_access_log(customlog ** definitions)
4282{
4283 while (*definitions) {
4284 customlog *log = *definitions;
4285 *definitions = log->next;
4286
4287 log->logFormat = NULL;
20efa1c2 4288 log->type = Log::Format::CLF_UNKNOWN;
7684c4b1 4289
4290 if (log->aclList)
4291 aclDestroyAclList(&log->aclList);
4292
4293 safe_free(log->filename);
4294
4295 xfree(log);
4296 }
4297}
3a69ddf3 4298
96c2bb61
AR		 4299/// parses list of integers form name=N1,N2,N3,...
4300static bool
4301parseNamedIntList(const char *data, const String &name, Vector<int> &list)
4302{
4303 if (data && (strncmp(data, name.rawBuf(), name.size()) == 0)) {
4304 data += name.size();
4305 if (*data == '=') {
4306 while (true) {
4307 ++data;
4308 int value = 0;
4309 if (!StringToInt(data, value, &data, 10))
4310 break;
4311 list.push_back(value);
4312 if (*data == '\0' || *data != ',')
4313 break;
4314 }
4315 }
4316 }
cff99cec 4317 return data && *data == '\0';
96c2bb61
AR		 4318}
4319
4320static void
212af65c
A		 4321parse_CpuAffinityMap(CpuAffinityMap **const cpuAffinityMap)
4322{
96c2bb61
AR		 4323#if !HAVE_CPU_AFFINITY
4324 debugs(3, DBG_CRITICAL, "FATAL: Squid built with no CPU affinity " <<
4325 "support, do not set 'cpu_affinity_map'");
4326 self_destruct();
4327#endif /* HAVE_CPU_AFFINITY */
4328
4329 if (!*cpuAffinityMap)
4330 *cpuAffinityMap = new CpuAffinityMap;
4331
4332 const char *const pToken = strtok(NULL, w_space);
4333 const char *const cToken = strtok(NULL, w_space);
4334 Vector<int> processes, cores;
4335 if (!parseNamedIntList(pToken, "process_numbers", processes)) {
4336 debugs(3, DBG_CRITICAL, "FATAL: bad 'process_numbers' parameter " <<
4337 "in 'cpu_affinity_map'");
4338 self_destruct();
4339 } else if (!parseNamedIntList(cToken, "cores", cores)) {
4340 debugs(3, DBG_CRITICAL, "FATAL: bad 'cores' parameter in " <<
4341 "'cpu_affinity_map'");
4342 self_destruct();
4343 } else if (!(*cpuAffinityMap)->add(processes, cores)) {
4344 debugs(3, DBG_CRITICAL, "FATAL: bad 'cpu_affinity_map'; " <<
4345 "process_numbers and cores lists differ in length or " <<
4346 "contain numbers <= 0");
4347 self_destruct();
4348 }
4349}
4350
4351static void
212af65c
A		 4352dump_CpuAffinityMap(StoreEntry *const entry, const char *const name, const CpuAffinityMap *const cpuAffinityMap)
4353{
96c2bb61
AR		 4354 if (cpuAffinityMap) {
4355 storeAppendPrintf(entry, "%s process_numbers=", name);
4356 for (size_t i = 0; i < cpuAffinityMap->processes().size(); ++i) {
4357 storeAppendPrintf(entry, "%s%i", (i ? "," : ""),
4358 cpuAffinityMap->processes()[i]);
4359 }
4360 storeAppendPrintf(entry, " cores=");
4361 for (size_t i = 0; i < cpuAffinityMap->processes().size(); ++i) {
4362 storeAppendPrintf(entry, "%s%i", (i ? "," : ""),
4363 cpuAffinityMap->cores()[i]);
4364 }
4365 storeAppendPrintf(entry, "\n");
4366 }
4367}
4368
4369static void
212af65c
A		 4370free_CpuAffinityMap(CpuAffinityMap **const cpuAffinityMap)
4371{
96c2bb61
AR		 4372 delete *cpuAffinityMap;
4373 *cpuAffinityMap = NULL;
4374}
4375
62c7f90e
AR		 4376#if USE_ADAPTATION
4377
4378static void
4379parse_adaptation_service_set_type()
4380{
4381 Adaptation::Config::ParseServiceSet();
4382}
4383
a22e6cd3
AR		 4384static void
4385parse_adaptation_service_chain_type()
4386{
4387 Adaptation::Config::ParseServiceChain();
4388}
4389
62c7f90e
AR		 4390static void
4391parse_adaptation_access_type()
4392{
4393 Adaptation::Config::ParseAccess(LegacyParser);
4394}
4395
71be37e0
CT		 4396static void
4397parse_adaptation_meta_type(Adaptation::Config::MetaHeaders *)
4398{
4399 Adaptation::Config::ParseMetaHeader(LegacyParser);
4400}
4401
4402static void
4403dump_adaptation_meta_type(StoreEntry *entry, const char *name, Adaptation::Config::MetaHeaders &)
4404{
4405 Adaptation::Config::DumpMetaHeader(entry, name);
4406}
4407
4408static void
4409free_adaptation_meta_type(Adaptation::Config::MetaHeaders *)
4410{
4411 // Nothing to do, it is released inside Adaptation::Config::freeService()
4412}
62c7f90e
AR		 4413#endif /* USE_ADAPTATION */
4414
4415
3a69ddf3 4416#if ICAP_CLIENT
4417
4418static void
26cc52cb 4419parse_icap_service_type(Adaptation::Icap::Config * cfg)
3a69ddf3 4420{
462e63d3 4421 cfg->parseService();
3a69ddf3 4422}
4423
4424static void
26cc52cb 4425free_icap_service_type(Adaptation::Icap::Config * cfg)
3a69ddf3 4426{
462e63d3 4427 cfg->freeService();
3a69ddf3 4428}
4429
4430static void
26cc52cb 4431dump_icap_service_type(StoreEntry * entry, const char *name, const Adaptation::Icap::Config &cfg)
3a69ddf3 4432{
462e63d3 4433 cfg.dumpService(entry, name);
3a69ddf3 4434}
4435
4436static void
c939dc70 4437parse_icap_class_type()
3a69ddf3 4438{
62c7f90e 4439 debugs(93, 0, "WARNING: 'icap_class' is depricated. " <<
26ac0430 4440 "Use 'adaptation_service_set' instead");
62c7f90e 4441 Adaptation::Config::ParseServiceSet();
3a69ddf3 4442}
4443
3a69ddf3 4444static void
c939dc70 4445parse_icap_access_type()
3a69ddf3 4446{
62c7f90e 4447 debugs(93, 0, "WARNING: 'icap_access' is depricated. " <<
26ac0430 4448 "Use 'adaptation_access' instead");
21a26d31 4449 Adaptation::Config::ParseAccess(LegacyParser);
3a69ddf3 4450}
4451
3a69ddf3 4452#endif
21a26d31
AR		 4453
4454
4455#if USE_ECAP
4456
4457static void
574b508c 4458parse_ecap_service_type(Adaptation::Ecap::Config * cfg)
21a26d31
AR		 4459{
4460 cfg->parseService();
4461}
4462
4463static void
574b508c 4464free_ecap_service_type(Adaptation::Ecap::Config * cfg)
21a26d31
AR		 4465{
4466 cfg->freeService();
4467}
4468
4469static void
574b508c 4470dump_ecap_service_type(StoreEntry * entry, const char *name, const Adaptation::Ecap::Config &cfg)
21a26d31
AR		 4471{
4472 cfg.dumpService(entry, name);
4473}
4474
4475#endif /* USE_ECAP */
8277060a
CT		 4476
4477#if ICAP_CLIENT
4478static void parse_icap_service_failure_limit(Adaptation::Icap::Config *cfg)
4479{
4480 char *token;
4481 time_t d;
4482 time_t m;
4483 cfg->service_failure_limit = GetInteger();
4484
4485 if ((token = strtok(NULL, w_space)) == NULL)
4486 return;
4487
4488 if (strcmp(token,"in") != 0) {
4489 debugs(3, 0, "expecting 'in' on'" << config_input_line << "'");
4490 self_destruct();
4491 }
4492
4493 if ((token = strtok(NULL, w_space)) == NULL) {
4494 self_destruct();
4495 }
4496
4497 d = static_cast<time_t> (xatoi(token));
a459e80a 4498
8277060a
CT		 4499 m = static_cast<time_t> (1);
4500
4501 if (0 == d)
4502 (void) 0;
4503 else if ((token = strtok(NULL, w_space)) == NULL) {
4504 debugs(3, 0, "No time-units on '" << config_input_line << "'");
4505 self_destruct();
9b741834 4506 } else if ((m = parseTimeUnits(token, false)) == 0)
8277060a
CT		 4507 self_destruct();
4508
4509 cfg->oldest_service_failure = (m * d);
4510}
4511
4512static void dump_icap_service_failure_limit(StoreEntry *entry, const char *name, const Adaptation::Icap::Config &cfg)
4513{
4514 storeAppendPrintf(entry, "%s %d", name, cfg.service_failure_limit);
4515 if (cfg.oldest_service_failure > 0) {
4516 storeAppendPrintf(entry, " in %d seconds", (int)cfg.oldest_service_failure);
4517 }
4518 storeAppendPrintf(entry, "\n");
4519}
4520
4521static void free_icap_service_failure_limit(Adaptation::Icap::Config *cfg)
4522{
4523 cfg->oldest_service_failure = 0;
4524 cfg->service_failure_limit = 0;
4525}
4526
fb2178bb
CT		 4527#if USE_SSL
4528static void parse_sslproxy_cert_adapt(sslproxy_cert_adapt **cert_adapt)
4529{
4530 char *al;
4531 sslproxy_cert_adapt *ca = (sslproxy_cert_adapt *) xcalloc(1, sizeof(sslproxy_cert_adapt));
4532 if ((al = strtok(NULL, w_space)) == NULL) {
4533 self_destruct();
4534 return;
4535 }
4536
4537 const char *param;
4538 if ( char *s = strchr(al, '{')) {
4539 *s = '\0'; // terminate the al string
4540 s++;
4541 param = s;
4542 s = strchr(s, '}');
4543 if (!s) {
4544 self_destruct();
4545 return;
4546 }
4547 *s = '\0';
4548 }
4549 else
4550 param = NULL;
4551
4552 if (strcmp(al, Ssl::CertAdaptAlgorithmStr[Ssl::algSetValidAfter]) == 0) {
4553 ca->alg = Ssl::algSetValidAfter;
4554 ca->param = strdup("on");
4555 }
4556 else if (strcmp(al, Ssl::CertAdaptAlgorithmStr[Ssl::algSetValidBefore]) == 0) {
4557 ca->alg = Ssl::algSetValidBefore;
4558 ca->param = strdup("on");
4559 }
4560 else if (strcmp(al, Ssl::CertAdaptAlgorithmStr[Ssl::algSetCommonName]) == 0) {
4561 ca->alg = Ssl::algSetCommonName;
4562 if (param) {
4563 ca->param = strdup(param);
4564 }
4565 } else {
4566 debugs(3, DBG_CRITICAL, "FATAL: sslproxy_cert_adapt: unknown cert adaptation algorithm: " << al);
4567 self_destruct();
4568 return;
4569 }
4570
4571 aclParseAclList(LegacyParser, &ca->aclList);
4572
4573 while(*cert_adapt)
4574 cert_adapt = &(*cert_adapt)->next;
4575
4576 *cert_adapt = ca;
4577}
4578
4579static void dump_sslproxy_cert_adapt(StoreEntry *entry, const char *name, sslproxy_cert_adapt *cert_adapt)
4580{
4581 for (sslproxy_cert_adapt *ca = cert_adapt; ca != NULL; ca = ca->next) {
4582 storeAppendPrintf(entry, "%s ", name);
4583 storeAppendPrintf(entry, "%s{%s} ", Ssl::sslCertAdaptAlgoritm(ca->alg), ca->param);
4584 if (ca->aclList)
4585 dump_acl_list(entry, ca->aclList);
4586 storeAppendPrintf(entry, "\n");
4587 }
4588}
4589
4590static void free_sslproxy_cert_adapt(sslproxy_cert_adapt **cert_adapt)
4591{
4592 while(*cert_adapt) {
4593 sslproxy_cert_adapt *ca = *cert_adapt;
4594 *cert_adapt = ca->next;
4595 safe_free(ca->param);
4596
4597 if (ca->aclList)
4598 aclDestroyAclList(&ca->aclList);
4599
4600 safe_free(ca);
4601 }
4602}
4603#endif
4604
8277060a 4605#endif
Mirror of https://github.com/squid-cache/squid.git