]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright (C) 1996-2020 The Squid Software Foundation and contributors | |
3 | * | |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
9 | #ifndef SQUID_SQUIDCONFIG_H_ | |
10 | #define SQUID_SQUIDCONFIG_H_ | |
11 | ||
12 | #include "acl/forward.h" | |
13 | #include "base/RefCount.h" | |
14 | #include "base/YesNoNone.h" | |
15 | #if USE_DELAY_POOLS | |
16 | #include "ClientDelayConfig.h" | |
17 | #include "DelayConfig.h" | |
18 | #endif | |
19 | #include "helper/ChildConfig.h" | |
20 | #include "HttpHeaderTools.h" | |
21 | #include "ip/Address.h" | |
22 | #if USE_DELAY_POOLS | |
23 | #include "MessageDelayPools.h" | |
24 | #endif | |
25 | #include "Notes.h" | |
26 | #include "security/forward.h" | |
27 | #include "SquidTime.h" | |
28 | #if USE_OPENSSL | |
29 | #include "ssl/support.h" | |
30 | #endif | |
31 | #include "store/Disk.h" | |
32 | #include "store/forward.h" | |
33 | ||
34 | #if USE_OPENSSL | |
35 | class sslproxy_cert_sign; | |
36 | class sslproxy_cert_adapt; | |
37 | #endif | |
38 | ||
39 | namespace Mgr | |
40 | { | |
41 | class ActionPasswordList; | |
42 | } // namespace Mgr | |
43 | class CachePeer; | |
44 | class CustomLog; | |
45 | class CpuAffinityMap; | |
46 | class external_acl; | |
47 | class HeaderManglers; | |
48 | class RefreshPattern; | |
49 | class RemovalPolicySettings; | |
50 | ||
51 | namespace AnyP | |
52 | { | |
53 | class PortCfg; | |
54 | } | |
55 | ||
56 | namespace Store { | |
57 | class DiskConfig { | |
58 | public: | |
59 | DiskConfig() { assert(swapDirs == nullptr); } | |
60 | ~DiskConfig() { delete[] swapDirs; } | |
61 | ||
62 | RefCount<SwapDir> *swapDirs = nullptr; | |
63 | int n_allocated = 0; | |
64 | int n_configured = 0; | |
65 | /// number of disk processes required to support all cache_dirs | |
66 | int n_strands = 0; | |
67 | }; | |
68 | #define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw()) | |
69 | } | |
70 | ||
71 | /// the representation of the configuration. POD. | |
72 | class SquidConfig | |
73 | { | |
74 | public: | |
75 | struct { | |
76 | /* These should be for the Store::Root instance. | |
77 | * this needs pluggable parsing to be done smoothly. | |
78 | */ | |
79 | int highWaterMark; | |
80 | int lowWaterMark; | |
81 | } Swap; | |
82 | ||
83 | YesNoNone memShared; ///< whether the memory cache is shared among workers | |
84 | YesNoNone shmLocking; ///< shared_memory_locking | |
85 | size_t memMaxSize; | |
86 | ||
87 | struct { | |
88 | int64_t min; | |
89 | int pct; | |
90 | int64_t max; | |
91 | } quickAbort; | |
92 | int64_t readAheadGap; | |
93 | RemovalPolicySettings *replPolicy; | |
94 | RemovalPolicySettings *memPolicy; | |
95 | #if USE_HTTP_VIOLATIONS | |
96 | time_t negativeTtl; | |
97 | #endif | |
98 | time_t maxStale; | |
99 | time_t negativeDnsTtl; | |
100 | time_t positiveDnsTtl; | |
101 | time_t shutdownLifetime; | |
102 | time_t backgroundPingRate; | |
103 | time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay | |
104 | ||
105 | struct { | |
106 | time_t read; | |
107 | time_t write; | |
108 | time_t lifetime; | |
109 | time_t connect; | |
110 | time_t forward; | |
111 | time_t peer_connect; | |
112 | time_t request; | |
113 | time_t clientIdlePconn; | |
114 | time_t serverIdlePconn; | |
115 | time_t ftpClientIdle; | |
116 | time_t pconnLifetime; ///< pconn_lifetime in squid.conf | |
117 | time_t siteSelect; | |
118 | time_t deadPeer; | |
119 | time_t request_start_timeout; | |
120 | int icp_query; /* msec */ | |
121 | int icp_query_max; /* msec */ | |
122 | int icp_query_min; /* msec */ | |
123 | int mcast_icp_query; /* msec */ | |
124 | time_msec_t idns_retransmit; | |
125 | time_msec_t idns_query; | |
126 | time_t urlRewrite; | |
127 | } Timeout; | |
128 | size_t maxRequestHeaderSize; | |
129 | int64_t maxRequestBodySize; | |
130 | size_t maxRequestBufferSize; | |
131 | size_t maxReplyHeaderSize; | |
132 | AclSizeLimit *ReplyBodySize; | |
133 | ||
134 | struct { | |
135 | unsigned short icp; | |
136 | #if USE_HTCP | |
137 | ||
138 | unsigned short htcp; | |
139 | #endif | |
140 | #if SQUID_SNMP | |
141 | ||
142 | unsigned short snmp; | |
143 | #endif | |
144 | } Port; | |
145 | ||
146 | #if SQUID_SNMP | |
147 | ||
148 | struct { | |
149 | char *configFile; | |
150 | char *agentInfo; | |
151 | } Snmp; | |
152 | #endif | |
153 | #if USE_WCCP | |
154 | ||
155 | struct { | |
156 | Ip::Address router; | |
157 | Ip::Address address; | |
158 | int version; | |
159 | } Wccp; | |
160 | #endif | |
161 | #if USE_WCCPv2 | |
162 | ||
163 | struct { | |
164 | Ip::Address_list *router; | |
165 | Ip::Address address; | |
166 | int forwarding_method; | |
167 | int return_method; | |
168 | int assignment_method; | |
169 | int weight; | |
170 | int rebuildwait; | |
171 | void *info; | |
172 | } Wccp2; | |
173 | #endif | |
174 | ||
175 | char *as_whois_server; | |
176 | ||
177 | struct { | |
178 | char *store; | |
179 | char *swap; | |
180 | CustomLog *accesslogs; | |
181 | #if ICAP_CLIENT | |
182 | CustomLog *icaplogs; | |
183 | #endif | |
184 | int rotateNumber; | |
185 | } Log; | |
186 | char *adminEmail; | |
187 | char *EmailFrom; | |
188 | char *EmailProgram; | |
189 | char *effectiveUser; | |
190 | char *visible_appname_string; | |
191 | char *effectiveGroup; | |
192 | ||
193 | struct { | |
194 | wordlist *redirect; | |
195 | wordlist *store_id; | |
196 | #if USE_UNLINKD | |
197 | ||
198 | char *unlinkd; | |
199 | #endif | |
200 | ||
201 | char *diskd; | |
202 | #if USE_OPENSSL | |
203 | ||
204 | char *ssl_password; | |
205 | #endif | |
206 | ||
207 | } Program; | |
208 | ||
209 | Helper::ChildConfig redirectChildren; | |
210 | Helper::ChildConfig storeIdChildren; | |
211 | ||
212 | struct { | |
213 | char *surrogate_id; | |
214 | } Accel; | |
215 | char *appendDomain; | |
216 | size_t appendDomainLen; | |
217 | char *pidFilename; | |
218 | char *netdbFilename; | |
219 | char *mimeTablePathname; | |
220 | char *etcHostsPath; | |
221 | char *visibleHostname; | |
222 | char *uniqueHostname; | |
223 | wordlist *hostnameAliases; | |
224 | char *errHtmlText; | |
225 | ||
226 | struct { | |
227 | char *host; | |
228 | char *file; | |
229 | time_t period; | |
230 | unsigned short port; | |
231 | } Announce; | |
232 | ||
233 | struct { | |
234 | ||
235 | Ip::Address udp_incoming; | |
236 | Ip::Address udp_outgoing; | |
237 | #if SQUID_SNMP | |
238 | Ip::Address snmp_incoming; | |
239 | Ip::Address snmp_outgoing; | |
240 | #endif | |
241 | /* FIXME INET6 : this should really be a CIDR value */ | |
242 | Ip::Address client_netmask; | |
243 | } Addrs; | |
244 | size_t tcpRcvBufsz; | |
245 | size_t udpMaxHitObjsz; | |
246 | wordlist *mcast_group_list; | |
247 | CachePeer *peers; | |
248 | int npeers; | |
249 | ||
250 | struct { | |
251 | int size; | |
252 | int low; | |
253 | int high; | |
254 | } ipcache; | |
255 | ||
256 | struct { | |
257 | int size; | |
258 | } fqdncache; | |
259 | int minDirectHops; | |
260 | int minDirectRtt; | |
261 | Mgr::ActionPasswordList *passwd_list; | |
262 | ||
263 | struct { | |
264 | int objectsPerBucket; | |
265 | int64_t avgObjectSize; | |
266 | int64_t maxObjectSize; | |
267 | int64_t minObjectSize; | |
268 | size_t maxInMemObjSize; | |
269 | } Store; | |
270 | ||
271 | struct { | |
272 | int high; | |
273 | int low; | |
274 | time_t period; | |
275 | } Netdb; | |
276 | ||
277 | struct { | |
278 | int log_udp; | |
279 | int res_defnames; | |
280 | int anonymizer; | |
281 | int client_db; | |
282 | int query_icmp; | |
283 | int icp_hit_stale; | |
284 | int buffered_logs; | |
285 | int common_log; | |
286 | int log_mime_hdrs; | |
287 | int log_fqdn; | |
288 | int announce; | |
289 | int mem_pools; | |
290 | int test_reachability; | |
291 | int half_closed_clients; | |
292 | int refresh_all_ims; | |
293 | #if USE_HTTP_VIOLATIONS | |
294 | ||
295 | int reload_into_ims; | |
296 | #endif | |
297 | ||
298 | int offline; | |
299 | int redir_rewrites_host; | |
300 | int prefer_direct; | |
301 | int nonhierarchical_direct; | |
302 | int strip_query_terms; | |
303 | int redirector_bypass; | |
304 | int store_id_bypass; | |
305 | int ignore_unknown_nameservers; | |
306 | int client_pconns; | |
307 | int server_pconns; | |
308 | int error_pconns; | |
309 | #if USE_CACHE_DIGESTS | |
310 | ||
311 | int digest_generation; | |
312 | #endif | |
313 | ||
314 | int vary_ignore_expire; | |
315 | int surrogate_is_remote; | |
316 | int request_entities; | |
317 | int detect_broken_server_pconns; | |
318 | int relaxed_header_parser; | |
319 | int check_hostnames; | |
320 | int allow_underscore; | |
321 | int via; | |
322 | int cache_miss_revalidate; | |
323 | int emailErrData; | |
324 | int httpd_suppress_version_string; | |
325 | int global_internal_static; | |
326 | int collapsed_forwarding; | |
327 | ||
328 | #if FOLLOW_X_FORWARDED_FOR | |
329 | int acl_uses_indirect_client; | |
330 | int delay_pool_uses_indirect_client; | |
331 | int log_uses_indirect_client; | |
332 | #if LINUX_NETFILTER | |
333 | int tproxy_uses_indirect_client; | |
334 | #endif | |
335 | #endif /* FOLLOW_X_FORWARDED_FOR */ | |
336 | ||
337 | int WIN32_IpAddrChangeMonitor; | |
338 | int memory_cache_first; | |
339 | int memory_cache_disk; | |
340 | int hostStrictVerify; | |
341 | int client_dst_passthru; | |
342 | int dns_mdns; | |
343 | #if USE_OPENSSL | |
344 | bool logTlsServerHelloDetails; | |
345 | #endif | |
346 | } onoff; | |
347 | ||
348 | int64_t shared_transient_entries_limit; | |
349 | ||
350 | int pipeline_max_prefetch; | |
351 | ||
352 | int forward_max_tries; | |
353 | int connect_retries; | |
354 | ||
355 | class ACL *aclList; | |
356 | ||
357 | struct { | |
358 | acl_access *http; | |
359 | acl_access *adapted_http; | |
360 | acl_access *icp; | |
361 | acl_access *miss; | |
362 | acl_access *NeverDirect; | |
363 | acl_access *AlwaysDirect; | |
364 | acl_access *ASlists; | |
365 | acl_access *noCache; | |
366 | acl_access *sendHit; | |
367 | acl_access *storeMiss; | |
368 | acl_access *stats_collection; | |
369 | #if SQUID_SNMP | |
370 | ||
371 | acl_access *snmp; | |
372 | #endif | |
373 | #if USE_HTTP_VIOLATIONS | |
374 | acl_access *brokenPosts; | |
375 | #endif | |
376 | acl_access *redirector; | |
377 | acl_access *store_id; | |
378 | acl_access *reply; | |
379 | Acl::Address *outgoing_address; | |
380 | #if USE_HTCP | |
381 | ||
382 | acl_access *htcp; | |
383 | acl_access *htcp_clr; | |
384 | #endif | |
385 | ||
386 | #if USE_OPENSSL | |
387 | acl_access *ssl_bump; | |
388 | #endif | |
389 | #if FOLLOW_X_FORWARDED_FOR | |
390 | acl_access *followXFF; | |
391 | #endif /* FOLLOW_X_FORWARDED_FOR */ | |
392 | ||
393 | /// acceptible PROXY protocol clients | |
394 | acl_access *proxyProtocol; | |
395 | ||
396 | /// spoof_client_ip squid.conf acl. | |
397 | /// nil unless configured | |
398 | acl_access* spoof_client_ip; | |
399 | acl_access *on_unsupported_protocol; | |
400 | ||
401 | acl_access *ftp_epsv; | |
402 | ||
403 | acl_access *forceRequestBodyContinuation; | |
404 | acl_access *serverPconnForNonretriable; | |
405 | acl_access *collapsedForwardingAccess; | |
406 | } accessList; | |
407 | AclDenyInfoList *denyInfoList; | |
408 | ||
409 | struct { | |
410 | size_t list_width; | |
411 | int list_wrap; | |
412 | char *anon_user; | |
413 | int passive; | |
414 | int epsv_all; | |
415 | int epsv; | |
416 | int eprt; | |
417 | int sanitycheck; | |
418 | int telnet; | |
419 | } Ftp; | |
420 | RefreshPattern *Refresh; | |
421 | ||
422 | Store::DiskConfig cacheSwap; | |
423 | ||
424 | struct { | |
425 | char *directory; | |
426 | int use_short_names; | |
427 | } icons; | |
428 | char *errorDirectory; | |
429 | #if USE_ERR_LOCALES | |
430 | char *errorDefaultLanguage; | |
431 | int errorLogMissingLanguages; | |
432 | #endif | |
433 | char *errorStylesheet; | |
434 | ||
435 | struct { | |
436 | int onerror; | |
437 | } retry; | |
438 | ||
439 | struct { | |
440 | int64_t limit; | |
441 | } MemPools; | |
442 | #if USE_DELAY_POOLS | |
443 | ||
444 | DelayConfig Delay; | |
445 | ClientDelayConfig ClientDelay; | |
446 | MessageDelayConfig MessageDelay; | |
447 | #endif | |
448 | ||
449 | struct { | |
450 | struct { | |
451 | int average; | |
452 | int min_poll; | |
453 | } dns, udp, tcp; | |
454 | } comm_incoming; | |
455 | int max_open_disk_fds; | |
456 | int uri_whitespace; | |
457 | AclSizeLimit *rangeOffsetLimit; | |
458 | #if MULTICAST_MISS_STREAM | |
459 | ||
460 | struct { | |
461 | ||
462 | Ip::Address addr; | |
463 | int ttl; | |
464 | unsigned short port; | |
465 | char *encode_key; | |
466 | } mcast_miss; | |
467 | #endif | |
468 | ||
469 | /// request_header_access and request_header_replace | |
470 | HeaderManglers *request_header_access; | |
471 | /// reply_header_access and reply_header_replace | |
472 | HeaderManglers *reply_header_access; | |
473 | ///request_header_add access list | |
474 | HeaderWithAclList *request_header_add; | |
475 | ///reply_header_add access list | |
476 | HeaderWithAclList *reply_header_add; | |
477 | ///note | |
478 | Notes notes; | |
479 | char *coredump_dir; | |
480 | char *chroot_dir; | |
481 | #if USE_CACHE_DIGESTS | |
482 | ||
483 | struct { | |
484 | int bits_per_entry; | |
485 | time_t rebuild_period; | |
486 | time_t rewrite_period; | |
487 | size_t swapout_chunk_size; | |
488 | int rebuild_chunk_percentage; | |
489 | } digest; | |
490 | #endif | |
491 | #if USE_OPENSSL | |
492 | ||
493 | struct { | |
494 | int unclean_shutdown; | |
495 | char *ssl_engine; | |
496 | int session_ttl; | |
497 | size_t sessionCacheSize; | |
498 | char *certSignHash; | |
499 | } SSL; | |
500 | #endif | |
501 | ||
502 | struct { | |
503 | int high_rptm; | |
504 | int high_pf; | |
505 | size_t high_memory; | |
506 | } warnings; | |
507 | char *store_dir_select_algorithm; | |
508 | int sleep_after_fork; /* microseconds */ | |
509 | time_t minimum_expiry_time; /* seconds */ | |
510 | external_acl *externalAclHelperList; | |
511 | ||
512 | struct { | |
513 | Security::ContextPointer sslContext; | |
514 | #if USE_OPENSSL | |
515 | char *foreignIntermediateCertsPath; | |
516 | acl_access *cert_error; | |
517 | sslproxy_cert_sign *cert_sign; | |
518 | sslproxy_cert_adapt *cert_adapt; | |
519 | #endif | |
520 | } ssl_client; | |
521 | ||
522 | char *accept_filter; | |
523 | int umask; | |
524 | int max_filedescriptors; | |
525 | int workers; | |
526 | CpuAffinityMap *cpuAffinityMap; | |
527 | ||
528 | #if USE_LOADABLE_MODULES | |
529 | wordlist *loadable_module_names; | |
530 | #endif | |
531 | ||
532 | int client_ip_max_connections; | |
533 | ||
534 | char *redirector_extras; | |
535 | ||
536 | struct UrlHelperTimeout { | |
537 | int action; | |
538 | char *response; | |
539 | } onUrlRewriteTimeout; | |
540 | ||
541 | char *storeId_extras; | |
542 | ||
543 | struct { | |
544 | SBufList nameservers; | |
545 | int v4_first; ///< Place IPv4 first in the order of DNS results. | |
546 | ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies. | |
547 | } dns; | |
548 | ||
549 | struct { | |
550 | int connect_limit; | |
551 | int connect_gap; | |
552 | int connect_timeout; | |
553 | } happyEyeballs; | |
554 | }; | |
555 | ||
556 | extern SquidConfig Config; | |
557 | ||
558 | class SquidConfig2 | |
559 | { | |
560 | public: | |
561 | void clear() { | |
562 | *this = SquidConfig2(); | |
563 | } | |
564 | ||
565 | struct { | |
566 | int enable_purge = 0; | |
567 | } onoff; | |
568 | uid_t effectiveUserID = 0; | |
569 | gid_t effectiveGroupID = 0; | |
570 | }; | |
571 | ||
572 | extern SquidConfig2 Config2; | |
573 | ||
574 | #endif /* SQUID_SQUIDCONFIG_H_ */ | |
575 |