2 * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_ANYP_PORTCFG_H
10 #define SQUID_ANYP_PORTCFG_H
12 #include "anyp/forward.h"
13 #include "anyp/ProtocolVersion.h"
14 #include "anyp/TrafficMode.h"
15 #include "comm/Connection.h"
16 #include "sbuf/SBuf.h"
17 #include "security/ServerOptions.h"
20 #include "ssl/gadgets.h"
26 class PortCfg
: public RefCountable
31 AnyP::PortCfgPointer
clone() const;
33 /// creates, configures, and validates SSL context and related port options
34 void configureSslServerContext();
40 AnyP::ProtocolVersion transport
; ///< transport protocol and version received by this port
41 char *name
; /* visible name */
42 char *defaultsite
; /* default web site */
44 TrafficMode flags
; ///< flags indicating what type of traffic to expect via this port.
46 bool allow_direct
; ///< Allow direct forwarding in accelerator mode
47 bool vhost
; ///< uses host header
48 bool actAsOrigin
; ///< update replies to conform with RFC 2616
49 bool ignore_cc
; ///< Ignore request Cache-Control directives
51 bool connection_auth_disabled
; ///< Don't support connection oriented auth
53 bool ftp_track_dirs
; ///< whether transactions should track FTP directories
55 int vport
; ///< virtual port support. -1 if dynamic, >0 static
56 int disable_pmtu_discovery
;
60 unsigned int interval
;
66 * The listening socket details.
67 * If Comm::ConnIsOpen() we are actively listening for client requests.
68 * use listenConn->close() to stop.
70 Comm::ConnectionPointer listenConn
;
72 /// TLS configuration options for this listening port
73 Security::ServerOptions secure
;
77 char *sslContextSessionId
; ///< "session id context" for secure.staticSslContext
78 bool generateHostCertificates
; ///< dynamically make host cert for sslBump
79 size_t dynamicCertMemCacheSize
; ///< max size of generated certificates memory cache
81 Security::CertPointer signingCert
; ///< x509 certificate for signing generated certificates
82 Ssl::EVP_PKEY_Pointer signPkey
; ///< private key for sighing generated certificates
83 Ssl::X509_STACK_Pointer certsToChain
; ///< x509 certificates to send with the generated cert
84 Security::CertPointer untrustedSigningCert
; ///< x509 certificate for signing untrusted generated certificates
85 Ssl::EVP_PKEY_Pointer untrustedSignPkey
; ///< private key for signing untrusted generated certificates
87 Ssl::X509_NAME_STACK_Pointer clientCA
; ///< CA certificates to use when verifying client certificates
93 /// list of Squid http(s)_port configured
94 extern AnyP::PortCfgPointer HttpPortList
;
96 /// list of Squid ftp_port configured
97 extern AnyP::PortCfgPointer FtpPortList
;
99 #if !defined(MAXTCPLISTENPORTS)
100 // Max number of TCP listening ports
101 #define MAXTCPLISTENPORTS 128
104 // TODO: kill this global array. Need to check performance of array vs list though.
105 extern int NHttpSockets
;
106 extern int HttpSockets
[MAXTCPLISTENPORTS
];
108 #endif /* SQUID_ANYP_PORTCFG_H */