/*
- * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
#include "acl/forward.h"
#include "base/RefCount.h"
+#include "base/YesNoNone.h"
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
-#include "icmp/IcmpConfig.h"
#include "ip/Address.h"
#include "Notes.h"
-#include "YesNoNone.h"
-
+#include "security/forward.h"
+#include "SquidTime.h"
#if USE_OPENSSL
-#if HAVE_OPENSSL_SSL_H
-#include <openssl/ssl.h>
+#include "ssl/support.h"
#endif
+#include "store/forward.h"
+#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif
{
class ActionPasswordList;
} // namespace Mgr
+class CachePeer;
class CustomLog;
class CpuAffinityMap;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;
-class SwapDir;
namespace AnyP
{
class PortCfg;
}
+namespace Store {
+class DiskConfig {
+public:
+ RefCount<SwapDir> *swapDirs;
+ int n_allocated;
+ int n_configured;
+ /// number of disk processes required to support all cache_dirs
+ int n_strands;
+};
+#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
+}
+
/// the representation of the configuration. POD.
class SquidConfig
{
} Swap;
YesNoNone memShared; ///< whether the memory cache is shared among workers
+ YesNoNone shmLocking; ///< shared_memory_locking
size_t memMaxSize;
struct {
time_t pconnLifetime; ///< pconn_lifetime in squid.conf
time_t siteSelect;
time_t deadPeer;
+ time_t request_start_timeout;
int icp_query; /* msec */
int icp_query_max; /* msec */
int icp_query_min; /* msec */
} Timeout;
size_t maxRequestHeaderSize;
int64_t maxRequestBodySize;
- int64_t maxChunkedRequestBodySize;
size_t maxRequestBufferSize;
size_t maxReplyHeaderSize;
AclSizeLimit *ReplyBodySize;
} Wccp2;
#endif
-#if USE_ICMP
- IcmpConfig pinger;
-#endif
-
char *as_whois_server;
struct {
Helper::ChildConfig redirectChildren;
Helper::ChildConfig storeIdChildren;
- time_t authenticateGCInterval;
- time_t authenticateTTL;
- time_t authenticateIpTTL;
struct {
char *surrogate_id;
int digest_generation;
#endif
- int ie_refresh;
int vary_ignore_expire;
int surrogate_is_remote;
int request_entities;
int hostStrictVerify;
int client_dst_passthru;
int dns_mdns;
+#if USE_OPENSSL
+ bool logTlsServerHelloDetails;
+#endif
} onoff;
+ int64_t collapsed_forwarding_shared_entries_limit;
+
int pipeline_max_prefetch;
int forward_max_tries;
acl_access *redirector;
acl_access *store_id;
acl_access *reply;
- AclAddress *outgoing_address;
+ Acl::Address *outgoing_address;
#if USE_HTCP
acl_access *htcp;
/// spoof_client_ip squid.conf acl.
/// nil unless configured
acl_access* spoof_client_ip;
+ acl_access *on_unsupported_protocol;
acl_access *ftp_epsv;
acl_access *forceRequestBodyContinuation;
+ acl_access *serverPconnForNonretriable;
} accessList;
AclDenyInfoList *denyInfoList;
} Ftp;
RefreshPattern *Refresh;
- struct _cacheSwap {
- RefCount<SwapDir> *swapDirs;
- int n_allocated;
- int n_configured;
- /// number of disk processes required to support all cache_dirs
- int n_strands;
- } cacheSwap;
- /*
- * I'm sick of having to keep doing this ..
- */
-#define INDEXSD(i) (Config.cacheSwap.swapDirs[(i)].getRaw())
+ Store::DiskConfig cacheSwap;
struct {
char *directory;
HeaderManglers *reply_header_access;
///request_header_add access list
HeaderWithAclList *request_header_add;
+ ///reply_header_add access list
+ HeaderWithAclList *reply_header_add;
///note
Notes notes;
char *coredump_dir;
} SSL;
#endif
- wordlist *ext_methods;
-
struct {
int high_rptm;
int high_pf;
time_t minimum_expiry_time; /* seconds */
external_acl *externalAclHelperList;
-#if USE_OPENSSL
-
struct {
- char *cert;
- char *key;
- int version;
- char *options;
- char *cipher;
- char *cafile;
- char *capath;
- char *crlfile;
- char *flags;
+ Security::ContextPointer sslContext;
+#if USE_OPENSSL
+ char *foreignIntermediateCertsPath;
acl_access *cert_error;
- SSL_CTX *sslContext;
sslproxy_cert_sign *cert_sign;
sslproxy_cert_adapt *cert_adapt;
- } ssl_client;
#endif
+ } ssl_client;
char *accept_filter;
int umask;
char *redirector_extras;
- struct {
+ struct UrlHelperTimeout {
int action;
char *response;
} onUrlRewriteTimeout;
int v4_first; ///< Place IPv4 first in the order of DNS results.
ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
} dns;
-
};
extern SquidConfig Config;
class SquidConfig2
{
public:
+ void clear() {
+ *this = SquidConfig2();
+ }
+
struct {
- int enable_purge;
- int mangle_request_headers;
+ int enable_purge = 0;
} onoff;
- uid_t effectiveUserID;
- gid_t effectiveGroupID;
+ uid_t effectiveUserID = 0;
+ gid_t effectiveGroupID = 0;
};
extern SquidConfig2 Config2;