/*
- * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
#include "acl/forward.h"
#include "base/RefCount.h"
+#include "base/YesNoNone.h"
+#if USE_DELAY_POOLS
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
+#endif
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
+#if USE_DELAY_POOLS
+#include "MessageDelayPools.h"
+#endif
#include "Notes.h"
#include "security/forward.h"
-#include "YesNoNone.h"
+#if USE_OPENSSL
+#include "ssl/support.h"
+#endif
+#include "store/Disk.h"
+#include "store/forward.h"
+#include "time/gadgets.h"
+
+#include <chrono>
#if USE_OPENSSL
class sslproxy_cert_sign;
{
class ActionPasswordList;
} // namespace Mgr
+
+class CachePeers;
class CustomLog;
class CpuAffinityMap;
+class DebugMessages;
class external_acl;
class HeaderManglers;
class RefreshPattern;
class RemovalPolicySettings;
-class SwapDir;
+class HttpUpgradeProtocolAccess;
namespace AnyP
{
class PortCfg;
}
+namespace Store {
+class DiskConfig {
+public:
+ DiskConfig() { assert(swapDirs == nullptr); }
+ ~DiskConfig() { delete[] swapDirs; }
+
+ RefCount<SwapDir> *swapDirs = nullptr;
+ int n_allocated = 0;
+ int n_configured = 0;
+ /// number of disk processes required to support all cache_dirs
+ int n_strands = 0;
+};
+#define INDEXSD(i) (Config.cacheSwap.swapDirs[i].getRaw())
+}
+
/// the representation of the configuration. POD.
class SquidConfig
{
} Swap;
YesNoNone memShared; ///< whether the memory cache is shared among workers
+ YesNoNone shmLocking; ///< shared_memory_locking
size_t memMaxSize;
struct {
time_t positiveDnsTtl;
time_t shutdownLifetime;
time_t backgroundPingRate;
+ time_t hopelessKidRevivalDelay; ///< hopeless_kid_revival_delay
struct {
time_t read;
#if ICAP_CLIENT
CustomLog *icaplogs;
#endif
+ Security::KeyLog *tlsKeys; ///< one optional tls_key_log
int rotateNumber;
} Log;
char *adminEmail;
Helper::ChildConfig redirectChildren;
Helper::ChildConfig storeIdChildren;
- time_t authenticateGCInterval;
- time_t authenticateTTL;
- time_t authenticateIpTTL;
struct {
char *surrogate_id;
wordlist *hostnameAliases;
char *errHtmlText;
- struct {
- char *host;
- char *file;
- time_t period;
- unsigned short port;
- } Announce;
-
struct {
Ip::Address udp_incoming;
Ip::Address snmp_incoming;
Ip::Address snmp_outgoing;
#endif
- /* FIXME INET6 : this should really be a CIDR value */
+ // TODO: this should really be a CIDR value
Ip::Address client_netmask;
} Addrs;
size_t tcpRcvBufsz;
size_t udpMaxHitObjsz;
wordlist *mcast_group_list;
- wordlist *dns_nameservers;
- CachePeer *peers;
+ CachePeers *peers;
int npeers;
struct {
int buffered_logs;
int common_log;
int log_mime_hdrs;
- int log_fqdn;
- int announce;
int mem_pools;
int test_reachability;
int half_closed_clients;
int digest_generation;
#endif
- int ie_refresh;
int vary_ignore_expire;
int surrogate_is_remote;
- int request_entities;
int detect_broken_server_pconns;
- int balance_on_multiple_ip;
int relaxed_header_parser;
int check_hostnames;
int allow_underscore;
int hostStrictVerify;
int client_dst_passthru;
int dns_mdns;
+#if USE_OPENSSL
+ bool logTlsServerHelloDetails;
+#endif
} onoff;
+ int64_t shared_transient_entries_limit;
+
int pipeline_max_prefetch;
+ // these values are actually unsigned
+ // TODO: extend the parser to support more nuanced types
int forward_max_tries;
int connect_retries;
+ std::chrono::nanoseconds paranoid_hit_validation;
+
class ACL *aclList;
struct {
acl_access *followXFF;
#endif /* FOLLOW_X_FORWARDED_FOR */
- /// acceptible PROXY protocol clients
+ /// acceptable PROXY protocol clients
acl_access *proxyProtocol;
/// spoof_client_ip squid.conf acl.
acl_access *ftp_epsv;
acl_access *forceRequestBodyContinuation;
+ acl_access *serverPconnForNonretriable;
+ acl_access *collapsedForwardingAccess;
} accessList;
AclDenyInfoList *denyInfoList;
} Ftp;
RefreshPattern *Refresh;
- struct _cacheSwap {
- RefCount<SwapDir> *swapDirs;
- int n_allocated;
- int n_configured;
- /// number of disk processes required to support all cache_dirs
- int n_strands;
- } cacheSwap;
- /*
- * I'm sick of having to keep doing this ..
- */
-#define INDEXSD(i) (Config.cacheSwap.swapDirs[(i)].getRaw())
+ Store::DiskConfig cacheSwap;
struct {
char *directory;
DelayConfig Delay;
ClientDelayConfig ClientDelay;
+ MessageDelayConfig MessageDelay;
#endif
struct {
int max_open_disk_fds;
int uri_whitespace;
AclSizeLimit *rangeOffsetLimit;
-#if MULTICAST_MISS_STREAM
-
- struct {
-
- Ip::Address addr;
- int ttl;
- unsigned short port;
- char *encode_key;
- } mcast_miss;
-#endif
/// request_header_access and request_header_replace
HeaderManglers *request_header_access;
HeaderManglers *reply_header_access;
///request_header_add access list
HeaderWithAclList *request_header_add;
+ ///reply_header_add access list
+ HeaderWithAclList *reply_header_add;
+ /// http_upgrade_request_protocols
+ HttpUpgradeProtocolAccess *http_upgrade_request_protocols;
///note
Notes notes;
char *coredump_dir;
} SSL;
#endif
- wordlist *ext_methods;
-
struct {
int high_rptm;
int high_pf;
struct {
Security::ContextPointer sslContext;
#if USE_OPENSSL
+ char *foreignIntermediateCertsPath;
acl_access *cert_error;
sslproxy_cert_sign *cert_sign;
sslproxy_cert_adapt *cert_adapt;
char *storeId_extras;
struct {
+ SBufList nameservers;
int v4_first; ///< Place IPv4 first in the order of DNS results.
ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
} dns;
+ struct {
+ int connect_limit;
+ int connect_gap;
+ int connect_timeout;
+ } happyEyeballs;
};
extern SquidConfig Config;
class SquidConfig2
{
public:
+ void clear() {
+ *this = SquidConfig2();
+ }
+
struct {
- int enable_purge;
- int mangle_request_headers;
+ int enable_purge = 0;
} onoff;
- uid_t effectiveUserID;
- gid_t effectiveGroupID;
+ uid_t effectiveUserID = 0;
+ gid_t effectiveGroupID = 0;
};
extern SquidConfig2 Config2;