-
/*
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
*
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
*/
#include "squid.h"
int Adaptation::Config::send_client_ip = false;
int Adaptation::Config::send_username = false;
int Adaptation::Config::use_indirect_client = true;
-const char *metasBlacklist[] = {
- "Methods",
- "Service",
- "ISTag",
+static const char *protectedFieldNamesRaw[] = {
+ "Allow",
+ "Date",
"Encapsulated",
- "Opt-body-type",
+ "ISTag",
"Max-Connections",
+ "Methods",
+ "Opt-body-type",
"Options-TTL",
- "Date",
- "Service-ID",
- "Allow",
"Preview",
- "Transfer-Preview",
- "Transfer-Ignore",
+ "Service",
+ "Service-ID",
"Transfer-Complete",
- NULL
+ "Transfer-Ignore",
+ "Transfer-Preview"
};
-Notes Adaptation::Config::metaHeaders("ICAP header", metasBlacklist, true);
+static const Notes::Keys protectedFieldNames(std::begin(protectedFieldNamesRaw), std::end(protectedFieldNamesRaw));
+Notes Adaptation::Config::metaHeaders("ICAP header", &protectedFieldNames);
bool Adaptation::Config::needHistory = false;
Adaptation::ServiceConfig*
typedef Services::iterator SCI;
for (SCI i = AllServices().begin(); i != AllServices().end(); ++i) {
const ServiceConfig &cfg = (*i)->cfg();
- storeAppendPrintf(entry, "%s " SQUIDSTRINGPH "_%s %s %d " SQUIDSTRINGPH "\n",
+ bool isEcap = cfg.protocol.caseCmp("ecap") == 0;
+ bool isIcap = !isEcap;
+ const char *optConnectionEncryption = "";
+ // Print connections_encrypted option if no default value is used
+ if (cfg.secure.encryptTransport && !cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=off";
+ else if (isEcap && !cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=off";
+ else if (isIcap && !cfg.secure.encryptTransport && cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=on";
+
+ storeAppendPrintf(entry, "%s " SQUIDSTRINGPH " %s_%s %d " SQUIDSTRINGPH "%s\n",
name,
SQUIDSTRINGPRINT(cfg.key),
cfg.methodStr(), cfg.vectPointStr(), cfg.bypass,
- SQUIDSTRINGPRINT(cfg.uri));
+ SQUIDSTRINGPRINT(cfg.uri),
+
+ optConnectionEncryption);
}
}
}
Adaptation::Config::Config() :
- onoff(0), service_failure_limit(0), oldest_service_failure(0),
- service_revival_delay(0)
+ onoff(0), service_failure_limit(0), oldest_service_failure(0),
+ service_revival_delay(0)
{}
// XXX: this is called for ICAP and eCAP configs, but deals mostly
{
freeService();
}
+