-
/*
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
*
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
*/
#include "squid.h"
#include "adaptation/History.h"
#include "adaptation/Service.h"
#include "adaptation/ServiceGroups.h"
-#include "base/Vector.h"
#include "ConfigParser.h"
#include "globals.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "Store.h"
+#include <algorithm>
+
bool Adaptation::Config::Enabled = false;
char *Adaptation::Config::masterx_shared_name = NULL;
int Adaptation::Config::service_iteration_limit = 16;
int Adaptation::Config::send_client_ip = false;
int Adaptation::Config::send_username = false;
int Adaptation::Config::use_indirect_client = true;
-const char *metasBlacklist[] = {
- "Methods",
- "Service",
- "ISTag",
+static const char *protectedFieldNamesRaw[] = {
+ "Allow",
+ "Date",
"Encapsulated",
- "Opt-body-type",
+ "ISTag",
"Max-Connections",
+ "Methods",
+ "Opt-body-type",
"Options-TTL",
- "Date",
- "Service-ID",
- "Allow",
"Preview",
- "Transfer-Preview",
- "Transfer-Ignore",
+ "Service",
+ "Service-ID",
"Transfer-Complete",
- NULL
+ "Transfer-Ignore",
+ "Transfer-Preview"
};
-Notes Adaptation::Config::metaHeaders("ICAP header", metasBlacklist, true);
+static const Notes::Keys protectedFieldNames(std::begin(protectedFieldNamesRaw), std::end(protectedFieldNamesRaw));
+Notes Adaptation::Config::metaHeaders("ICAP header", &protectedFieldNames);
bool Adaptation::Config::needHistory = false;
Adaptation::ServiceConfig*
for (SGSI it = services.begin(); it != services.end(); ++it) {
if (*it == service) {
group->removedServices.push_back(service);
- group->services.prune(service);
- debugs(93, 5, HERE << "adaptation service " << service <<
+ ServiceGroup::Store::iterator newend;
+ newend = std::remove(group->services.begin(), group->services.end(), service);
+ group->services.resize(newend-group->services.begin());
+ debugs(93, 5, "adaptation service " << service <<
" removed from group " << group->id);
break;
}
}
if (services.empty()) {
removeRule(group->id);
- AllGroups().prune(group);
+ Groups::iterator newend;
+ newend = std::remove(AllGroups().begin(), AllGroups().end(), group);
+ AllGroups().resize(newend-AllGroups().begin());
} else {
++i;
}
for (ARI it = rules.begin(); it != rules.end(); ++it) {
AccessRule* rule = *it;
if (rule->groupId == id) {
- debugs(93, 5, HERE << "removing access rules for:" << id);
- AllRules().prune(rule);
+ debugs(93, 5, "removing access rules for:" << id);
+ AccessRules::iterator newend;
+ newend = std::remove(AllRules().begin(), AllRules().end(), rule);
+ AllRules().resize(newend-AllRules().begin());
delete (rule);
break;
}
typedef Services::iterator SCI;
for (SCI i = AllServices().begin(); i != AllServices().end(); ++i) {
const ServiceConfig &cfg = (*i)->cfg();
- storeAppendPrintf(entry, "%s " SQUIDSTRINGPH "_%s %s %d " SQUIDSTRINGPH "\n",
+ bool isEcap = cfg.protocol.caseCmp("ecap") == 0;
+ bool isIcap = !isEcap;
+ const char *optConnectionEncryption = "";
+ // Print connections_encrypted option if no default value is used
+ if (cfg.secure.encryptTransport && !cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=off";
+ else if (isEcap && !cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=off";
+ else if (isIcap && !cfg.secure.encryptTransport && cfg.connectionEncryption)
+ optConnectionEncryption = " connection-encryption=on";
+
+ storeAppendPrintf(entry, "%s " SQUIDSTRINGPH " %s_%s %d " SQUIDSTRINGPH "%s\n",
name,
SQUIDSTRINGPRINT(cfg.key),
cfg.methodStr(), cfg.vectPointStr(), cfg.bypass,
- SQUIDSTRINGPRINT(cfg.uri));
+ SQUIDSTRINGPRINT(cfg.uri),
+
+ optConnectionEncryption);
}
}
}
Adaptation::Config::Config() :
- onoff(0), service_failure_limit(0), oldest_service_failure(0),
- service_revival_delay(0)
+ onoff(0), service_failure_limit(0), oldest_service_failure(0),
+ service_revival_delay(0)
{}
// XXX: this is called for ICAP and eCAP configs, but deals mostly
{
freeService();
}
+