1 /** @file
2
3 A brief file description
4
5 @section license License
6
7 Licensed to the Apache Software Foundation (ASF) under one
8 or more contributor license agreements. See the NOTICE file
9 distributed with this work for additional information
10 regarding copyright ownership. The ASF licenses this file
11 to you under the Apache License, Version 2.0 (the
12 "License"); you may not use this file except in compliance
13 with the License. You may obtain a copy of the License at
14
15 http://www.apache.org/licenses/LICENSE-2.0
16
17 Unless required by applicable law or agreed to in writing, software
18 distributed under the License is distributed on an "AS IS" BASIS,
19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 See the License for the specific language governing permissions and
21 limitations under the License.
22 */
23
24 /*************************** -*- Mod: C++ -*- ******************************
25
26 HttpConfig.h
27 Created On : Tue Oct 22 20:19:04 1996
28
29 Description:
30 Http Configurations
31
32
33 ****************************************************************************/
34 #pragma once
35
36 #include <cstdlib>
37 #include <cstdio>
38 #include <bitset>
39 #include <map>
40 #include <cctype>
41 #include <string_view>
42
43 #include "tscore/ink_platform.h"
44 #include "tscore/ink_inet.h"
45 #include "tscore/ink_resolver.h"
46 #include "tscore/IpMap.h"
47 #include "tscore/Regex.h"
48 #include "tscore/BufferWriter.h"
49 #include "HttpProxyAPIEnums.h"
50 #include "ProxyConfig.h"
51 #include "records/P_RecProcess.h"
52 #include "HttpConnectionCount.h"
53
54 static const unsigned HTTP_STATUS_NUMBER = 600;
55 using HttpStatusBitset = std::bitset<HTTP_STATUS_NUMBER>;
56
57 /* Instead of enumerating the stats in DynamicStats.h, each module needs
58 to enumerate its stats separately and register them with librecords
59 */
60 enum {
61 http_background_fill_current_count_stat,
62 http_current_client_connections_stat,
63 http_current_active_client_connections_stat,
64 http_websocket_current_active_client_connections_stat,
65 http_current_client_transactions_stat,
66 http_total_incoming_connections_stat,
67 http_current_server_transactions_stat,
68 http_pooled_server_connections_stat,
69
70 // Http Abort information (from HttpNetConnection)
71 http_ua_msecs_counts_errors_pre_accept_hangups_stat,
72
73 // Http Total Connections Stats
74 //
75 // it is assumed that this inequality will always be satisfied:
76 // http_total_client_connections_stat >=
77 // http_total_client_connections_ipv4_stat +
78 // http_total_client_connections_ipv6_stat
79 http_total_client_connections_stat,
80 http_total_client_connections_ipv4_stat,
81 http_total_client_connections_ipv6_stat,
82 http_total_server_connections_stat,
83 http_total_parent_proxy_connections_stat,
84 http_total_parent_retries_stat,
85 http_total_parent_switches_stat,
86 http_total_parent_retries_exhausted_stat,
87 http_total_parent_marked_down_count,
88 http_background_fill_total_count_stat,
89 http_current_parent_proxy_connections_stat,
90 http_current_server_connections_stat,
91 http_current_cache_connections_stat,
92
93 // Http K-A Stats
94 http_transactions_per_client_con,
95 http_transactions_per_server_con,
96
97 // Transactional stats
98 http_incoming_requests_stat,
99 http_outgoing_requests_stat,
100 http_incoming_responses_stat,
101 http_invalid_client_requests_stat,
102 http_missing_host_hdr_stat,
103 http_get_requests_stat,
104 http_head_requests_stat,
105 http_trace_requests_stat,
106 http_options_requests_stat,
107 http_post_requests_stat,
108 http_put_requests_stat,
109 http_push_requests_stat,
110 http_delete_requests_stat,
111 http_purge_requests_stat,
112 http_connect_requests_stat,
113 http_extension_method_requests_stat,
114
115 http_completed_requests_stat,
116 http_broken_server_connections_stat,
117
118 http_cache_lookups_stat,
119 http_cache_writes_stat,
120 http_cache_updates_stat,
121 http_cache_deletes_stat,
122
123 http_tunnels_stat,
124
125 // document size stats
126 http_user_agent_request_header_total_size_stat,
127 http_user_agent_response_header_total_size_stat,
128 http_user_agent_request_document_total_size_stat,
129 http_user_agent_response_document_total_size_stat,
130
131 http_origin_server_request_header_total_size_stat,
132 http_origin_server_response_header_total_size_stat,
133 http_origin_server_request_document_total_size_stat,
134 http_origin_server_response_document_total_size_stat,
135
136 http_parent_proxy_request_total_bytes_stat,
137 http_parent_proxy_response_total_bytes_stat,
138
139 http_pushed_response_header_total_size_stat,
140 http_pushed_document_total_size_stat,
141
142 http_background_fill_bytes_aborted_stat,
143 http_background_fill_bytes_completed_stat,
144
145 http_response_document_size_100_stat,
146 http_response_document_size_1K_stat,
147 http_response_document_size_3K_stat,
148 http_response_document_size_5K_stat,
149 http_response_document_size_10K_stat,
150 http_response_document_size_1M_stat,
151 http_response_document_size_inf_stat,
152
153 http_request_document_size_100_stat,
154 http_request_document_size_1K_stat,
155 http_request_document_size_3K_stat,
156 http_request_document_size_5K_stat,
157 http_request_document_size_10K_stat,
158 http_request_document_size_1M_stat,
159 http_request_document_size_inf_stat,
160
161 // connection speed stats
162 http_user_agent_speed_bytes_per_sec_100_stat,
163 http_user_agent_speed_bytes_per_sec_1K_stat,
164 http_user_agent_speed_bytes_per_sec_10K_stat,
165 http_user_agent_speed_bytes_per_sec_100K_stat,
166 http_user_agent_speed_bytes_per_sec_1M_stat,
167 http_user_agent_speed_bytes_per_sec_10M_stat,
168 http_user_agent_speed_bytes_per_sec_100M_stat,
169 http_origin_server_speed_bytes_per_sec_100_stat,
170 http_origin_server_speed_bytes_per_sec_1K_stat,
171 http_origin_server_speed_bytes_per_sec_10K_stat,
172 http_origin_server_speed_bytes_per_sec_100K_stat,
173 http_origin_server_speed_bytes_per_sec_1M_stat,
174 http_origin_server_speed_bytes_per_sec_10M_stat,
175 http_origin_server_speed_bytes_per_sec_100M_stat,
176
177 // cache result stats
178 http_cache_hit_fresh_stat,
179 http_cache_hit_mem_fresh_stat,
180 http_cache_hit_reval_stat,
181 http_cache_hit_ims_stat,
182 http_cache_hit_stale_served_stat,
183 http_cache_miss_cold_stat,
184 http_cache_miss_changed_stat,
185 http_cache_miss_client_no_cache_stat,
186 http_cache_miss_uncacheable_stat,
187 http_cache_miss_ims_stat,
188 http_cache_read_error_stat,
189
190 // bandwidth savings stats
191 http_tcp_hit_count_stat,
192 http_tcp_hit_user_agent_bytes_stat,
193 http_tcp_hit_origin_server_bytes_stat,
194 http_tcp_miss_count_stat,
195 http_tcp_miss_user_agent_bytes_stat,
196 http_tcp_miss_origin_server_bytes_stat,
197 http_tcp_expired_miss_count_stat,
198 http_tcp_expired_miss_user_agent_bytes_stat,
199 http_tcp_expired_miss_origin_server_bytes_stat,
200 http_tcp_refresh_hit_count_stat,
201 http_tcp_refresh_hit_user_agent_bytes_stat,
202 http_tcp_refresh_hit_origin_server_bytes_stat,
203 http_tcp_refresh_miss_count_stat,
204 http_tcp_refresh_miss_user_agent_bytes_stat,
205 http_tcp_refresh_miss_origin_server_bytes_stat,
206 http_tcp_client_refresh_count_stat,
207 http_tcp_client_refresh_user_agent_bytes_stat,
208 http_tcp_client_refresh_origin_server_bytes_stat,
209 http_tcp_ims_hit_count_stat,
210 http_tcp_ims_hit_user_agent_bytes_stat,
211 http_tcp_ims_hit_origin_server_bytes_stat,
212 http_tcp_ims_miss_count_stat,
213 http_tcp_ims_miss_user_agent_bytes_stat,
214 http_tcp_ims_miss_origin_server_bytes_stat,
215 http_err_client_abort_count_stat,
216 http_err_client_abort_user_agent_bytes_stat,
217 http_err_client_abort_origin_server_bytes_stat,
218 http_err_client_read_error_count_stat,
219 http_err_client_read_error_user_agent_bytes_stat,
220 http_err_client_read_error_origin_server_bytes_stat,
221 http_err_connect_fail_count_stat,
222 http_err_connect_fail_user_agent_bytes_stat,
223 http_err_connect_fail_origin_server_bytes_stat,
224 http_misc_count_stat,
225 http_misc_user_agent_bytes_stat,
226 http_misc_origin_server_bytes_stat,
227
228 // http - time and count of transactions classified by client's point of view
229 http_ua_msecs_counts_hit_fresh_stat,
230
231 http_ua_msecs_counts_hit_fresh_process_stat,
232 http_ua_msecs_counts_hit_reval_stat,
233 http_ua_msecs_counts_miss_cold_stat,
234 http_ua_msecs_counts_miss_changed_stat,
235 http_ua_msecs_counts_miss_client_no_cache_stat,
236 http_ua_msecs_counts_miss_uncacheable_stat,
237 http_ua_msecs_counts_errors_aborts_stat,
238 http_ua_msecs_counts_errors_possible_aborts_stat,
239 http_ua_msecs_counts_errors_connect_failed_stat,
240 http_ua_msecs_counts_errors_other_stat,
241 http_ua_msecs_counts_other_unclassified_stat,
242
243 disallowed_post_100_continue,
244 http_post_body_too_large,
245
246 http_total_x_redirect_stat,
247
248 // Times
249 http_total_transactions_time_stat,
250 http_parent_proxy_transaction_time_stat,
251
252 // Http cache errors
253 http_cache_write_errors,
254 http_cache_read_errors,
255
256 // status code stats
257 http_response_status_100_count_stat,
258 http_response_status_101_count_stat,
259 http_response_status_1xx_count_stat,
260 http_response_status_200_count_stat,
261 http_response_status_201_count_stat,
262 http_response_status_202_count_stat,
263 http_response_status_203_count_stat,
264 http_response_status_204_count_stat,
265 http_response_status_205_count_stat,
266 http_response_status_206_count_stat,
267 http_response_status_2xx_count_stat,
268 http_response_status_300_count_stat,
269 http_response_status_301_count_stat,
270 http_response_status_302_count_stat,
271 http_response_status_303_count_stat,
272 http_response_status_304_count_stat,
273 http_response_status_305_count_stat,
274 http_response_status_307_count_stat,
275 http_response_status_308_count_stat,
276 http_response_status_3xx_count_stat,
277 http_response_status_400_count_stat,
278 http_response_status_401_count_stat,
279 http_response_status_402_count_stat,
280 http_response_status_403_count_stat,
281 http_response_status_404_count_stat,
282 http_response_status_405_count_stat,
283 http_response_status_406_count_stat,
284 http_response_status_407_count_stat,
285 http_response_status_408_count_stat,
286 http_response_status_409_count_stat,
287 http_response_status_410_count_stat,
288 http_response_status_411_count_stat,
289 http_response_status_412_count_stat,
290 http_response_status_413_count_stat,
291 http_response_status_414_count_stat,
292 http_response_status_415_count_stat,
293 http_response_status_416_count_stat,
294 http_response_status_4xx_count_stat,
295 http_response_status_500_count_stat,
296 http_response_status_501_count_stat,
297 http_response_status_502_count_stat,
298 http_response_status_503_count_stat,
299 http_response_status_504_count_stat,
300 http_response_status_505_count_stat,
301 http_response_status_5xx_count_stat,
302
303 https_incoming_requests_stat,
304 https_total_client_connections_stat,
305
306 // milestone timing statistics in milliseconds
307 http_ua_begin_time_stat,
308 http_ua_first_read_time_stat,
309 http_ua_read_header_done_time_stat,
310 http_ua_begin_write_time_stat,
311 http_ua_close_time_stat,
312 http_server_first_connect_time_stat,
313 http_server_connect_time_stat,
314 http_server_connect_end_time_stat,
315 http_server_begin_write_time_stat,
316 http_server_first_read_time_stat,
317 http_server_read_header_done_time_stat,
318 http_server_close_time_stat,
319 http_cache_open_read_begin_time_stat,
320 http_cache_open_read_end_time_stat,
321 http_cache_open_write_begin_time_stat,
322 http_cache_open_write_end_time_stat,
323 http_dns_lookup_begin_time_stat,
324 http_dns_lookup_end_time_stat,
325 http_sm_start_time_stat,
326 http_sm_finish_time_stat,
327
328 http_origin_connections_throttled_stat,
329
330 http_origin_connect_adjust_thread_stat,
331 http_cache_open_write_adjust_thread_stat,
332
333 http_origin_shutdown_pool_lock_contention,
334 http_origin_shutdown_migration_failure,
335 http_origin_shutdown_tunnel_server,
336 http_origin_shutdown_tunnel_server_no_keep_alive,
337 http_origin_shutdown_tunnel_server_eos,
338 http_origin_shutdown_tunnel_server_plugin_tunnel,
339 http_origin_shutdown_tunnel_server_detach,
340 http_origin_shutdown_tunnel_client,
341 http_origin_shutdown_tunnel_transform_read,
342 http_origin_shutdown_release_no_sharing,
343 http_origin_shutdown_release_no_server,
344 http_origin_shutdown_release_no_keep_alive,
345 http_origin_shutdown_release_invalid_response,
346 http_origin_shutdown_release_invalid_request,
347 http_origin_shutdown_release_modified,
348 http_origin_shutdown_release_misc,
349 http_origin_shutdown_cleanup_entry,
350 http_origin_shutdown_tunnel_abort,
351
352 http_dead_server_no_requests,
353
354 http_stat_count
355 };
356
357 enum CacheOpenWriteFailAction_t {
358 CACHE_WL_FAIL_ACTION_DEFAULT = 0x00,
359 CACHE_WL_FAIL_ACTION_ERROR_ON_MISS = 0x01,
360 CACHE_WL_FAIL_ACTION_STALE_ON_REVALIDATE = 0x02,
361 CACHE_WL_FAIL_ACTION_ERROR_ON_MISS_STALE_ON_REVALIDATE = 0x03,
362 CACHE_WL_FAIL_ACTION_ERROR_ON_MISS_OR_REVALIDATE = 0x04,
363 CACHE_WL_FAIL_ACTION_READ_RETRY = 0x05,
364 TOTAL_CACHE_WL_FAIL_ACTION_TYPES
365 };
366
367 extern RecRawStatBlock *http_rsb;
368
369 /* Stats should only be accessed using these macros */
370 #define HTTP_INCREMENT_DYN_STAT(x) RecIncrRawStat(http_rsb, this_ethread(), (int)x, 1)
371 #define HTTP_DECREMENT_DYN_STAT(x) RecIncrRawStat(http_rsb, this_ethread(), (int)x, -1)
372 #define HTTP_SUM_DYN_STAT(x, y) RecIncrRawStat(http_rsb, this_ethread(), (int)x, (int64_t)y)
373 #define HTTP_SUM_GLOBAL_DYN_STAT(x, y) RecIncrGlobalRawStatSum(http_rsb, x, y)
374
375 #define HTTP_CLEAR_DYN_STAT(x) \
376 do { \
377 RecSetRawStatSum(http_rsb, x, 0); \
378 RecSetRawStatCount(http_rsb, x, 0); \
379 } while (0);
380
381 #define HTTP_READ_DYN_SUM(x, S) RecGetRawStatSum(http_rsb, (int)x, &S) // This aggregates threads too
382 #define HTTP_READ_GLOBAL_DYN_SUM(x, S) RecGetGlobalRawStatSum(http_rsb, (int)x, &S)
383
384 /////////////////////////////////////////////////////////////
385 //
386 // struct HttpConfigPortRange
387 //
388 // configuration parameters for a range of valid SSL ports
389 // if "low" == "high" a single port is part of this range
390 // if "low" == "high" == -1 any port number is allowed
391 // (corresponds to a "*" in the config file)
392 /////////////////////////////////////////////////////////////
393 struct HttpConfigPortRange {
394 int low = 0;
395 int high = 0;
396 HttpConfigPortRange *next = nullptr;
397
HttpConfigPortRangeHttpConfigPortRange398 HttpConfigPortRange() {}
~HttpConfigPortRangeHttpConfigPortRange399 ~HttpConfigPortRange()
400 {
401 if (next)
402 delete next;
403 }
404 };
405
406 namespace HttpForwarded
407 {
408 // Options for what parameters will be included in "Forwarded" field header.
409 //
410 enum Option {
411 FOR,
412 BY_IP, // by=<numeric IP address>.
413 BY_UNKNOWN, // by=unknown.
414 BY_SERVER_NAME, // by=<configured server name>.
415 BY_UUID, // Obfuscated value for by, by=_<UUID>.
416 PROTO, // Basic protocol (http, https) of incoming message.
417 HOST, // Host from URL before any remapping.
418 CONNECTION_COMPACT, // Same value as 'proto' parameter.
419 CONNECTION_STD, // Verbose protocol from Via: field, with dashes instead of spaces.
420 CONNECTION_FULL, // Ultra-verbose protocol from Via: field, with dashes instead of spaces.
421
422 NUM_OPTIONS // Number of options.
423 };
424
425 using OptionBitSet = std::bitset<NUM_OPTIONS>;
426
427 // Converts string specifier for Forwarded options to bitset of options, and return the result. If there are errors, an error
428 // message will be inserted into 'error'.
429 //
430 OptionBitSet optStrToBitset(std::string_view optConfigStr, ts::FixedBufferWriter &error);
431
432 } // namespace HttpForwarded
433
434 namespace RedirectEnabled
435 {
436 enum class AddressClass {
437 INVALID = -1,
438 DEFAULT,
439 PRIVATE,
440 LOOPBACK,
441 MULTICAST,
442 LINKLOCAL,
443 ROUTABLE,
444 SELF,
445 };
446
447 enum class Action {
448 INVALID = -1,
449 RETURN,
450 REJECT,
451 FOLLOW,
452 };
453
454 static std::map<std::string, AddressClass> address_class_map = {
455 {"default", AddressClass::DEFAULT}, {"private", AddressClass::PRIVATE}, {"loopback", AddressClass::LOOPBACK},
456 {"multicast", AddressClass::MULTICAST}, {"linklocal", AddressClass::LINKLOCAL}, {"routable", AddressClass::ROUTABLE},
457 {"self", AddressClass::SELF},
458 };
459
460 static std::map<std::string, Action> action_map = {
461 {"return", Action::RETURN},
462 {"reject", Action::REJECT},
463 {"follow", Action::FOLLOW},
464 };
465 } // namespace RedirectEnabled
466
467 /////////////////////////////////////////////////////////////
468 // This is a little helper class, used by the HttpConfigParams
469 // and State (txn) structure. It allows for certain configs
470 // to be overridable per transaction more easily.
471 struct OverridableHttpConfigParams {
OverridableHttpConfigParamsOverridableHttpConfigParams472 OverridableHttpConfigParams() : insert_forwarded(HttpForwarded::OptionBitSet()) {}
473
474 // A simple rules here:
475 // * Place all MgmtByte configs before all other configs
476 MgmtByte maintain_pristine_host_hdr = 1;
477 MgmtByte chunking_enabled = 1;
478
479 ////////////////////////////////
480 // Negative Response Caching //
481 ////////////////////////////////
482 MgmtByte negative_caching_enabled = 0;
483 MgmtByte negative_revalidating_enabled = 0;
484
485 MgmtByte cache_when_to_revalidate = 0;
486
487 MgmtByte keep_alive_enabled_in = 1;
488 MgmtByte keep_alive_enabled_out = 1;
489 MgmtByte keep_alive_post_out = 1; // share server sessions for post
490
491 MgmtInt server_min_keep_alive_conns = 0;
492 MgmtByte server_session_sharing_match = 0;
493 char *server_session_sharing_match_str = nullptr;
494 MgmtByte auth_server_session_private = 1;
495 MgmtByte fwd_proxy_auth_to_parent = 0;
496 MgmtByte uncacheable_requests_bypass_parent = 1;
497 MgmtByte attach_server_session_to_client = 0;
498
499 MgmtByte forward_connect_method = 0;
500
501 MgmtByte insert_age_in_response = 1;
502
503 ///////////////////////////////////////////////////////////////////
504 // Privacy: fields which are removed from the user agent request //
505 ///////////////////////////////////////////////////////////////////
506 MgmtByte anonymize_remove_from = 0;
507 MgmtByte anonymize_remove_referer = 0;
508 MgmtByte anonymize_remove_user_agent = 0;
509 MgmtByte anonymize_remove_cookie = 0;
510 MgmtByte anonymize_remove_client_ip = 0;
511 MgmtByte anonymize_insert_client_ip = 1;
512
513 MgmtByte proxy_response_server_enabled = 1;
514 MgmtByte proxy_response_hsts_include_subdomains = 0;
515
516 /////////////////////
517 // X-Forwarded-For //
518 /////////////////////
519 MgmtByte insert_squid_x_forwarded_for = 1;
520
521 ///////////////
522 // Forwarded //
523 ///////////////
524 HttpForwarded::OptionBitSet insert_forwarded;
525 MgmtInt proxy_protocol_out = -1;
526
527 //////////////////////
528 // Version Hell //
529 //////////////////////
530 MgmtByte send_http11_requests = 1;
531
532 ///////////////////
533 // cache control //
534 ///////////////////
535 MgmtByte cache_http = 1;
536 MgmtByte cache_ignore_client_no_cache = 1;
537 MgmtByte cache_ignore_client_cc_max_age = 0;
538 MgmtByte cache_ims_on_client_no_cache = 1;
539 MgmtByte cache_ignore_server_no_cache = 0;
540 MgmtByte cache_responses_to_cookies = 1;
541 MgmtByte cache_ignore_auth = 0;
542 MgmtByte cache_urls_that_look_dynamic = 1;
543 MgmtByte cache_required_headers = 2;
544 MgmtByte cache_range_lookup = 1;
545 MgmtByte cache_range_write = 0;
546 MgmtByte allow_multi_range = 0;
547
548 MgmtByte ignore_accept_mismatch = 0;
549 MgmtByte ignore_accept_language_mismatch = 0;
550 MgmtByte ignore_accept_encoding_mismatch = 0;
551 MgmtByte ignore_accept_charset_mismatch = 0;
552
553 MgmtByte insert_request_via_string = 1;
554 MgmtByte insert_response_via_string = 0;
555
556 //////////////////////
557 // DOC IN CACHE NO DNS//
558 //////////////////////
559 MgmtByte doc_in_cache_skip_dns = 1;
560 MgmtByte flow_control_enabled = 0;
561
562 ////////////////////////////////
563 // Optimize gzip alternates //
564 ////////////////////////////////
565 MgmtByte normalize_ae = 0;
566
567 //////////////////////////
568 // hostdb/dns variables //
569 //////////////////////////
570 MgmtByte srv_enabled = 0;
571 MgmtByte parent_failures_update_hostdb = 0;
572
573 MgmtByte cache_open_write_fail_action = 0;
574
575 ////////////////////////
576 // Check Post request //
577 ////////////////////////
578 MgmtByte post_check_content_length_enabled = 1;
579
580 ////////////////////////////////////////////////
581 // Buffer post body before connecting servers //
582 ////////////////////////////////////////////////
583 MgmtByte request_buffer_enabled = 0;
584
585 /////////////////////////////////////////////////
586 // Keep connection open after client sends FIN //
587 /////////////////////////////////////////////////
588 MgmtByte allow_half_open = 1;
589
590 //////////////////////////////
591 // server verification mode //
592 //////////////////////////////
593 MgmtByte ssl_client_verify_server = 0;
594 char *ssl_client_verify_server_policy = nullptr;
595 char *ssl_client_verify_server_properties = nullptr;
596 char *ssl_client_sni_policy = nullptr;
597
598 //////////////////
599 // Redirection //
600 //////////////////
601 MgmtByte redirect_use_orig_cache_key = 0;
602 MgmtInt number_of_redirections = 0;
603
604 MgmtInt proxy_response_hsts_max_age = -1;
605
606 ////////////////////////////////
607 // Negative cache lifetimes //
608 ////////////////////////////////
609 MgmtInt negative_caching_lifetime = 1800;
610 MgmtInt negative_revalidating_lifetime = 1800;
611
612 ///////////////////////////////////////
613 // origin server connection settings //
614 ///////////////////////////////////////
615 MgmtInt sock_recv_buffer_size_out = 0;
616 MgmtInt sock_send_buffer_size_out = 0;
617 MgmtInt sock_option_flag_out = 0;
618 MgmtInt sock_packet_mark_out = 0;
619 MgmtInt sock_packet_tos_out = 0;
620
621 ///////////////
622 // Hdr Limit //
623 ///////////////
624 MgmtInt request_hdr_max_size = 131072;
625 MgmtInt response_hdr_max_size = 131072;
626
627 /////////////////////
628 // cache variables //
629 /////////////////////
630 MgmtInt cache_heuristic_min_lifetime = 3600;
631 MgmtInt cache_heuristic_max_lifetime = 86400;
632 MgmtInt cache_guaranteed_min_lifetime = 0;
633 MgmtInt cache_guaranteed_max_lifetime = 31536000;
634 MgmtInt cache_max_stale_age = 604800;
635
636 ///////////////////////////////////////////////////
637 // connection variables. timeouts are in seconds //
638 ///////////////////////////////////////////////////
639 MgmtInt keep_alive_no_activity_timeout_in = 120;
640 MgmtInt keep_alive_no_activity_timeout_out = 120;
641 MgmtInt transaction_no_activity_timeout_in = 30;
642 MgmtInt transaction_no_activity_timeout_out = 30;
643 MgmtInt transaction_active_timeout_out = 0;
644 MgmtInt transaction_active_timeout_in = 900;
645 MgmtInt websocket_active_timeout = 3600;
646 MgmtInt websocket_inactive_timeout = 600;
647
648 ////////////////////////////////////
649 // origin server connect attempts //
650 ////////////////////////////////////
651 MgmtInt connect_attempts_max_retries = 0;
652 MgmtInt connect_attempts_max_retries_dead_server = 3;
653 MgmtInt connect_attempts_rr_retries = 3;
654 MgmtInt connect_attempts_timeout = 30;
655 MgmtInt post_connect_attempts_timeout = 1800;
656
657 MgmtInt connect_dead_policy = 2;
658
659 ////////////////////////////////////
660 // parent proxy connect attempts //
661 ///////////////////////////////////
662 MgmtInt parent_connect_attempts = 4;
663 MgmtInt parent_retry_time = 300;
664 MgmtInt parent_fail_threshold = 10;
665 MgmtInt per_parent_connect_attempts = 2;
666 MgmtInt parent_connect_timeout = 30;
667
668 MgmtInt down_server_timeout = 300;
669 MgmtInt client_abort_threshold = 1000;
670
671 // open read failure retries.
672 MgmtInt max_cache_open_read_retries = -1;
673 MgmtInt cache_open_read_retry_time = 10; // time is in mseconds
674 MgmtInt cache_generation_number = -1;
675
676 // open write failure retries.
677 MgmtInt max_cache_open_write_retries = 1;
678
679 MgmtInt background_fill_active_timeout = 60;
680
681 MgmtInt http_chunking_size = 4096; // Maximum chunk size for chunked output.
682 MgmtInt flow_high_water_mark = 0; ///< Flow control high water mark.
683 MgmtInt flow_low_water_mark = 0; ///< Flow control low water mark.
684
685 MgmtInt default_buffer_size_index = 8;
686 MgmtInt default_buffer_water_mark = 32768;
687 MgmtInt slow_log_threshold = 0;
688
689 OutboundConnTrack::TxnConfig outbound_conntrack;
690
691 ///////////////////////////////////////////////////////////////////
692 // Server header //
693 ///////////////////////////////////////////////////////////////////
694 char *body_factory_template_base = nullptr;
695 size_t body_factory_template_base_len = 0;
696 char *proxy_response_server_string = nullptr; // This does not get free'd by us!
697 size_t proxy_response_server_string_len = 0; // Updated when server_string is set.
698
699 ///////////////////////////////////////////////////////////////////
700 // Global User Agent header //
701 ///////////////////////////////////////////////////////////////////
702 char *global_user_agent_header = nullptr; // This does not get free'd by us!
703 size_t global_user_agent_header_size = 0; // Updated when user_agent is set.
704
705 MgmtFloat cache_heuristic_lm_factor = 0.10;
706 MgmtFloat background_fill_threshold = 0.5;
707
708 // Various strings, good place for them here ...
709 char *ssl_client_cert_filename = nullptr;
710 char *ssl_client_private_key_filename = nullptr;
711 char *ssl_client_ca_cert_filename = nullptr;
712
713 // Host Resolution order
714 HostResData host_res_data;
715 };
716
717 /////////////////////////////////////////////////////////////
718 //
719 // struct HttpConfigParams
720 //
721 // configuration parameters as they appear in the global
722 // configuration file.
723 /////////////////////////////////////////////////////////////
724 struct HttpConfigParams : public ConfigInfo {
725 public:
726 HttpConfigParams();
727 ~HttpConfigParams() override;
728
729 enum {
730 CACHE_REQUIRED_HEADERS_NONE = 0,
731 CACHE_REQUIRED_HEADERS_AT_LEAST_LAST_MODIFIED = 1,
732 CACHE_REQUIRED_HEADERS_CACHE_CONTROL = 2
733 };
734
735 enum {
736 SEND_HTTP11_NEVER = 0,
737 SEND_HTTP11_ALWAYS = 1,
738 SEND_HTTP11_UPGRADE_HOSTDB = 2,
739 SEND_HTTP11_IF_REQUEST_11_AND_HOSTDB = 3,
740 };
741
742 public:
743 IpAddr inbound_ip4, inbound_ip6;
744 IpAddr outbound_ip4, outbound_ip6;
745 IpAddr proxy_protocol_ip4, proxy_protocol_ip6;
746 IpMap config_proxy_protocol_ipmap;
747
748 MgmtInt server_max_connections = 0;
749 MgmtInt max_websocket_connections = -1;
750
751 char *proxy_request_via_string = nullptr;
752 char *proxy_response_via_string = nullptr;
753 int proxy_request_via_string_len = 0;
754 int proxy_response_via_string_len = 0;
755
756 MgmtInt accept_no_activity_timeout = 120;
757
758 ///////////////////////////////////////////////////////////////////
759 // Privacy: fields which are removed from the user agent request //
760 ///////////////////////////////////////////////////////////////////
761 char *anonymize_other_header_list = nullptr;
762
763 ////////////////////////////////////////////
764 // CONNECT ports (used to be == ssl_ports //
765 ////////////////////////////////////////////
766 char *connect_ports_string = nullptr;
767 HttpConfigPortRange *connect_ports = nullptr;
768
769 char *reverse_proxy_no_host_redirect = nullptr;
770 char *proxy_hostname = nullptr;
771 int reverse_proxy_no_host_redirect_len = 0;
772 int proxy_hostname_len = 0;
773
774 MgmtInt post_copy_size = 2048;
775 MgmtInt max_post_size = 0;
776
777 MgmtInt max_payload_iobuf_index = BUFFER_SIZE_INDEX_32K;
778 MgmtInt max_msg_iobuf_index = BUFFER_SIZE_INDEX_32K;
779
780 char *redirect_actions_string = nullptr;
781 IpMap *redirect_actions_map = nullptr;
782 RedirectEnabled::Action redirect_actions_self_action = RedirectEnabled::Action::INVALID;
783
784 ///////////////////////////////////////////////////////////////////
785 // Put all MgmtByte members down here, avoids additional padding //
786 ///////////////////////////////////////////////////////////////////
787 MgmtByte disable_ssl_parenting = 0;
788
789 MgmtByte no_dns_forward_to_parent = 0;
790 MgmtByte no_origin_server_dns = 0;
791 MgmtByte use_client_target_addr = 0;
792 MgmtByte use_client_source_port = 0;
793
794 MgmtByte enable_http_stats = 1; // Can be "slow"
795
796 MgmtByte cache_post_method = 0;
797
798 MgmtByte push_method_enabled = 0;
799
800 MgmtByte referer_filter_enabled = 0;
801 MgmtByte referer_format_redirect = 0;
802
803 MgmtByte strict_uri_parsing = 0;
804
805 MgmtByte reverse_proxy_enabled = 0;
806 MgmtByte url_remap_required = 1;
807
808 MgmtByte errors_log_error_pages = 1;
809 MgmtByte enable_http_info = 0;
810
811 MgmtByte redirection_host_no_port = 1;
812
813 MgmtByte send_100_continue_response = 0;
814 MgmtByte disallow_post_100_continue = 0;
815 MgmtByte keepalive_internal_vc = 0;
816
817 MgmtByte server_session_sharing_pool = TS_SERVER_SESSION_SHARING_POOL_THREAD;
818
819 OutboundConnTrack::GlobalConfig outbound_conntrack;
820
821 // bitset to hold the status codes that will BE cached with negative caching enabled
822 HttpStatusBitset negative_caching_list;
823
824 // All the overridable configurations goes into this class member, but they
825 // are not copied over until needed ("lazy").
826 OverridableHttpConfigParams oride;
827
828 MgmtInt body_factory_response_max_size = 8192;
829
830 MgmtInt http_request_line_max_size = 65535;
831 MgmtInt http_hdr_field_max_size = 131070;
832
833 MgmtByte http_host_sni_policy = 0;
834
835 // noncopyable
836 /////////////////////////////////////
837 // operator = and copy constructor //
838 /////////////////////////////////////
839 HttpConfigParams(const HttpConfigParams &) = delete;
840 HttpConfigParams &operator=(const HttpConfigParams &) = delete;
841 };
842
843 /////////////////////////////////////////////////////////////
844 //
845 // class HttpConfig
846 //
847 /////////////////////////////////////////////////////////////
848 class HttpConfig
849 {
850 public:
851 static void startup();
852
853 static void reconfigure();
854
855 inkcoreapi static HttpConfigParams *acquire();
856 inkcoreapi static void release(HttpConfigParams *params);
857
858 static bool load_server_session_sharing_match(const char *key, MgmtByte &mask);
859
860 // parse ssl ports configuration string
861 static HttpConfigPortRange *parse_ports_list(char *ports_str);
862
863 // parse redirect configuration string
864 static IpMap *parse_redirect_actions(char *redirect_actions_string, RedirectEnabled::Action &self_action);
865
866 public:
867 static int m_id;
868 static HttpConfigParams m_master;
869 };
870
871 /////////////////////////////////////////////////////////////
872 /////////////////////////////////////////////////////////////
873 //
874 // inline functions
875 //
876 /////////////////////////////////////////////////////////////
877 /////////////////////////////////////////////////////////////
HttpConfigParams()878 inline HttpConfigParams::HttpConfigParams() {}
879
~HttpConfigParams()880 inline HttpConfigParams::~HttpConfigParams()
881 {
882 ats_free(proxy_hostname);
883 ats_free(proxy_request_via_string);
884 ats_free(proxy_response_via_string);
885 ats_free(anonymize_other_header_list);
886 ats_free(oride.body_factory_template_base);
887 ats_free(oride.server_session_sharing_match_str);
888 ats_free(oride.proxy_response_server_string);
889 ats_free(oride.global_user_agent_header);
890 ats_free(oride.ssl_client_cert_filename);
891 ats_free(oride.ssl_client_private_key_filename);
892 ats_free(oride.ssl_client_ca_cert_filename);
893 ats_free(connect_ports_string);
894 ats_free(reverse_proxy_no_host_redirect);
895 ats_free(redirect_actions_string);
896 ats_free(oride.ssl_client_sni_policy);
897 ats_free(oride.host_res_data.conf_value);
898
899 delete connect_ports;
900 delete redirect_actions_map;
901 }
902
903 /** Enable a dynamic configuration variable.
904 *
905 * @param name Configuration var name.
906 * @param cb Callback to do the actual update of the master record.
907 * @param cookie Extra data for @a cb
908 *
909 * The purpose of this is to unite the different ways and times a configuration variable needs
910 * to be loaded. These are
911 * - Process start.
912 * - Dynamic update.
913 * - Plugin API update.
914 *
915 * @a cb is expected to perform the update. It must return a @c bool which is
916 * - @c true if the value was changed.
917 * - @c false if the value was not changed.
918 *
919 * Based on that, a run time configuration update is triggered or not.
920 *
921 * In addition, this invokes @a cb and passes it the information in the configuration variable
922 * global table in order to perform the initial loading of the value. No update is triggered for
923 * that call as it is not needed.
924 *
925 */
926 extern void Enable_Config_Var(std::string_view const &name, bool (*cb)(const char *, RecDataT, RecData, void *), void *cookie);
927