835c6c2001-06-17Martin Nilsson // This file is part of Roxen WebServer.
f41b982009-05-07Martin Stjernholm // Copyright © 1996 - 2009, Roxen IS.
0917d32013-03-04Anders Johansson // $Id$
e35de22000-03-10Martin Nilsson 
835c6c2001-06-17Martin Nilsson // #pragma strict_types
55a8662000-11-20Per Hedbor #define DEFVAR mixed...:object #define BDEFVAR mixed...:object
24c6c12000-02-20Martin Nilsson 
55a8662000-11-20Per Hedbor #define IN_ROXEN
690adf1999-08-30Per Hedbor #include <module.h> inherit "read_config";
3bb11d2000-07-09Per Hedbor inherit "basic_defvar";
7d2baf2000-02-02Martin Stjernholm #include <version.h>
23414a2000-07-21Andreas Lange //<locale-token project="roxen_config">LOCALE</locale-token> #define LOCALE(X,Y) _DEF_LOCALE("roxen_config",X,Y)
f498ed2000-07-11Martin Nilsson 
3bb11d2000-07-09Per Hedbor mixed save() { store( "Variables", variables, 0, 0 ); }
690adf1999-08-30Per Hedbor // The following three functions are used to hide variables when they // are not used. This makes the user-interface clearer and quite a lot // less clobbered.
f4b6251999-09-02Per Hedbor 
8552d92001-01-13Martin Nilsson private int(0..1) cache_disabled_p() { return !query("cache"); } private int(0..1) ident_disabled_p() { return [int(0..1)]query("default_ident"); }
d4a3f52014-05-12Henrik Grubbström (Grubba) #if constant(syslog)
3b6d0e2009-04-23Jonas Wallden private int(0..1) syslog_disabled() { return query("LogA")!="syslog"; } #endif
690adf1999-08-30Per Hedbor 
fc40392008-08-15Martin Stjernholm protected void cdt_changed (Variable.Variable v);
0be3252008-09-25Martin Stjernholm void slow_req_count_changed(); void slow_req_timeout_changed();
f931d72008-09-29Martin Stjernholm void slow_be_timeout_changed();
0778da2006-10-27Martin Stjernholm 
6897c92001-06-27Honza Petrous #ifdef SNMP_AGENT private int(0..1) snmp_disabled() { return !query("snmp_agent"); }
6f669a2001-08-14Honza Petrous private string snmp_get_cif_domain() { //return(Standards.URI(roxenp()->configurations[0]->get_url()||"http://0.0.0.0")->host); return(""); }
6897c92001-06-27Honza Petrous #endif
934b3f2000-02-04Per Hedbor 
434bac2000-07-14Andreas Lange // And why put these functions here, you might righfully ask.
934b3f2000-02-04Per Hedbor  // The answer is that there is actually a reason for it, it's for // performance reasons. This file is dumped to a .o file, roxen.pike // is not.
3e3bab2001-01-19Per Hedbor void set_up_hilfe_variables( Protocol o )
e056e92000-10-19Per Hedbor {
de4b592001-01-21Martin Nilsson  function(DEFVAR) defvar = o->defvar;
e056e92000-10-19Per Hedbor  defvar( "require_auth", 1,
55a8662000-11-20Per Hedbor  LOCALE(309,"Require user with the 'hilfe' permission"), TYPE_FLAG, LOCALE(310,"If yes, require a user with the hilfe permission "
e056e92000-10-19Per Hedbor  "set, otherwise, any configuration interface user will "
edab552002-01-11Henrik Grubbström (Grubba)  "be allowed, even one with only the view settings permission." ) );
e056e92000-10-19Per Hedbor }
934b3f2000-02-04Per Hedbor 
ee13d02008-02-05Henrik Grubbström (Grubba) #if 0 void set_up_snmp_variables( Protocol o ) { function(DEFVAR) defvar = o->defvar; defvar("snmp_community", ({"public:ro"}), "Community string", TYPE_STRING_LIST, "One community name per line. Default permissions are 'read-only'. " "'Read-write' permissions can be specified by appending :rw to the " "community name (for example mypub:rw)."); /* defvar("snmp_mode", "smart", "Agent mode", TYPE_STRING_LIST, "Standard SNMP server mode, muxed SNMP mode, " "proxy, agentx or automatic (smart) mode.", ({"smart", "agent", "agentx", "smux", "proxy" })); */ defvar("snmp_global_traphosts", ({}),"Trap destinations", TYPE_STRING_LIST, "The SNMP traphost URL for sending common traps (like coldstart)."); defvar("snmp_syscontact","","System MIB: Contact", TYPE_STRING, "The textual identification of the contact person for this managed " "node, together with information on how to contact this person."); defvar("snmp_sysname","","System MIB: Name", TYPE_STRING, "An administratively-assigned name for this managed node. By " "convention, this is the node's fully-qualified domain name."); defvar("snmp_syslocation","","System MIB: Location", TYPE_STRING, "The physical location of this node (e.g., `telephone closet, 3rd " "floor')."); defvar("snmp_sysservices",72,"System MIB: Services", TYPE_INT, "A value which indicates the set of services that this entity " "primarily offers."); #if 0 defvar("site_id", 0,
82c0202009-03-17Jonas Wallden  LOCALE(1012, "SNMP sub-MIB"), TYPE_INT, LOCALE(1013, "MIB suffix to 1.3.6.1.4.1.8614.1.1.2 "
ee13d02008-02-05Henrik Grubbström (Grubba)  "identifying this site.")); #endif /* 0 */ } #endif /* 0 */
934b3f2000-02-04Per Hedbor 
3e3bab2001-01-19Per Hedbor void set_up_ftp_variables( Protocol o )
934b3f2000-02-04Per Hedbor {
de4b592001-01-21Martin Nilsson  function(DEFVAR) defvar = o->defvar;
934b3f2000-02-04Per Hedbor  defvar( "FTPWelcome", " +------------------------------------------------\n" " +-- Welcome to the Roxen FTP server ---\n" " +------------------------------------------------\n",
23414a2000-07-21Andreas Lange  LOCALE(60, "Welcome text"), TYPE_TEXT,
edab552002-01-11Henrik Grubbström (Grubba)  LOCALE(61, "The text shown to the user on connect.") );
934b3f2000-02-04Per Hedbor 
23414a2000-07-21Andreas Lange  defvar( "ftp_user_session_limit", 0, LOCALE(62, "User session limit"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(63, "The maximum number of times a user can connect at once."
f498ed2000-07-11Martin Nilsson  " 0 means unlimited.") );
934b3f2000-02-04Per Hedbor 
23414a2000-07-21Andreas Lange  defvar( "named_ftp", 1, LOCALE(64, "Allow named ftp"), TYPE_FLAG,
9b17bb2003-11-26Henrik Grubbström (Grubba)  LOCALE(65, "If yes, non-anonymous users can connect. " "Note that for password authentication to be performed " "you will need to have the \"Authentication: Password\" " "module in your site.") );
934b3f2000-02-04Per Hedbor 
434bac2000-07-14Andreas Lange  defvar( "guest_ftp", 1,
23414a2000-07-21Andreas Lange  LOCALE(66, "Allow login with incorrect password/user"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(67, "If yes, users can connect with the wrong password "
434bac2000-07-14Andreas Lange  "and/or username. This is useful since things like .htaccess " "files can later on authenticate the user."));
934b3f2000-02-04Per Hedbor 
23414a2000-07-21Andreas Lange  defvar( "anonymous_ftp", 1, LOCALE(68, "Allow anonymous ftp"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
edab552002-01-11Henrik Grubbström (Grubba)  LOCALE(69, "If yes, anonymous users are allowed to connect.") );
934b3f2000-02-04Per Hedbor 
23414a2000-07-21Andreas Lange  defvar( "shells", "", LOCALE(70, "Shell database"),
434bac2000-07-14Andreas Lange  TYPE_FILE,
23414a2000-07-21Andreas Lange  LOCALE(71, "If this string is set to anything but the empty string, "
f4420e2002-01-11Henrik Grubbström (Grubba)  "it should specify a file containing a list of valid shells. " "Users with shells that are not in this list will not "
f498ed2000-07-11Martin Nilsson  "be allowed to log in.") );
965a6d2001-04-14Henrik Grubbström (Grubba) 
89d1d82001-05-16Martin Nilsson  defvar( "passive_port_min", 0, LOCALE(257, "Passive port minimum"),
965a6d2001-04-14Henrik Grubbström (Grubba)  TYPE_INT,
89d1d82001-05-16Martin Nilsson  LOCALE(320, "Minimum port number to use in the PASV/EPSV response."));
965a6d2001-04-14Henrik Grubbström (Grubba) 
89d1d82001-05-16Martin Nilsson  defvar( "passive_port_max", 65535, LOCALE(321, "Passive port maximum"),
965a6d2001-04-14Henrik Grubbström (Grubba)  TYPE_INT,
89d1d82001-05-16Martin Nilsson  LOCALE(322, "Maximum port number to use in the PASV/EPSV response."));
e3d2ec2005-04-25Henrik Grubbström (Grubba) 
88c3c42020-10-20Henrik Grubbström (Grubba)  defvar( "passive_public_address", "", LOCALE(0, "Passive public address"), TYPE_STRING, LOCALE(0, "<p>IP address to report in <b>PASV</b> reply.</p>\n" "<p>If the server is behind a network address translation " "(NAT) layer, it may not be possible for clients to connect " "to the local IP for the port. In that case, set the public " "IP or host name here.</p>\n" "<p>If left empty the local IP for the client connection " "will be used.</p>\n" "<p>Note: Only relevant for IPv4 as IPv6 " "uses <b>EPSV</b>.</p>\n"));
359cc02005-09-30Anders Johansson  defvar( "rfc2428_support", 1, LOCALE(518, "Support EPRT/EPSV"),
e3d2ec2005-04-25Henrik Grubbström (Grubba)  TYPE_FLAG,
359cc02005-09-30Anders Johansson  LOCALE(528, "Enable support for the EPRT and EPSV commands (RFC2428)."
e3d2ec2005-04-25Henrik Grubbström (Grubba)  "Some firewalls don't handle these commands properly, " "so depending on your network configuration you may need " "to disable them. "));
29eaa12014-08-08Henrik Grubbström (Grubba) 
15b8a42014-08-11Henrik Grubbström (Grubba)  defvar( "require_starttls", Variable.IntChoice (0, ([ -1: "Disabled", 0: "Optional", 1: "Required", ]), 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1078, "AUTH TLS"), LOCALE(1079, "Whether to require the AUTH TLS command (RFC4217) "
15b8a42014-08-11Henrik Grubbström (Grubba)  "before login.")));
934b3f2000-02-04Per Hedbor }
bc0dec2001-08-05Martin Nilsson void set_up_http_variables( Protocol o )
934b3f2000-02-04Per Hedbor {
de4b592001-01-21Martin Nilsson  function(DEFVAR) defvar = o->defvar;
472b152000-02-08Per Hedbor 
3ea9f32001-01-29Per Hedbor  function do_set_cookie(Protocol o) { return lambda() { return o->query("set_cookie") == 0; }; };
90c12c2019-04-03Henrik Grubbström (Grubba)  defvar("request_data_max", 0, LOCALE(0, "Request data size limit"), TYPE_INT,
4021312019-04-05Henrik Grubbström (Grubba)  LOCALE(0, "<p>The maximum amount of data in kilobytes that a "
90c12c2019-04-03Henrik Grubbström (Grubba)  "request may contain before being rejected.</p>\n" "<p>Set to <tt>0</tt> (zero) to disable.</p>")) ->set_range(0, Variable.no_limit);
d21e382001-06-01Jonas Wallden  defvar( "minimum_bitrate", 0, LOCALE(205, "Minimum allowed bitrate" ),
9c19002001-02-27Per Hedbor  TYPE_INT,
b7bf512001-08-20Per Hedbor  LOCALE(215, "The minimum allowed bitrate, in bits/second. If the "
9c19002001-02-27Per Hedbor  "client is slower than this set bitrate, it will be " "disconnected (after a timeout). Setting this higher than "
b7bf512001-08-20Per Hedbor  "14000 is not recommended if you have modem users."));
9c19002001-02-27Per Hedbor 
fff9e52002-04-24Martin Stjernholm  defvar("show_internals", 0, LOCALE(72, "Show internal errors"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(73, "Show 'Internal server error' messages to the user. "
f498ed2000-07-11Martin Nilsson  "This is very useful if you are debugging your own modules " "or writing Pike scripts."));
472b152000-02-08Per Hedbor 
dddb612001-09-29Martin Nilsson  defvar("set_cookie", 0, LOCALE(74, "Logging: Set unique browser id cookies"),
bc0dec2001-08-05Martin Nilsson  TYPE_FLAG,
4ed0992003-01-15Henrik Grubbström (Grubba)  LOCALE(75, "If set to Yes, all clients that accept cookies will get "
dddb612001-09-29Martin Nilsson  "a unique 'user-id-cookie', which can then be used in the log " "and in scripts to track individual users."));
472b152000-02-08Per Hedbor 
bc0dec2001-08-05Martin Nilsson  defvar("set_cookie_only_once", 1, LOCALE(76, "Logging: Set ID cookies only once"), TYPE_FLAG,
dddb612001-09-29Martin Nilsson  LOCALE(77, "If set to Yes, Roxen will attempt to set unique browser "
bc0dec2001-08-05Martin Nilsson  "ID cookies only upon receiving the first request (and " "again after some minutes). Thus, if the user doesn't allow " "the cookie to be set, she won't be bothered with " "multiple requests."),0, do_set_cookie( o ));
472b152000-02-08Per Hedbor }
1003002015-07-14Henrik Grubbström (Grubba) protected int hide_if_empty(RequestID id, Variable.Variable var) {
1407d02017-10-30Henrik Grubbström (Grubba)  return !sizeof(var->query());
1003002015-07-14Henrik Grubbström (Grubba) }
8a679c2018-10-11Henrik Grubbström (Grubba) protected void update_ssl_suite_filter_default(Variable.Variable var) { int val = var->query(); if (!val || (val & 16)) {
d66aaf2018-10-11Henrik Grubbström (Grubba)  if (val && !(val & 4)) {
6c4e672018-10-11Henrik Grubbström (Grubba)  var->set_warning(LOCALE(1155, "Warning: RSA-encryption enabled."));
d66aaf2018-10-11Henrik Grubbström (Grubba)  }
8a679c2018-10-11Henrik Grubbström (Grubba)  return; } val |= 16; // Upgrade marker. if (!val & 4) { val |= 4; // Change default to ephemeral. } var->low_set(val); }
3e3bab2001-01-19Per Hedbor void set_up_ssl_variables( Protocol o )
472b152000-02-08Per Hedbor {
de4b592001-01-21Martin Nilsson  function(DEFVAR) defvar = o->defvar;
472b152000-02-08Per Hedbor 
e09f992020-04-29Henrik Grubbström (Grubba)  defvar( "ssl_certs", o->CertificateKeyChoiceVariable
1407d02017-10-30Henrik Grubbström (Grubba)  (VAR_NO_DEFAULT,
ddad052017-12-20Karl Gustav Sterneberg  LOCALE(1125, "SSL/TLS Certificate(s)"), LOCALE(1126, "<p>The TLS certificate(s) to use.</p>\n"
2ad4422017-11-07Henrik Grubbström (Grubba)  "<p>Certificate and key files matching the " "<b>Global Variables/Settings/Certificate and "
a05b312017-11-09Henrik Grubbström (Grubba)  "Private Key Globs</b> setting "
2ad4422017-11-07Henrik Grubbström (Grubba)  "are automatically imported and valid " "combinations are listed above.</p>\n" "<p>At least one certificate must be selected.</p>\n" "<p>The Server Name Indication (SNI) extension sent by the " "TLS client will be used to choose a specific certificate " "for the connection from the set selected here.</p>\n" )));
1407d02017-10-30Henrik Grubbström (Grubba)  #if 1
e09f992020-04-29Henrik Grubbström (Grubba)  // Not so old-style SSL Certificate variables. // FIXME: Keep these around for at least a several major versions (15 years?). defvar("ssl_keys", Variable.IntChoice(({}), ({}), VAR_INVISIBLE, "SSL/TLS Keypair identifiers", ""));
1407d02017-10-30Henrik Grubbström (Grubba)  // Old-style SSL Certificate variables. // FIXME: Keep these around for at least a few major versions (10 years?).
85fbbc2004-08-19Henrik Grubbström (Grubba)  defvar( "ssl_cert_file", o->CertificateListVariable
ff86252017-11-07Henrik Grubbström (Grubba)  ( ({ "demo_certificate.pem" }), VAR_INVISIBLE,
1003002015-07-14Henrik Grubbström (Grubba)  LOCALE(86, "SSL certificate file(s)"), LOCALE(87, "<p>The SSL certificate file(s) to use.</p>\n" "<p>This is a list of certificates, " "intermediate and root certificates, and " "corresponding private key files in any order.</p>\n" "<p>If a path is relative, it will first be "
85fbbc2004-08-19Henrik Grubbström (Grubba)  "searched for relative to %s, "
ff86252017-11-07Henrik Grubbström (Grubba)  "and if not found there relative to %s.</p>\n")));
85fbbc2004-08-19Henrik Grubbström (Grubba)  defvar( "ssl_key_file", o->KeyFileVariable
ff86252017-11-07Henrik Grubbström (Grubba)  ( "", VAR_INVISIBLE, LOCALE(88, "SSL key file"),
85fbbc2004-08-19Henrik Grubbström (Grubba)  LOCALE(89, "The SSL key file to use. If the path is " "relative, it will first be searched for " "relative to %s, and if not found there " "relative to %s. " "You do not have to specify a key " "file, leave this field empty to use the "
1003002015-07-14Henrik Grubbström (Grubba)  "certificate file only. " "This field is obsolete, since the same setting "
ff86252017-11-07Henrik Grubbström (Grubba)  "can be done in <b>SSL certificate file(s)</b>.")));
1407d02017-10-30Henrik Grubbström (Grubba) #endif
08b5962014-05-12Henrik Grubbström (Grubba) 
0c22bf2015-12-14Henrik Grubbström (Grubba) #if constant(SSL.Constants.CIPHER_aead) // NB: This constant was added a few days after get_suites() in Pike 8.0, // and a single day after get_suites() in the backport to Pike 7.8.
08b5962014-05-12Henrik Grubbström (Grubba) 
db79e32015-12-14Henrik Grubbström (Grubba)  // Pike 8.0 or recent Pike 7.8. // They have SSL.[Cc]ontext()->get_suites().
7d76c82014-05-13Henrik Grubbström (Grubba) 
f070852015-12-15Henrik Grubbström (Grubba)  // 112 bits is the minimum strength to still retain the
08b5962014-05-12Henrik Grubbström (Grubba)  // DES-3 suites, which are required in the TLS standards.
755fec2015-04-09Henrik Grubbström (Grubba)  // // FIXME: The cipher strength list ought to be generated dynamically // from SSL.Constants.CIPHER_effective_keylengths.
08b5962014-05-12Henrik Grubbström (Grubba)  defvar("ssl_key_bits", Variable.Int(112, 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1080, "Cipher suite minimum effective key strength"), LOCALE(1081,
21133f2015-12-15Henrik Grubbström (Grubba)  "<p>The minimum number of effective bits to " "secure connections.</p>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<p>Common ciphers (subject to availability) "
f070852015-12-15Henrik Grubbström (Grubba)  "in order of effective key bits as of " "December 2015:\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<dl>\n"
755fec2015-04-09Henrik Grubbström (Grubba)  "<dt>24</dt>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<dd>Export RC4 (aka RC4-40)</dd>\n"
755fec2015-04-09Henrik Grubbström (Grubba)  "<dt>32</dt>\n" "<dd>Export DES (aka DES-40)</dd>\n" "<dt>38</dt>\n" "<dd>RC4</dd>\n" "<dt>40</dt>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<dd>DES</dd>\n" "<dt>112</dt>\n" "<dd>3-DES (Note that this cipher is the " "minimum required cipher in many versions " "of TLS)</dd>\n" "<dt>128</dt>\n" "<dd>AES-128</dd>\n" "<dd>Camellia-128</dd>\n" "<dt>256</dt>\n" "<dd>AES-256</dd>\n" "<dd>Camellia-256</dd>\n"
755fec2015-04-09Henrik Grubbström (Grubba)  "<dd>ChaCha20</dd>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "</dl>\n"
6f1c142015-07-14Henrik Grubbström (Grubba)  "</p>\n" "<p>Cipher strengths lower than 112 bits are " "<b>NOT</b> recommended, and there are RFCs that " "prohibit the use of all those suites.</p>\n")))-> set_range(0, Variable.no_limit);
db79e32015-12-14Henrik Grubbström (Grubba) #endif #if constant(SSL.ServerConnection) // Pike 8.0 and later has much more advanced support for SSL/TLS.
08b5962014-05-12Henrik Grubbström (Grubba) 
f070852015-12-15Henrik Grubbström (Grubba)  defvar( "ssl_password",
0c843c2017-11-13Henrik Grubbström (Grubba)  Variable.String("", VAR_INVISIBLE, LOCALE(1082, "SSL decryption password"),
0c7a1e2016-09-27Anders Johansson  LOCALE(1083, "Optional password to decrypt the "
f070852015-12-15Henrik Grubbström (Grubba)  "SSL key file(s).")));
08b5962014-05-12Henrik Grubbström (Grubba)  defvar("ssl_suite_filter", Variable.IntChoice(0, ([
8a679c2018-10-11Henrik Grubbström (Grubba)  0: "Roxen default policy", 16: "Allow RSA-encryption", 20: "Ephemeral key exchanges only", 24: "Suite B (allow RSA-encryption)", 28: "Suite B (ephemeral only)", 30: "Suite B (transitional)", 31: "Suite B (strict)",
08b5962014-05-12Henrik Grubbström (Grubba)  ]), 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1084, "Additional suite filtering"), LOCALE(1085, "<p>Selects an additional cipher suite "
08b5962014-05-12Henrik Grubbström (Grubba)  "policy.</p>" "<p>The supported filter modes are:\n" "<dl>\n"
8a679c2018-10-11Henrik Grubbström (Grubba)  "<dt>Roxen default policy</dt>\n" "<dd>Use the Roxen default cipher suite " "selection policy. This is currently the " "same as <b>Ephemeral key exchanges " "only</b>, but may differ in other " "versions of Roxen.</dd>\n" "<dt>Allow RSA-encryption</dt>\n" "<dd>Allow old cipher suites that use RSA-" "encryption for the key-exchange. " "These suites are vulnerable to the " "<a href='https://robotattack.org/'>" "ROBOT</a> vulnerability, and should " "usually <b>NOT</b> be allowed.</dd>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<dt>Ephemeral key exchanges only</dt>\n" "<dd>Only allow cipher suites that use a " "key exchange with ephemeral keys (aka " "\"Perfect Forward Security\"). Ie " "either ECDHE or DHE.</dd>\n"
8a679c2018-10-11Henrik Grubbström (Grubba)  "<dt>Suite B (allow RSA-encryption)</dt>\n" "<dd>Same as <b>Allow RSA-encryption</b>, " "but prefer the suites specified in " "<b>Suite B</b>. Should usually <b>NOT</b> " "be used.</dd>\n"
08b5962014-05-12Henrik Grubbström (Grubba)  "<dt>Suite B (ephemeral only)</dt>\n" "<dd>Same as <b>Ephemeral key exchanges " "only</b>, but prefer the suites specified " "in <b>Suite B</b>.</dd>\n" "<dt>Suite B (transitional)</dt>\n" "<dd>Support only the suites specified by " "RFCs 5430 and 6460.</dd>\n" "<dt>Suite B (strict)</dt>\n" "<dd>Support only the suites specified by " "RFC 6460.</dt>\n" "</dl>\n" "</p>\n" "<p>Note: Full Suite B operation is not " "supported in all configurations.</p>\n" "<p>Note: For full Suite B compliance a " "suitable certificate must also be "
8a679c2018-10-11Henrik Grubbström (Grubba)  "used.</p>")))-> set_changed_callback(update_ssl_suite_filter_default);
28c2362014-10-22Henrik Grubbström (Grubba) #endif /* SSL.ServerConnection */ #if constant(SSL.Constants.PROTOCOL_TLS_MAX)
0ec1722015-11-13Henrik Grubbström (Grubba)  mapping(SSL.Constants.ProtocolVersion: string) ssl_versions = ([ SSL.Constants.PROTOCOL_SSL_3_0: "SSL 3.0", SSL.Constants.PROTOCOL_TLS_1_0: "TLS 1.0 (aka SSL 3.1)", ]); #if constant(SSL.Constants.PROTOCOL_TLS_1_1) // NB: The symbol may be available, but the Pike binary might be to old... for (SSL.Constants.ProtocolVersion v = SSL.Constants.PROTOCOL_TLS_1_1; v <= SSL.Constants.PROTOCOL_TLS_MAX; v++) { ssl_versions[v] = sprintf("TLS 1.%d", v - SSL.Constants.PROTOCOL_TLS_1_0); }
28c2362014-10-22Henrik Grubbström (Grubba) #endif
0ec1722015-11-13Henrik Grubbström (Grubba)  defvar("ssl_min_version", Variable.IntChoice(SSL.Constants.PROTOCOL_TLS_1_0, ssl_versions, 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1086, "Minimum supported version of SSL/TLS"), LOCALE(1087, "<p>Reject clients that want to use a "
08b5962014-05-12Henrik Grubbström (Grubba)  "version of SSL/TLS lower than the selected "
6f1c142015-07-14Henrik Grubbström (Grubba)  "version.</p>\n" "<p>Note: SSL 3.0 has been deprecated " "in RFC 7568.</p>\n")));
28c2362014-10-22Henrik Grubbström (Grubba) #endif /* SSL.Constants.PROTOCOL_TLS_MAX */
934b3f2000-02-04Per Hedbor }
f4b6251999-09-02Per Hedbor // Get the current domain. This is not as easy as one could think. string get_domain(int|void l) {
6bff132012-05-10Henrik Grubbström (Grubba)  string s = "nowhere"; string t;
f4b6251999-09-02Per Hedbor 
c5e0961999-10-04Per Hedbor  // FIXME: NT support.
f4b6251999-09-02Per Hedbor 
c5e0961999-10-04Per Hedbor  t = Stdio.read_bytes("/etc/resolv.conf");
6bff132012-05-10Henrik Grubbström (Grubba)  if (!t) return s; if (!sscanf(t, "domain %s\n", s) && !sscanf(t, "search %s%*[ \t\n]", s)) { return s;
f4b6251999-09-02Per Hedbor  }
6bff132012-05-10Henrik Grubbström (Grubba)  if (has_prefix(s, ".")) s = s[1..]; if (has_suffix(s, ".")) s = s[..sizeof(s)-2]; if (!sizeof(s)) return "unknown";
f4b6251999-09-02Per Hedbor  return s; }
a59d252000-07-04Per Hedbor class PortOptions { inherit Variable.Variable; constant type = "PortOptions";
3e3bab2001-01-19Per Hedbor  int check_visibility(RequestID id, int a, int b, int c, int d) { return 0; } void set_from_form(RequestID id ) { return; }
a59d252000-07-04Per Hedbor  void create() { ::create( ([]), 0, 0, 0 ); } };
40889a2000-09-19Per Hedbor array(string) old_module_dirs; void zap_all_module_caches( Variable.Variable v ) { if( !equal( v->query(), old_module_dirs ) ) { report_notice( "Module path changed - clearing all module caches\n" ); catch(this_object()->clear_all_modules_cache()); catch(map( this_object()->module_cache->list(), this_object()->module_cache->delete )); catch { string f = dirname( master()->make_ofilename( "tmp" ) ); foreach( glob("*.o",get_dir( f )), string ofile ) catch(rm( ofile )); }; old_module_dirs = v->query(); } }
cdb4072021-04-07Henrik Grubbström (Grubba) // Used by basic_defvar. string module_identifier() { return "Global_Variables"; }
3bb11d2000-07-09Per Hedbor void define_global_variables( )
690adf1999-08-30Per Hedbor {
0be3252008-09-25Martin Stjernholm  Variable.Variable v;
7573ab2008-02-06Fredrik Noring  defvar("myisamchk", Variable.Language("Fast check and repair", ({ "Disable check", "Fast check and repair", "Normal check and repair", "Medium check and repair", "Extended check and repair" }),
82c0202009-03-17Jonas Wallden  0, LOCALE(1014, "MySQL table check"), LOCALE(1015, "Check MySQL tables on server start, "
7573ab2008-02-06Fredrik Noring  "and automatically repair if necessary. " "<b>Fast</b> checks only tables that haven't " "been closed properly. " "<b>Normal</b> checks for general errors. " "<b>Medium</b> catches 99.99 % of all " "errors. Should be good enough for most " "cases. " "<b>Extended</b> checks the tables VERY " "throughly. Only use this in extreme cases " "as myisamchk should normally be able to " "find out if the table is OK even without " "this switch."))) ->set_changed_callback(lambda(Variable.Variable s) {
487d102008-02-07Fredrik Noring  string options = "";
7573ab2008-02-06Fredrik Noring  switch(query("myisamchk")) { case "Disable check": break; case "Fast check and repair":
487d102008-02-07Fredrik Noring  options += "--force --fast --silent\n"
7573ab2008-02-06Fredrik Noring  "--myisam-recover=QUICK,FORCE\n"; break; case "Normal check and repair":
487d102008-02-07Fredrik Noring  options += "--force --check\n"
7573ab2008-02-06Fredrik Noring  "--myisam-recover=DEFAULT,FORCE\n"; break; case "Medium check and repair":
487d102008-02-07Fredrik Noring  options += "--force --medium-check\n"
7573ab2008-02-06Fredrik Noring  "--myisam-recover=DEFAULT,FORCE\n"; break; case "Extended check and repair":
487d102008-02-07Fredrik Noring  options += "--force --extend-check\n"
7573ab2008-02-06Fredrik Noring  "--myisam-recover=DEFAULT,FORCE\n"; break; default: error("Unknown myisamchk level %O\n", query("myisamchk")); return; } Stdio.write_file(combine_path(roxenloader.query_configuration_dir(), "_mysql_table_check"), options); });
a59d252000-07-04Per Hedbor  defvar("port_options", PortOptions()); defvar("RestoreConnLogFull", 0,
23414a2000-07-21Andreas Lange  LOCALE(90, "Logging: Log entire file length in restored connections"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(91, "If this toggle is enabled log entries for restored connections "
690adf1999-08-30Per Hedbor  "will log the amount of sent data plus the restoration location. " "Ie if a user has downloaded 100 bytes of a file already, and makes " "a Range request fetching the remaining 900 bytes, the log entry " "will log it as if the entire 1000 bytes were downloaded. " "<p>This is useful if you want to know if downloads were successful " "(the user has the complete file downloaded). The drawback is that " "bandwidth statistics on the log file will be incorrect. The "
edab552002-01-11Henrik Grubbström (Grubba)  "statistics in Roxen will still be correct.</p>"));
e6f83d2000-03-06Peter Bortas 
8d04b22000-09-19Per Hedbor  defvar("default_font", "roxen builtin", LOCALE(92, "Default font"),
434bac2000-07-14Andreas Lange  TYPE_FONT,
23414a2000-07-21Andreas Lange  LOCALE(93, "The default font to use when modules request a font."));
690adf1999-08-30Per Hedbor 
ee13d02008-02-05Henrik Grubbström (Grubba)  defvar("font_dirs", roxenloader.default_roxen_font_path, LOCALE(94, "Font directories"), TYPE_DIR_LIST,
23414a2000-07-21Andreas Lange  LOCALE(95, "This is where the fonts are located."));
690adf1999-08-30Per Hedbor 
a1fee32002-08-16Mattias Andersson  defvar("font_oversampling", 1, LOCALE(521, "Font oversampling"),
b012c22002-08-16Mattias Andersson  TYPE_FLAG,
a1fee32002-08-16Mattias Andersson  LOCALE(522, "If set to Yes, fonts will be oversampled resulting "
b012c22002-08-16Mattias Andersson  "in higher quality but more fuzz. This will require clearing " "of various graphics caches like the Graphic text and " "GButton caches to take full effect."));
b5fe392005-12-21Fredrik Noring  defvar("logdirprefix", getenv("LOGDIR") || "../logs/",
23414a2000-07-21Andreas Lange  LOCALE(96, "Logging: Log directory prefix"),
434bac2000-07-14Andreas Lange  TYPE_STRING|VAR_MORE,
23414a2000-07-21Andreas Lange  LOCALE(97, "This is the default file path that will be prepended "
434bac2000-07-14Andreas Lange  "to the log file path in all the default modules and the "
1dd64a2000-09-19Mattias Wingstedt  "site."));
f498ed2000-07-11Martin Nilsson 
23414a2000-07-21Andreas Lange  defvar("cache", 0, LOCALE(98, "Cache: Proxy Disk Cache Enabled"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(99, "If set to Yes, caching will be enabled."));
f498ed2000-07-11Martin Nilsson 
b9a7022000-07-15Andreas Lange  defvar("garb_min_garb", 1,
23414a2000-07-21Andreas Lange  LOCALE(100, "Cache: Proxy Disk Cache Clean size"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(101, "Minimum number of Megabytes removed when a garbage collect is done."),
690adf1999-08-30Per Hedbor  0, cache_disabled_p);
f498ed2000-07-11Martin Nilsson 
b9a7022000-07-15Andreas Lange  defvar("cache_minimum_left", 5,
23414a2000-07-21Andreas Lange  LOCALE(102, "Cache: Proxy Disk Cache Minimum available free space and inodes (in %)"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(103, "If less than this amount of disk space or inodes (in %) "
434bac2000-07-14Andreas Lange  "is left, the cache will remove a few files. This check may " "work half-hearted if the diskcache is spread over several " "filesystems."),
f498ed2000-07-11Martin Nilsson  0,
690adf1999-08-30Per Hedbor #if constant(filesystem_stat)
f498ed2000-07-11Martin Nilsson  cache_disabled_p
690adf1999-08-30Per Hedbor #else
f498ed2000-07-11Martin Nilsson  1
690adf1999-08-30Per Hedbor #endif /* filesystem_stat */
f498ed2000-07-11Martin Nilsson  );
23414a2000-07-21Andreas Lange  defvar("cache_size", 25, LOCALE(104, "Cache: Proxy Disk Cache Size"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(105, "How many MB may the cache grow to before a garbage "
434bac2000-07-14Andreas Lange  "collect is done?"), 0, cache_disabled_p);
b9a7022000-07-15Andreas Lange  defvar("cache_max_num_files", 0,
23414a2000-07-21Andreas Lange  LOCALE(106, "Cache: Proxy Disk Cache Maximum number of files"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(107, "How many cache files (inodes) may be on disk before "
edab552002-01-11Henrik Grubbström (Grubba)  "a garbage collect is done? May be left at zero to disable "
434bac2000-07-14Andreas Lange  "this check."), 0, cache_disabled_p);
b9a7022000-07-15Andreas Lange  defvar("bytes_per_second", 50,
23414a2000-07-21Andreas Lange  LOCALE(108, "Cache: Proxy Disk Cache bytes per second"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(109, "How file size should be treated during garbage collect. "
edab552002-01-11Henrik Grubbström (Grubba)  "Each X bytes count as a second, so that larger files will "
434bac2000-07-14Andreas Lange  "be removed first."),
690adf1999-08-30Per Hedbor  0, cache_disabled_p);
a59d252000-07-04Per Hedbor  defvar("cachedir", "/tmp/roxen_cache/",
23414a2000-07-21Andreas Lange  LOCALE(110, "Cache: Proxy Disk Cache Base Cache Dir"),
690adf1999-08-30Per Hedbor  TYPE_DIR,
23414a2000-07-21Andreas Lange  LOCALE(111, "This is the base directory where cached files will "
434bac2000-07-14Andreas Lange  "reside. To avoid mishaps, 'roxen_cache/' is always "
edab552002-01-11Henrik Grubbström (Grubba)  "appended to this variable."),
434bac2000-07-14Andreas Lange  0, cache_disabled_p);
690adf1999-08-30Per Hedbor 
a59d252000-07-04Per Hedbor  defvar("hash_num_dirs", 500,
23414a2000-07-21Andreas Lange  LOCALE(112, "Cache: Proxy Disk Cache Number of hash directories"),
434bac2000-07-14Andreas Lange  TYPE_INT|VAR_MORE,
23414a2000-07-21Andreas Lange  LOCALE(113, "This is the number of directories to hash the contents "
edab552002-01-11Henrik Grubbström (Grubba)  "of the disk cache into. Changing this value currently "
434bac2000-07-14Andreas Lange  "invalidates the whole cache, since the cache cannot find "
edab552002-01-11Henrik Grubbström (Grubba)  "the old files. In the future, the cache will be "
434bac2000-07-14Andreas Lange  "recalculated when this value is changed."), 0, cache_disabled_p);
b9a7022000-07-15Andreas Lange  defvar("cache_keep_without_content_length", 1,
23414a2000-07-21Andreas Lange  LOCALE(114, "Cache: Proxy Disk Cache Keep without Content-Length"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(115, "Keep files without Content-Length header information "
434bac2000-07-14Andreas Lange  "in the cache?"), 0, cache_disabled_p);
b9a7022000-07-15Andreas Lange  defvar("cache_check_last_modified", 0,
23414a2000-07-21Andreas Lange  LOCALE(116, "Cache: Proxy Disk Cache Refreshes on Last-Modified"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(117, "If set, refreshes files without Expire header "
434bac2000-07-14Andreas Lange  "information when they have reached double the age they had " "when they got cached. This may be useful for some regularly " "updated docs as online newspapers."), 0, cache_disabled_p);
b9a7022000-07-15Andreas Lange  defvar("cache_last_resort", 0,
23414a2000-07-21Andreas Lange  LOCALE(118, "Cache: Proxy Disk Cache Last resort (in days)"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(119, "How many days shall files without Expires and without "
434bac2000-07-14Andreas Lange  "Last-Modified header information be kept?"), 0, cache_disabled_p);
690adf1999-08-30Per Hedbor 
a59d252000-07-04Per Hedbor  defvar("cache_gc_logfile", "",
23414a2000-07-21Andreas Lange  LOCALE(120, "Cache: Proxy Disk Cache Garbage collector logfile"),
434bac2000-07-14Andreas Lange  TYPE_FILE,
23414a2000-07-21Andreas Lange  LOCALE(121, "Information about garbage collector runs, removed and "
434bac2000-07-14Andreas Lange  "refreshed files, cache and disk status goes here."), 0, cache_disabled_p);
690adf1999-08-30Per Hedbor  /// End of cache variables..
f498ed2000-07-11Martin Nilsson  // FIXME: Should mention real_version.
434bac2000-07-14Andreas Lange  defvar("default_ident", 1,
23414a2000-07-21Andreas Lange  LOCALE(124, "Identify, Use default identification string"),
434bac2000-07-14Andreas Lange  TYPE_FLAG|VAR_MORE,
8148ed2000-09-13Andreas Lange  LOCALE(125, "Setting this variable to No will display the " "\"Identify as\" node where you can state what Roxen "
434bac2000-07-14Andreas Lange  "should call itself when talking to clients.<br />"
8148ed2000-09-13Andreas Lange  "It is possible to disable this so that you can enter an " "identification-string that does not include the actual " "version of Roxen, as recommended by the HTTP/1.0 and " "HTTP/1.1 RFCs:" "<p><blockquote><i>" "Note: Revealing the specific software version of the server " "may allow the server machine to become more vulnerable to " "attacks against software that is known to contain security " "holes. Server implementors are encouraged to make this field " "a configurable option." "</i></blockquote></p>"));
434bac2000-07-14Andreas Lange  defvar("ident", replace(real_version," ","·"),
23414a2000-07-21Andreas Lange  LOCALE(126, "Identify, Identify as"),
434bac2000-07-14Andreas Lange  TYPE_STRING /* |VAR_MORE */,
23414a2000-07-21Andreas Lange  LOCALE(127, "Enter the name that Roxen should use when talking to clients. "),
434bac2000-07-14Andreas Lange  0, ident_disabled_p);
6351112007-06-12 Erik Dahl  defvar("config_header_string", "",
fe07f52008-01-10Jonas Wallden  LOCALE(532, "Show this string in header"),
6351112007-06-12 Erik Dahl  TYPE_STRING /* |VAR_MORE */,
fe07f52008-01-10Jonas Wallden  LOCALE(533, "Enter a identifier that will be displayed in the head of "
6351112007-06-12 Erik Dahl  " config interface. This makes it easier to distinguish " "between different site configurations. "), 0);
23414a2000-07-21Andreas Lange  defvar("User", "", LOCALE(128, "Change uid and gid to"),
434bac2000-07-14Andreas Lange  TYPE_STRING,
b39ccb2001-08-24Martin Stjernholm  LOCALE(129, #"\ When Roxen is run as root, to be able to open port 80 for listening, change to this user-id and group-id when the port has been opened. If you specify a symbolic username, the default group of that user will be used. The syntax is user[:group]. <p>A server restart is necessary for a change of this variable to take effect. Note that it also can lead to file permission errors if the
edab552002-01-11Henrik Grubbström (Grubba) Roxen process no longer can read files it previously has written. The start script attempts to fix this for the standard file locations.</p>"));
434bac2000-07-14Andreas Lange 
23414a2000-07-21Andreas Lange  defvar("permanent_uid", 0, LOCALE(130, "Change uid and gid permanently"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
8148ed2000-09-13Andreas Lange  LOCALE(131, "If this variable is set, Roxen will set it's uid and gid " "permanently. This disables the 'exec script as user' features " "for CGI, and also 'access files as user' in the filesystems, but "
f498ed2000-07-11Martin Nilsson  "it gives better security."));
690adf1999-08-30Per Hedbor 
e26fa62013-11-26Anders Johansson  defvar("ModuleDirs", ({ "$LOCALDIR/modules/", "modules/" }), LOCALE(132, "Module directories"),
434bac2000-07-14Andreas Lange  TYPE_DIR_LIST,
23414a2000-07-21Andreas Lange  LOCALE(133, "This is a list of directories where Roxen should look "
434bac2000-07-14Andreas Lange  "for modules. Can be relative paths, from the "
23414a2000-07-21Andreas Lange  "directory you started Roxen. "
434bac2000-07-14Andreas Lange  "The directories are searched in order for modules."));
690adf1999-08-30Per Hedbor 
3434d12021-11-29Henrik Grubbström (Grubba)  defvar("CertGlobs", ({ "*.pem", "certs/*.pem", "*.cer", "certs/*.cer", "*.key", "certs/*.key", }),
ddad052017-12-20Karl Gustav Sterneberg  LOCALE(1127, "Certificate and Private Key Globs"),
2d95bf2017-11-01Henrik Grubbström (Grubba)  TYPE_STRING_LIST,
ddad052017-12-20Karl Gustav Sterneberg  LOCALE(1128, "<p>This is a list of globs for which corresponding files "
2d95bf2017-11-01Henrik Grubbström (Grubba)  "will automatically be imported into the certificate " "database on server start.</p>\n" "<p>It may be left empty, in which case any certificates "
a995202017-11-07Anders Johansson  "to use will need to be added by hand.</p>\n")) ->set_changed_callback(lambda() { roxenp()->background_run(0, roxenp()->scan_certs); });
2d95bf2017-11-01Henrik Grubbström (Grubba) 
ab6f292000-11-18Martin Nilsson  defvar("Supports", Variable.Text( "#include <etc/supports>\n", VAR_MORE, LOCALE(134, "Client supports regexps"), LOCALE(135, "What do the different clients support?\n<br />" "The default information is normally fetched from the file " "server/etc/supports in your Roxen directory.") ) ) -> add_changed_callback( lambda(Variable.Text s) { roxenp()->initiate_supports(); cache.cache_expire("supports"); } );
f498ed2000-07-11Martin Nilsson 
23414a2000-07-21Andreas Lange  defvar("audit", 0, LOCALE(136, "Logging: Audit trail"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(137, "If Audit trail is set to Yes, all changes of uid will be "
434bac2000-07-14Andreas Lange  "logged in the Event log."));
690adf1999-08-30Per Hedbor 
d4a3f52014-05-12Henrik Grubbström (Grubba) #if constant(syslog)
1dd64a2000-09-19Mattias Wingstedt  defvar("LogA", "file", LOCALE(138, "Logging: Debug log method"),
434bac2000-07-14Andreas Lange  TYPE_STRING_LIST|VAR_MORE,
1dd64a2000-09-19Mattias Wingstedt  LOCALE(139, "What method to use for the debug log, default is file, " "but "
690adf1999-08-30Per Hedbor  "syslog is also available. When using file, the output is really" " sent to stdout and stderr, but this is handled by the "
f498ed2000-07-11Martin Nilsson  "start script."),
434bac2000-07-14Andreas Lange  ({ "file", "syslog" }));
f498ed2000-07-11Martin Nilsson 
23414a2000-07-21Andreas Lange  defvar("LogSP", 1, LOCALE(140, "Logging: Log PID"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(141, "If set, the PID will be included in the syslog."), 0,
434bac2000-07-14Andreas Lange  syslog_disabled);
f498ed2000-07-11Martin Nilsson 
23414a2000-07-21Andreas Lange  defvar("LogCO", 0, LOCALE(142, "Logging: Log to system console"),
434bac2000-07-14Andreas Lange  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(143, "If set and syslog is used, the error/debug message "
434bac2000-07-14Andreas Lange  "will be printed to the system console as well as to the " "system log."),
690adf1999-08-30Per Hedbor  0, syslog_disabled);
f498ed2000-07-11Martin Nilsson 
23414a2000-07-21Andreas Lange  defvar("LogST", "Daemon", LOCALE(144, "Logging: Syslog type"),
434bac2000-07-14Andreas Lange  TYPE_STRING_LIST,
23414a2000-07-21Andreas Lange  LOCALE(145, "When using SYSLOG, which log type should be used."),
434bac2000-07-14Andreas Lange  ({ "Daemon", "Local 0", "Local 1", "Local 2", "Local 3", "Local 4", "Local 5", "Local 6", "Local 7", "User" }), syslog_disabled);
23414a2000-07-21Andreas Lange  defvar("LogWH", "Errors", LOCALE(146, "Logging: Log what to syslog"),
434bac2000-07-14Andreas Lange  TYPE_STRING_LIST,
23414a2000-07-21Andreas Lange  LOCALE(147, "When syslog is used, how much should be sent to it?<br /><hr />"
434bac2000-07-14Andreas Lange  "Fatal: Only messages about fatal errors<br />" "Errors: Only error or fatal messages<br />" "Warning: Warning messages as well<br />" "Debug: Debug messager as well<br />" "All: Everything<br />"), ({ "Fatal", "Errors", "Warnings", "Debug", "All" }), syslog_disabled);
23414a2000-07-21Andreas Lange  defvar("LogNA", "Roxen", LOCALE(148, "Logging: Log as"),
434bac2000-07-14Andreas Lange  TYPE_STRING,
23414a2000-07-21Andreas Lange  LOCALE(149, "When syslog is used, this will be the identification "
434bac2000-07-14Andreas Lange  "of the Roxen daemon. The entered value will be appended to " "all logs."), 0, syslog_disabled);
d4a3f52014-05-12Henrik Grubbström (Grubba) #endif // constant(syslog)
690adf1999-08-30Per Hedbor 
0be3252008-09-25Martin Stjernholm  v = Variable.Flag (0, 0, LOCALE(534, "Logging: Dump threads by file polling"), LOCALE(535, #"\
0778da2006-10-27Martin Stjernholm <p>This option can be used to produce dumps of all the threads in the debug log in situations where the Administration Interface doesn't respond.</p> <p>It works by checking for a file called \"<i>&lt;config name&gt;</i>.dump_threads\" in the same directory as the debug log. <i>&lt;config name&gt;</i> is the name of the server configuration, i.e. the same as the base name of the debug log files (typically \"default\"). If this file exists, a thread dump is generated and the file is deleted. If a file on the form \"<i>&lt;config name&gt;</i>.dump_threads.<i>&lt;n&gt;</i>\", where <i>&lt;n&gt;</i> is an integer, exists then <i>n</i> thread dumps are generated in one minute intervals.</p> <p>Note that this method normally isn't necessary in unix-like environments; there you can just send a SIGQUIT signal to the pike process to get a thread dump.</p> <p>Enabling this creates a dedicated thread.</p>")); v->set_changed_callback (cdt_changed); defvar ("dump_threads_by_file", v);
0be3252008-09-25Martin Stjernholm  definvisvar ("slow_req_bt_permanent", 0, TYPE_FLAG)-> set_changed_callback (
b1b4e42008-09-22Martin Stjernholm  lambda (Variable.Variable v) {
0be3252008-09-25Martin Stjernholm  if (v->query()) set ("slow_req_bt_count", -1); else if (query ("slow_req_bt_count") < 0) set ("slow_req_bt_count", 0); }); v = Variable.TmpInt ( 0, 0,
82c0202009-03-17Jonas Wallden  LOCALE(1016, "Logging: Dump threads for slow requests"), LOCALE(1017, #"\
0be3252008-09-25Martin Stjernholm <p>This enables a monitor that dumps all the threads in the debug log
f931d72008-09-29Martin Stjernholm whenever any request, background job or the backend thread has been running for more than a set number of seconds, which is configured with the \"Slow request timeout\" and \"Slow backend timeout\" settings.</p>
0be3252008-09-25Martin Stjernholm  <p>This setting is a counter: A positive number stops the monitor after that many thread dumps have been made, -1 enables the monitor permanently, and zero disables it. Positive numbers aren't persistent, so will be reset to zero whenever the server is restarted.</p> <p><b>Warning:</b> If you set the timeout too low, combined with a high or no limit, then the debug log can fill up very quickly and the server become very slow due to the amount of logging. If that happens and it gets difficult to change back the value then you can force the monitor to be disabled from the start by adding the define \"NO_SLOW_REQ_BT\" (i.e. add \"-DNO_SLOW_REQ_BT\" to the start script or in the DEFINES environment variable).</p> <p>Enabling this creates a dedicated thread.</p>")); defvar ("slow_req_bt_count", v); v->set_range (-1, Variable.no_limit); v->set_changed_callback ( lambda (Variable.Variable v) { int count = v->query(); set ("slow_req_bt_permanent", count < 0);
b1b4e42008-09-22Martin Stjernholm #ifndef NO_SLOW_REQ_BT
0be3252008-09-25Martin Stjernholm  slow_req_count_changed();
b1b4e42008-09-22Martin Stjernholm #else
82c0202009-03-17Jonas Wallden  v->set_warning (LOCALE(1018, "Feature disabled by NO_SLOW_REQ_BT define."));
0be3252008-09-25Martin Stjernholm #endif }); v = defvar ("slow_req_bt_timeout", 10.0,
82c0202009-03-17Jonas Wallden  LOCALE(1019, "Logging: Slow request timeout"),
0be3252008-09-25Martin Stjernholm  TYPE_FLOAT,
82c0202009-03-17Jonas Wallden  LOCALE(1020, #"\
f931d72008-09-29Martin Stjernholm <p>The timeout in seconds for requests or background jobs to trig a thread dump. Zero disables monitoring of those. See the \"Dump threads for slow requests\" setting for details.</p>")); v->set_range (0.0, Variable.no_limit);
0be3252008-09-25Martin Stjernholm  v->set_precision (3); #ifndef NO_SLOW_REQ_BT v->set_changed_callback (lambda (Variable.Variable v) { slow_req_timeout_changed(); });
b1b4e42008-09-22Martin Stjernholm #endif
f931d72008-09-29Martin Stjernholm  v = defvar ("slow_be_bt_timeout", 0.05,
82c0202009-03-17Jonas Wallden  LOCALE(1021, "Logging: Slow backend timeout"),
f931d72008-09-29Martin Stjernholm  TYPE_FLOAT,
82c0202009-03-17Jonas Wallden  LOCALE(1022, #"\
f931d72008-09-29Martin Stjernholm <p>The timeout in seconds for the backend thread to trig a thread dump. Zero disables monitoring of it. See the \"Dump threads for slow requests\" setting for details.</p> <p>The backend thread is a special thread that manages most I/O and directs the incoming requests to the handler threads. It should never be occupied for a significant amount of time since that would make the server essentially unresponsive. Therefore this timeout should be small.</p> <p>Note that a good value for this is very dependent on hardware. The default setting here is conservative and probably should be lowered to be of real use.</p>")); v->set_range (0.0, Variable.no_limit); v->set_precision (3); #ifndef NO_SLOW_REQ_BT v->set_changed_callback (lambda (Variable.Variable v) { slow_be_timeout_changed(); }); #endif
690adf1999-08-30Per Hedbor #ifdef THREADS
79a6212007-08-06Fredrik Noring  defvar("numthreads", 15, LOCALE(150, "Number of threads to run"),
434bac2000-07-14Andreas Lange  TYPE_INT,
23414a2000-07-21Andreas Lange  LOCALE(151, "The number of simultaneous threads Roxen will use.\n"
690adf1999-08-30Per Hedbor  "<p>Please note that even if this is one, Roxen will still " "be able to serve multiple requests, using a select loop based " "system.\n" "<i>This is quite useful if you have more than one CPU in "
b98c022001-07-31Per Hedbor  "your machine, or if you have a lot of slow NFS accesses.</i></p>" "<p>Do not increase this over 20 unless you have a " "very good reason to do so.</p>"));
ab6f292000-11-18Martin Nilsson #endif // THREADS
690adf1999-08-30Per Hedbor 
5627f12000-04-13Per Hedbor #ifndef __NT__
9e4c8b2015-12-04Henrik Grubbström (Grubba)  defvar("abs_engage", 0, LOCALE(154, "Auto Maintenance: Enable Anti-Block-System"),
434bac2000-07-14Andreas Lange  TYPE_FLAG|VAR_MORE,
23414a2000-07-21Andreas Lange  LOCALE(155, "If set, the anti-block-system will be enabled. "
f498ed2000-07-11Martin Nilsson  "This will restart the server after a configurable number of minutes if it " "locks up. If you are running in a single threaded environment heavy " "calculations will also halt the server. In multi-threaded mode bugs such as " "eternal loops will not cause the server to reboot, since only one thread is " "blocked. In general there is no harm in having this option enabled. "));
d873a62001-08-22Per Hedbor 
9e4c8b2015-12-04Henrik Grubbström (Grubba)  defvar("abs_timeout", 5, LOCALE(156, "Auto Maintenance: ABS Timeout"),
434bac2000-07-14Andreas Lange  TYPE_INT_LIST|VAR_MORE,
23414a2000-07-21Andreas Lange  LOCALE(157, "If the server is unable to accept connection for this many "
f498ed2000-07-11Martin Nilsson  "minutes, it will be restarted. You need to find a balance: " "if set too low, the server will be restarted even if it's doing " "legal things (like generating many images), if set too high you might " "get a long downtime if the server for some reason locks up."),
86e9012006-12-14Marcus Wellhardh  ({1,2,3,4,5,10,15,30,60}),
8552d92001-01-13Martin Nilsson  lambda() {return !query("abs_engage");});
7ba6002020-10-09Henrik Grubbström (Grubba)  defvar("abs_vmemlimit", 0, LOCALE(0, "Auto Maintenance: ABS Memory limit (VMEM)"), TYPE_INT, LOCALE(0, "Automatically restart the Roxen process if its " "virtual memory usage grows past this limit in megabytes. " "Set to 0 to disable."),
af40af2020-10-09Henrik Grubbström (Grubba)  UNDEFINED,
7ba6002020-10-09Henrik Grubbström (Grubba)  lambda() { return !query("abs_engage");}); defvar("abs_rmemlimit", 0, LOCALE(0, "Auto Maintenance: ABS Memory limit (RSS)"), TYPE_INT, LOCALE(0, "Automatically restart the Roxen process if its active " "(aka resident) memory usage grows past this limit in " "megabytes. Set to 0 to disable."),
af40af2020-10-09Henrik Grubbström (Grubba)  UNDEFINED,
7ba6002020-10-09Henrik Grubbström (Grubba)  lambda() { return !query("abs_engage");});
58e3a12020-12-18Henrik Grubbström (Grubba)  defvar("abs_email", "", LOCALE(0, "Auto Maintenance: ABS Email Adress"), TYPE_STRING, LOCALE(0, "<p>Send ABS reports to this email adress.</p>\n" "<p>Leaving it empty disables sending of emails.</p>\n"), UNDEFINED, lambda() { return !query("abs_engage");}); defvar("abs_sender", "", LOCALE(0, "Auto Maintenance: ABS Sender Adress"), TYPE_STRING, LOCALE(0, "<p>Send ABS reports from this email adress.</p>\n" "<p>Leaving it empty causes the to adress to be used " "in the <b>From</b> header, and the empty string to " "be used in the <b>MAIL FROM</b> SMTP-command.</p>\n"), UNDEFINED, lambda() { return !query("abs_engage") ||
4174a82020-12-19Jonas Walldén  !has_value(query("abs_email"), "@");
58e3a12020-12-18Henrik Grubbström (Grubba)  });
ab6f292000-11-18Martin Nilsson #endif // __NT__
690adf1999-08-30Per Hedbor 
b50edf2015-12-04Henrik Grubbström (Grubba)  defvar("auto_fetch_rxps", 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1088, "Auto Maintenance: Enable Automatic Patch import"),
b50edf2015-12-04Henrik Grubbström (Grubba)  TYPE_FLAG,
0c7a1e2016-09-27Anders Johansson  LOCALE(1089, "Automatically fetch and import patches to the server "
b50edf2015-12-04Henrik Grubbström (Grubba)  "from www.roxen.com."));
dac5692000-09-19Andreas Lange  defvar("locale", Variable.Language("Standard", ({ "Standard" }) + Locale.list_languages("roxen_config"), 0, LOCALE(158, "Default language"), LOCALE(159, "Locale, used to localize all " "messages in Roxen. Standard means using " "the default locale, which varies "
71b9aa2007-05-03Martin Stjernholm  "according to the values of " "the 'LC_MESSAGES' and 'LANG' environment " "variables.")))
dac5692000-09-19Andreas Lange  ->set_changed_callback( lambda(Variable.Variable s) {
8552d92001-01-13Martin Nilsson  roxenp()->set_default_locale(query("locale"));
dac5692000-09-19Andreas Lange  roxenp()->set_locale(); } );
f498ed2000-07-11Martin Nilsson 
4e32072009-01-09Stephen R. van den Berg  string secret=Crypto.MD5.hash(""+time(1)+random(100000));
38b81e2001-01-06Martin Nilsson  secret = MIME.encode_base64(secret,1);
f218252001-01-14Per Hedbor  defvar("server_salt", secret[..sizeof(secret)-3], LOCALE(8, "Server secret"),
b98c022001-07-31Per Hedbor  TYPE_STRING|VAR_MORE|VAR_NO_DEFAULT,
f218252001-01-14Per Hedbor  LOCALE(9, "The server secret is a string used in some "
38b81e2001-01-06Martin Nilsson  "cryptographic functions, such as calculating " "unique, non-guessable session id's. Change this " "value into something that is hard to guess, unless " "you are satisfied with what your computers random "
edab552002-01-11Henrik Grubbström (Grubba)  "generator has produced.") );
38b81e2001-01-06Martin Nilsson 
4e32072009-01-09Stephen R. van den Berg  secret = Crypto.MD5.hash(""+time(1)+random(100000)+"x"+gethrtime());
387fa62001-03-05Per Hedbor 
b98c022001-07-31Per Hedbor  definvisvar("argcache_secret","",TYPE_STRING|VAR_NO_DEFAULT);
4d92a62001-03-16Per Hedbor  set( "argcache_secret", secret ); // force save.
f498ed2000-07-11Martin Nilsson  defvar("suicide_engage", 0,
9e4c8b2015-12-04Henrik Grubbström (Grubba)  LOCALE(160, "Auto Maintenance: Enable Automatic Restart"),
f498ed2000-07-11Martin Nilsson  TYPE_FLAG|VAR_MORE,
23414a2000-07-21Andreas Lange  LOCALE(161, "If set, Roxen will automatically restart after a "
434bac2000-07-14Andreas Lange  "configurable number of days. Since Roxen uses a monolith, " "non-forking server model the process tends to grow in size "
edab552002-01-11Henrik Grubbström (Grubba)  "over time. This is mainly due to heap fragmentation but " "may also sometimes be because of memory leaks.")
690adf1999-08-30Per Hedbor  );
f498ed2000-07-11Martin Nilsson 
d873a62001-08-22Per Hedbor  definvisvar( "last_suicide", 0, TYPE_INT ); defvar("suicide_schedule", Variable.Schedule( ({ 2, 1, 1, 0, 4 }), 0,
9e4c8b2015-12-04Henrik Grubbström (Grubba)  LOCALE(387,"Auto Maintenance: Restart Schedule"),
9fa11d2001-08-24Martin Nilsson  LOCALE(388, "Automatically restart the "
d873a62001-08-22Per Hedbor  "server according to this schedule.") ) ) ->set_invisibility_check_callback ( lambda(RequestID id, Variable.Variable f) {return !query("suicide_engage");} );
690adf1999-08-30Per Hedbor 
b50edf2015-12-04Henrik Grubbström (Grubba)  defvar("patch_on_restart", 0,
0c7a1e2016-09-27Anders Johansson  LOCALE(1090, "Auto Maintenance: Restart and apply patches"),
b50edf2015-12-04Henrik Grubbström (Grubba)  TYPE_FLAG,
0c7a1e2016-09-27Anders Johansson  LOCALE(1091, "Apply any pending imported patches when the server is "
b50edf2015-12-04Henrik Grubbström (Grubba)  "automatically restarted.")) ->set_invisibility_check_callback ( lambda(RequestID id, Variable.Variable f) {return !query("suicide_engage");});
1353182009-11-12Martin Stjernholm  defvar ("mem_cache_gc_2", 5 * 60,
405caf2009-12-05Jonas Wallden  LOCALE(1045, "Cache: Memory cache GC interval"),
1353182009-11-12Martin Stjernholm  TYPE_INT,
405caf2009-12-05Jonas Wallden  LOCALE(1046, #"\
1353182009-11-12Martin Stjernholm <p>Interval in seconds between RAM cache garbage collector runs. This GC removes entries from the RAM caches that have timed out or are stale for other reasons, thereby making more room for new entries. The configured cache size limits are enforced when entries are added, so this GC is not required to keep the cache sizes down.</p> <p>Running this GC too seldom causes some RAM caches to contain many invalid cache entries, which could push out valid cache entries. Running it too often causes unnecessary server load.</p>")) ->set_range (1, Variable.no_limit); // This was the variable that used to control the gc interval, but // since the effect of the gc is radically different now we // intentionally use a different variable name to reset the value. definvisvar ("mem_cache_gc", 300, TYPE_INT);
38c2182009-11-30Martin Stjernholm  v = defvar ("mem_cache_size", 100,
405caf2009-12-05Jonas Wallden  LOCALE(1043, "Cache: Memory cache size"),
1f6e162009-11-18Martin Stjernholm  TYPE_INT,
405caf2009-12-05Jonas Wallden  LOCALE(1044, #"\
921aa22009-11-25Jonas Wallden <p>Maximum size in MByte for all RAM caches taken together. This limit
1f6e162009-11-18Martin Stjernholm covers the caches visible in the <a
f5a2092018-09-04Jonas Walldén href='/actions/?action=cachestatus.pike&class=status&_roxen_wizard_id=&form._roxen_wizard_id;'>Cache status</a> page.</p>
1f6e162009-11-18Martin Stjernholm  <p>Note that there are many more things in the Roxen WebServer that take space, including some caches that are not handled by the common RAM cache. Also, there is various indirect memory overhead that is not directly accounted for by the size calculations. All these taken together means that the figure configured here cannot be mapped straightly to the size of the Roxen process as reported by the OS. The optimal setting here is the one that in general keeps the Roxen process at a size that avoids swapping and leaves enough memory for buffers and other processes that need to run at the same time (e.g. the Roxen instance of the MySQL server).</p>")); v->set_range (1, Variable.no_limit); v->set_changed_callback ( lambda (Variable.Int v) { cache.set_total_size_limit (v->query() * 1024 * 1024); });
e082212001-08-28Per Hedbor  defvar("replicate", 0,
3b3eac2001-09-03Martin Nilsson  LOCALE(163, "Enable replication system" ),
e082212001-08-28Per Hedbor  TYPE_FLAG,
3b3eac2001-09-03Martin Nilsson  LOCALE(337,"If enabled, Roxen will enable various replication systems "
e082212001-08-28Per Hedbor  "needed to set up multiple frontend systems. You will need "
4cb0c62007-11-29Martin Stjernholm  "a database named 'replicate' that resides in a shared mysql "
e082212001-08-28Per Hedbor  "server for this to work. Also, all servers has to have this " "flag set. Roxen must be restarted before changes to this "
edab552002-01-11Henrik Grubbström (Grubba)  "variable takes effect." ) );
e082212001-08-28Per Hedbor 
a59d252000-07-04Per Hedbor  defvar("config_file_comments", 0,
23414a2000-07-21Andreas Lange  LOCALE(172, "Commented config files"),
f498ed2000-07-11Martin Nilsson  TYPE_FLAG,
23414a2000-07-21Andreas Lange  LOCALE(173, "Save the variable documentation strings as comments "
434bac2000-07-14Andreas Lange  "in the configuration files. Only useful if you read or " "edit the config files directly."));
d37d5a2000-12-08Martin Nilsson 
2dfc632019-09-16Karl Gustav Sterneberg  defvar("image_cache_max_entry_size", Variable.Int(128, 0, LOCALE(0, "Image Cache Max Entry Size (MB)"), LOCALE(0, "Max size in MB per entry in the image cache.") )).set_range(16, 2048);
332ad92007-03-02Henrik Grubbström (Grubba) #ifdef SMTP_RELAY // SMTP stuff defvar("mail_spooldir", "../var/spool/mqueue/", "SMTP: Mail queue directory", TYPE_DIR, "Directory where the mail spool queue is stored."); defvar("mail_maxhops", 10, "SMTP: Maximum number of hops", TYPE_INT, "Maximum number of MTA hops (used to avoid loops).<br>\n" "Zero means no limit."); defvar("mail_bounce_size_limit", 262144, "SMTP: Maximum bounce size", TYPE_INT, "<p>Maximum size (bytes) of the embedded message in " "generated bounces.</p>" "<p>Set to zero for no limit.</p>" "<p>Set to -1 to disable bounces.</p>"); // Try to get our FQDN. string hostname = gethostname(); array(string) hostinfo = gethostbyname(hostname); if (hostinfo && sizeof(hostinfo)) { hostname = hostinfo[0]; }
6897c92001-06-27Honza Petrous 
332ad92007-03-02Henrik Grubbström (Grubba)  defvar("mail_hostname", hostname, "SMTP: Mailserver host name", TYPE_STRING, "This is the hostname used by the server in the SMTP " "handshake (EHLO & HELO)."); defvar("mail_postmaster", "Postmaster <postmaster@" + hostname + ">", "SMTP: Postmaster address", TYPE_STRING, "Email address of the postmaster."); defvar("mail_mailerdaemon", "Mail Delivery Subsystem <MAILER-DAEMON@" + hostname + ">", "SMTP: Mailer daemon address", TYPE_STRING, "Email address of the mailer daemon."); #endif /* SMTP_RELAY */
6897c92001-06-27Honza Petrous  #ifdef SNMP_AGENT // SNMP stuffs defvar("snmp_agent", 0, LOCALE(999, "SNMP: Enable SNMP agent"), TYPE_FLAG|VAR_MORE,
edab552002-01-11Henrik Grubbström (Grubba)  "If set, the Roxen SNMP agent will be anabled."
6897c92001-06-27Honza Petrous  ); defvar("snmp_community", ({"public:ro"}), "SNMP: Community string", TYPE_STRING_LIST, "One community name per line. Default permissions are 'read-only'. "
edab552002-01-11Henrik Grubbström (Grubba)  "'Read-write' permissions can be specified by appending :rw to the " "community name (for example mypub:rw).",
6897c92001-06-27Honza Petrous  0, snmp_disabled); /* defvar("snmp_mode", "smart", "SNMP: Agent mode", TYPE_STRING_LIST, "Standard SNMP server mode, muxed SNMP mode, " "proxy, agentx or automatic (smart) mode.", ({"smart", "agent", "agentx", "smux", "proxy" })); */
6f669a2001-08-14Honza Petrous  defvar("snmp_hostport", snmp_get_cif_domain(), "SNMP: IP address and port",
6897c92001-06-27Honza Petrous  TYPE_STRING,
edab552002-01-11Henrik Grubbström (Grubba)  "Agent listening IP adress and port. Format: [[host]:port] " "If host isn't set then the IP address of the config interface " "will be used.",
6897c92001-06-27Honza Petrous  0, snmp_disabled);
77efe62001-09-11Honza Petrous  defvar("snmp_global_traphosts", ({}),"SNMP: Trap destinations", TYPE_STRING_LIST, "The SNMP traphost URL for sending common traps (like coldstart).",
6897c92001-06-27Honza Petrous  0, snmp_disabled);
77efe62001-09-11Honza Petrous 
6897c92001-06-27Honza Petrous  defvar("snmp_syscontact","","SNMP: System MIB - Contact", TYPE_STRING, "The textual identification of the contact person for this managed " "node, together with information on how to contact this person.", 0, snmp_disabled); defvar("snmp_sysname","","SNMP: System MIB - Name", TYPE_STRING, "An administratively-assigned name for this managed node. By " "convention, this is the node's fully-qualified domain name.", 0, snmp_disabled); defvar("snmp_syslocation","","SNMP: System MIB - Location", TYPE_STRING, "The physical location of this node (e.g., `telephone closet, 3rd " "floor').", 0, snmp_disabled); defvar("snmp_sysservices",72,"SNMP: System MIB - Services", TYPE_INT, "A value which indicates the set of services that this entity " "primarily offers.", 0, snmp_disabled); #endif // SNMP_AGENT
6f669a2001-08-14Honza Petrous  defvar("global_position", Variable.Variable(0, VAR_INVISIBLE));
0040c72022-09-13Henrik Grubbström (Grubba)  defvar("fsgc_starttime", Variable.Schedule(({ 2, 2, 1, 0, 3, 0 }), 0, "FSGC: Start time", "<p>Time after which the Filesystem " "Garbage Collector subsystem may run.</p>\n" "<p>Disable this to disable the FSGC.</p>\n" "<p>Note that other values for this setting " "are only relevant if a <b>Stop time</b> is " "configured, and that that setting differs from " "this setting.</p>", (< 0, 2>))); defvar("fsgc_stoptime", Variable.Schedule(({ 0, 2, 1, 0, 5, 0 }), 0, "FSGC: Stop time", "<p>Time after which the Filesystem " "Garbage Collector subsystem may not run.</p>\n" "<p>Disable this or set it to the same value as " "<b>Start time</b> to enable running the FSGC " "at any time of the day.</p>", (< 0, 2>)));
3b11a92011-04-28Tobias Liin #ifdef ENABLE_OUTGOING_PROXY defvar("use_proxy", 0,
6a32272011-12-21Jonas Wallden  LOCALE(1052, "Proxy: Use proxy (experimental)"), TYPE_FLAG, LOCALE(1053, "Use proxy for outgoing requests. E.g. when browsing "
3b11a92011-04-28Tobias Liin  "external web sites through the Linkbrowser or when Insert " "cached-href fetches data from an external location.")); defvar("proxy_url", "",
6a32272011-12-21Jonas Wallden  LOCALE(1054, "Proxy: Proxy URL"), TYPE_STRING, LOCALE(1055, "The URL of the proxy to use for outgoing requests."));
3b11a92011-04-28Tobias Liin  defvar("proxy_username", "",
6a32272011-12-21Jonas Wallden  LOCALE(1056, "Proxy: Proxy username"), TYPE_STRING, LOCALE(1057, "Username for proxy authorization."));
3b11a92011-04-28Tobias Liin  defvar("proxy_password", "",
6a32272011-12-21Jonas Wallden  LOCALE(1058, "Proxy: Proxy password"), TYPE_STRING, LOCALE(1059, "Password for proxy authorization."));
3b11a92011-04-28Tobias Liin #endif
690adf1999-08-30Per Hedbor }
f4b6251999-09-02Per Hedbor 
3bb11d2000-07-09Per Hedbor void restore_global_variables() {
4d92a62001-03-16Per Hedbor  mapping m = retrieve("Variables", 0);
3bb11d2000-07-09Per Hedbor  setvars(retrieve("Variables", 0));
4d92a62001-03-16Per Hedbor  if( !m->argcache_secret ) save();
40889a2000-09-19Per Hedbor  old_module_dirs = query( "ModuleDirs" ); getvar( "ModuleDirs" )->add_changed_callback( zap_all_module_caches );
3bb11d2000-07-09Per Hedbor }
fc40392008-08-15Martin Stjernholm protected mapping(string:mixed) __vars = ([ ]);
f4b6251999-09-02Per Hedbor  // These two should be documented somewhere. They are to be used to
c5e0961999-10-04Per Hedbor // set global, but non-persistent, variables in Roxen.
f4b6251999-09-02Per Hedbor mixed set_var(string var, mixed to) { return __vars[var] = to; } mixed query_var(string var) { return __vars[var]; }