include/common/defaults.h - haproxy - Gitiles

 /*
  * include/common/defaults.h
  * Miscellaneous default values.
  *
  * Copyright (C) 2000-2010 Willy Tarreau - w@1wt.eu
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation, version 2.1
  * exclusively.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */

 #ifndef _COMMON_DEFAULTS_H
 #define _COMMON_DEFAULTS_H

 /* MAX_PROCS defines the highest limit for the global "nbproc" value. It
  * defaults to the number of bits in a long integer but may be lowered to save
  * resources on embedded systems.
  */
 #ifndef MAX_PROCS
 #define MAX_PROCS LONGBITS
 #endif

 /*
  * BUFSIZE defines the size of a read and write buffer. It is the maximum
  * amount of bytes which can be stored by the proxy for each stream. However,
  * when reading HTTP headers, the proxy needs some spare space to add or rewrite
  * headers if needed. The size of this spare is defined with MAXREWRITE. So it
  * is not possible to process headers longer than BUFSIZE-MAXREWRITE bytes. By
  * default, BUFSIZE=16384 bytes and MAXREWRITE=min(1024,BUFSIZE/2), so the
  * maximum length of headers accepted is 15360 bytes.
  */
 #ifndef BUFSIZE
 #define BUFSIZE	        16384
 #endif

 /* certain buffers may only be allocated for responses in order to avoid
  * deadlocks caused by request queuing. 2 buffers is the absolute minimum
  * acceptable to ensure that a request gaining access to a server can get
  * a response buffer even if it doesn't completely flush the request buffer.
  * The worst case is an applet making use of a request buffer that cannot
  * completely be sent while the server starts to respond, and all unreserved
  * buffers are allocated by request buffers from pending connections in the
  * queue waiting for this one to flush. Both buffers reserved buffers may
  * thus be used at the same time.
  */
 #ifndef RESERVED_BUFS
 #define RESERVED_BUFS   2
 #endif

 // reserved buffer space for header rewriting
 #ifndef MAXREWRITE
 #define MAXREWRITE      1024
 #endif

 #ifndef REQURI_LEN
 #define REQURI_LEN      1024
 #endif

 #ifndef CAPTURE_LEN
 #define CAPTURE_LEN     64
 #endif

 #ifndef MAX_SYSLOG_LEN
 #define MAX_SYSLOG_LEN          1024
 #endif

 // maximum line size when parsing config
 #ifndef LINESIZE
 #define LINESIZE	2048
 #endif

 // max # args on a configuration line
 #define MAX_LINE_ARGS   64

 // maximum line size when parsing crt-bind-list config
 #define CRT_LINESIZE    65536

 // max # args on crt-bind-list configuration line
 #define MAX_CRT_ARGS  2048

 // max # args on a stats socket
 // This should cover at least 5 + twice the # of data_types
 #define MAX_STATS_ARGS  64

 // max # of matches per regexp
 #define	MAX_MATCH       10

 // max # of headers in one HTTP request or response
 // By default, about 100 headers (+1 for the first line)
 #ifndef MAX_HTTP_HDR
 #define MAX_HTTP_HDR    101
 #endif

 // max # of headers in history when looking for header #-X
 #ifndef MAX_HDR_HISTORY
 #define MAX_HDR_HISTORY 10
 #endif

 // max # of stick counters per session (at least 3 for sc0..sc2)
 #ifndef MAX_SESS_STKCTR
 #define MAX_SESS_STKCTR 3
 #endif

 // max # of extra stick-table data types that can be registred at runtime
 #ifndef STKTABLE_EXTRA_DATA_TYPES
 #define STKTABLE_EXTRA_DATA_TYPES 0
 #endif

 // max # of loops we can perform around a read() which succeeds.
 // It's very frequent that the system returns a few TCP segments at a time.
 #ifndef MAX_READ_POLL_LOOPS
 #define MAX_READ_POLL_LOOPS 4
 #endif

 // minimum number of bytes read at once above which we don't try to read
 // more, in order not to risk facing an EAGAIN. Most often, if we read
 // at least 10 kB, we can consider that the system has tried to read a
 // full buffer and got multiple segments (>1 MSS for jumbo frames, >7 MSS
 // for normal frames) did not bother truncating the last segment.
 #ifndef MIN_RECV_AT_ONCE_ENOUGH
 #define MIN_RECV_AT_ONCE_ENOUGH (7*1448)
 #endif

 // The minimum number of bytes to be forwarded that is worth trying to splice.
 // Below 4kB, it's not worth allocating pipes nor pretending to zero-copy.
 #ifndef MIN_SPLICE_FORWARD
 #define MIN_SPLICE_FORWARD 4096
 #endif

 // the max number of events returned in one call to poll/epoll. Too small a
 // value will cause lots of calls, and too high a value may cause high latency.
 #ifndef MAX_POLL_EVENTS
 #define MAX_POLL_EVENTS 200
 #endif

 // the max number of tasks to run at once
 #ifndef RUNQUEUE_DEPTH
 #define RUNQUEUE_DEPTH 200
 #endif

 // cookie delimitor in "prefix" mode. This character is inserted between the
 // persistence cookie and the original value. The '~' is allowed by RFC6265,
 // and should not be too common in server names.
 #ifndef COOKIE_DELIM
 #define COOKIE_DELIM    '~'
 #endif

 // this delimitor is used between a server's name and a last visit date in
 // cookies exchanged with the client.
 #ifndef COOKIE_DELIM_DATE
 #define COOKIE_DELIM_DATE       '|'
 #endif

 #define CONN_RETRIES    3

 #define	CHK_CONNTIME    2000
 #define	DEF_CHKINTR     2000
 #define DEF_MAILALERTTIME 10000
 #define DEF_FALLTIME    3
 #define DEF_RISETIME    2
 #define DEF_AGENT_FALLTIME    1
 #define DEF_AGENT_RISETIME    1
 #define DEF_CHECK_REQ   "OPTIONS / HTTP/1.0\r\n"
 #define DEF_CHECK_PATH  ""
 #define DEF_SMTP_CHECK_REQ   "HELO localhost\r\n"
 #define DEF_LDAP_CHECK_REQ   "\x30\x0c\x02\x01\x01\x60\x07\x02\x01\x03\x04\x00\x80\x00"
 #define DEF_REDIS_CHECK_REQ  "*1\r\n$4\r\nPING\r\n"

 #define DEF_HANA_ONERR		HANA_ONERR_FAILCHK
 #define DEF_HANA_ERRLIMIT	10

 // X-Forwarded-For header default
 #define DEF_XFORWARDFOR_HDR	"X-Forwarded-For"

 // X-Original-To header default
 #define DEF_XORIGINALTO_HDR	"X-Original-To"

 /* Default connections limit.
  *
  * A system limit can be enforced at build time in order to avoid using haproxy
  * beyond reasonable system limits. For this, just define SYSTEM_MAXCONN to the
  * absolute limit accepted by the system. If the configuration specifies a
  * higher value, it will be capped to SYSTEM_MAXCONN and a warning will be
  * emitted. The only way to override this limit will be to set it via the
  * command-line '-n' argument. If SYSTEM_MAXCONN is not set, a minimum value
  * of 100 will be used for DEFAULT_MAXCONN which almost guarantees that a
  * process will correctly start in any situation.
  */
 #ifdef SYSTEM_MAXCONN
 #undef  DEFAULT_MAXCONN
 #define DEFAULT_MAXCONN SYSTEM_MAXCONN
 #elif !defined(DEFAULT_MAXCONN)
 #define DEFAULT_MAXCONN 100
 #endif

 /* Minimum check interval for spread health checks. Servers with intervals
  * greater than or equal to this value will have their checks spread apart
  * and will be considered when searching the minimal interval.
  * Others will be ignored for the minimal interval and will have their checks
  * scheduled on a different basis.
  */
 #ifndef SRV_CHK_INTER_THRES
 #define SRV_CHK_INTER_THRES 1000
 #endif

 /* Specifies the string used to report the version and release date on the
  * statistics page. May be defined to the empty string ("") to permanently
  * disable the feature.
  */
 #ifndef STATS_VERSION_STRING
 #define STATS_VERSION_STRING " version " HAPROXY_VERSION ", released " HAPROXY_DATE
 #endif

 /* Maximum signal queue size, and also number of different signals we can
  * handle.
  */
 #ifndef MAX_SIGNAL
 #define MAX_SIGNAL 256
 #endif

 /* Maximum host name length */
 #ifndef MAX_HOSTNAME_LEN
 #if MAXHOSTNAMELEN
 #define MAX_HOSTNAME_LEN	MAXHOSTNAMELEN
 #else
 #define MAX_HOSTNAME_LEN	64
 #endif // MAXHOSTNAMELEN
 #endif // MAX_HOSTNAME_LEN

 /* Maximum health check description length */
 #ifndef HCHK_DESC_LEN
 #define HCHK_DESC_LEN	128
 #endif

 /* ciphers used as defaults on connect */
 #ifndef CONNECT_DEFAULT_CIPHERS
 #define CONNECT_DEFAULT_CIPHERS NULL
 #endif

 /* ciphers used as defaults on TLS 1.3 connect */
 #ifndef CONNECT_DEFAULT_CIPHERSUITES
 #define CONNECT_DEFAULT_CIPHERSUITES NULL
 #endif

 /* ciphers used as defaults on listeners */
 #ifndef LISTEN_DEFAULT_CIPHERS
 #define LISTEN_DEFAULT_CIPHERS NULL
 #endif

 /* cipher suites used as defaults on TLS 1.3 listeners */
 #ifndef LISTEN_DEFAULT_CIPHERSUITES
 #define LISTEN_DEFAULT_CIPHERSUITES NULL
 #endif

 /* named curve used as defaults for ECDHE ciphers */
 #ifndef ECDHE_DEFAULT_CURVE
 #define ECDHE_DEFAULT_CURVE "prime256v1"
 #endif

 /* ssl cache size */
 #ifndef SSLCACHESIZE
 #define SSLCACHESIZE 20000
 #endif

 /* ssl max dh param size */
 #ifndef SSL_DEFAULT_DH_PARAM
 #define SSL_DEFAULT_DH_PARAM 0
 #endif

 /* max memory cost per SSL session */
 #ifndef SSL_SESSION_MAX_COST
 #define SSL_SESSION_MAX_COST (16*1024)    // measured
 #endif

 /* max memory cost per SSL handshake (on top of session) */
 #ifndef SSL_HANDSHAKE_MAX_COST
 #define SSL_HANDSHAKE_MAX_COST (76*1024)  // measured
 #endif

 #ifndef DEFAULT_SSL_CTX_CACHE
 #define DEFAULT_SSL_CTX_CACHE 1000
 #endif

 /* approximate stream size (for maxconn estimate) */
 #ifndef STREAM_MAX_COST
 #define STREAM_MAX_COST (sizeof(struct stream) + \
                           2 * sizeof(struct channel) + \
                           2 * sizeof(struct connection) + \
                           global.tune.requri_len + \
                           2 * global.tune.cookie_len)
 #endif

 /* available memory estimate : count about 3% of overhead in various structures */
 #ifndef MEM_USABLE_RATIO
 #define MEM_USABLE_RATIO 0.97
 #endif

 /* Number of samples used to compute the times reported in stats. A power of
  * two is highly recommended, and this value multiplied by the largest response
  * time must not overflow and unsigned int. See freq_ctr.h for more information.
  * We consider that values are accurate to 95% with two batches of samples below,
  * so in order to advertise accurate times across 1k samples, we effectively
  * measure over 512.
  */
 #ifndef TIME_STATS_SAMPLES
 #define TIME_STATS_SAMPLES 512
 #endif

 /* max ocsp cert id asn1 encoded length */
 #ifndef OCSP_MAX_CERTID_ASN1_LENGTH
 #define OCSP_MAX_CERTID_ASN1_LENGTH 128
 #endif

 #ifndef OCSP_MAX_RESPONSE_TIME_SKEW
 #define OCSP_MAX_RESPONSE_TIME_SKEW 300
 #endif

 /* Number of TLS tickets to check, used for rotation */
 #ifndef TLS_TICKETS_NO
 #define TLS_TICKETS_NO 3
 #endif

 /* pattern lookup default cache size, in number of entries :
  * 10k entries at 10k req/s mean 1% risk of a collision after 60 years, that's
  * already much less than the memory's reliability in most machines and more
  * durable than most admin's life expectancy. A collision will result in a
  * valid result to be returned for a different entry from the same list.
  */
 #ifndef DEFAULT_PAT_LRU_SIZE
 #define DEFAULT_PAT_LRU_SIZE 10000
 #endif

 #endif /* _COMMON_DEFAULTS_H */
	/*
	* include/common/defaults.h
	* Miscellaneous default values.
	*
	* Copyright (C) 2000-2010 Willy Tarreau - w@1wt.eu
	*
	* This library is free software; you can redistribute it and/or
	* modify it under the terms of the GNU Lesser General Public
	* License as published by the Free Software Foundation, version 2.1
	* exclusively.
	*
	* This library is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	* Lesser General Public License for more details.
	*
	* You should have received a copy of the GNU Lesser General Public
	* License along with this library; if not, write to the Free Software
	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
	*/

	#ifndef _COMMON_DEFAULTS_H
	#define _COMMON_DEFAULTS_H

	/* MAX_PROCS defines the highest limit for the global "nbproc" value. It
	* defaults to the number of bits in a long integer but may be lowered to save
	* resources on embedded systems.
	*/
	#ifndef MAX_PROCS
	#define MAX_PROCS LONGBITS
	#endif

	/*
	* BUFSIZE defines the size of a read and write buffer. It is the maximum
	* amount of bytes which can be stored by the proxy for each stream. However,
	* when reading HTTP headers, the proxy needs some spare space to add or rewrite
	* headers if needed. The size of this spare is defined with MAXREWRITE. So it
	* is not possible to process headers longer than BUFSIZE-MAXREWRITE bytes. By
	* default, BUFSIZE=16384 bytes and MAXREWRITE=min(1024,BUFSIZE/2), so the
	* maximum length of headers accepted is 15360 bytes.
	*/
	#ifndef BUFSIZE
	#define BUFSIZE 16384
	#endif

	/* certain buffers may only be allocated for responses in order to avoid
	* deadlocks caused by request queuing. 2 buffers is the absolute minimum
	* acceptable to ensure that a request gaining access to a server can get
	* a response buffer even if it doesn't completely flush the request buffer.
	* The worst case is an applet making use of a request buffer that cannot
	* completely be sent while the server starts to respond, and all unreserved
	* buffers are allocated by request buffers from pending connections in the
	* queue waiting for this one to flush. Both buffers reserved buffers may
	* thus be used at the same time.
	*/
	#ifndef RESERVED_BUFS
	#define RESERVED_BUFS 2
	#endif

	// reserved buffer space for header rewriting
	#ifndef MAXREWRITE
	#define MAXREWRITE 1024
	#endif

	#ifndef REQURI_LEN
	#define REQURI_LEN 1024
	#endif

	#ifndef CAPTURE_LEN
	#define CAPTURE_LEN 64
	#endif

	#ifndef MAX_SYSLOG_LEN
	#define MAX_SYSLOG_LEN 1024
	#endif

	// maximum line size when parsing config
	#ifndef LINESIZE
	#define LINESIZE 2048
	#endif

	// max # args on a configuration line
	#define MAX_LINE_ARGS 64

	// maximum line size when parsing crt-bind-list config
	#define CRT_LINESIZE 65536

	// max # args on crt-bind-list configuration line
	#define MAX_CRT_ARGS 2048

	// max # args on a stats socket
	// This should cover at least 5 + twice the # of data_types
	#define MAX_STATS_ARGS 64

	// max # of matches per regexp
	#define MAX_MATCH 10

	// max # of headers in one HTTP request or response
	// By default, about 100 headers (+1 for the first line)
	#ifndef MAX_HTTP_HDR
	#define MAX_HTTP_HDR 101
	#endif

	// max # of headers in history when looking for header #-X
	#ifndef MAX_HDR_HISTORY
	#define MAX_HDR_HISTORY 10
	#endif

	// max # of stick counters per session (at least 3 for sc0..sc2)
	#ifndef MAX_SESS_STKCTR
	#define MAX_SESS_STKCTR 3
	#endif

	// max # of extra stick-table data types that can be registred at runtime
	#ifndef STKTABLE_EXTRA_DATA_TYPES
	#define STKTABLE_EXTRA_DATA_TYPES 0
	#endif

	// max # of loops we can perform around a read() which succeeds.
	// It's very frequent that the system returns a few TCP segments at a time.
	#ifndef MAX_READ_POLL_LOOPS
	#define MAX_READ_POLL_LOOPS 4
	#endif

	// minimum number of bytes read at once above which we don't try to read
	// more, in order not to risk facing an EAGAIN. Most often, if we read
	// at least 10 kB, we can consider that the system has tried to read a
	// full buffer and got multiple segments (>1 MSS for jumbo frames, >7 MSS
	// for normal frames) did not bother truncating the last segment.
	#ifndef MIN_RECV_AT_ONCE_ENOUGH
	#define MIN_RECV_AT_ONCE_ENOUGH (7*1448)
	#endif

	// The minimum number of bytes to be forwarded that is worth trying to splice.
	// Below 4kB, it's not worth allocating pipes nor pretending to zero-copy.
	#ifndef MIN_SPLICE_FORWARD
	#define MIN_SPLICE_FORWARD 4096
	#endif

	// the max number of events returned in one call to poll/epoll. Too small a
	// value will cause lots of calls, and too high a value may cause high latency.
	#ifndef MAX_POLL_EVENTS
	#define MAX_POLL_EVENTS 200
	#endif

	// the max number of tasks to run at once
	#ifndef RUNQUEUE_DEPTH
	#define RUNQUEUE_DEPTH 200
	#endif

	// cookie delimitor in "prefix" mode. This character is inserted between the
	// persistence cookie and the original value. The '~' is allowed by RFC6265,
	// and should not be too common in server names.
	#ifndef COOKIE_DELIM
	#define COOKIE_DELIM '~'
	#endif

	// this delimitor is used between a server's name and a last visit date in
	// cookies exchanged with the client.
	#ifndef COOKIE_DELIM_DATE
	#define COOKIE_DELIM_DATE '\|'
	#endif

	#define CONN_RETRIES 3

	#define CHK_CONNTIME 2000
	#define DEF_CHKINTR 2000
	#define DEF_MAILALERTTIME 10000
	#define DEF_FALLTIME 3
	#define DEF_RISETIME 2
	#define DEF_AGENT_FALLTIME 1
	#define DEF_AGENT_RISETIME 1
	#define DEF_CHECK_REQ "OPTIONS / HTTP/1.0\r\n"
	#define DEF_CHECK_PATH ""
	#define DEF_SMTP_CHECK_REQ "HELO localhost\r\n"
	#define DEF_LDAP_CHECK_REQ "\x30\x0c\x02\x01\x01\x60\x07\x02\x01\x03\x04\x00\x80\x00"
	#define DEF_REDIS_CHECK_REQ "*1\r\n$4\r\nPING\r\n"

	#define DEF_HANA_ONERR HANA_ONERR_FAILCHK
	#define DEF_HANA_ERRLIMIT 10

	// X-Forwarded-For header default
	#define DEF_XFORWARDFOR_HDR "X-Forwarded-For"

	// X-Original-To header default
	#define DEF_XORIGINALTO_HDR "X-Original-To"

	/* Default connections limit.
	*
	* A system limit can be enforced at build time in order to avoid using haproxy
	* beyond reasonable system limits. For this, just define SYSTEM_MAXCONN to the
	* absolute limit accepted by the system. If the configuration specifies a
	* higher value, it will be capped to SYSTEM_MAXCONN and a warning will be
	* emitted. The only way to override this limit will be to set it via the
	* command-line '-n' argument. If SYSTEM_MAXCONN is not set, a minimum value
	* of 100 will be used for DEFAULT_MAXCONN which almost guarantees that a
	* process will correctly start in any situation.
	*/
	#ifdef SYSTEM_MAXCONN
	#undef DEFAULT_MAXCONN
	#define DEFAULT_MAXCONN SYSTEM_MAXCONN
	#elif !defined(DEFAULT_MAXCONN)
	#define DEFAULT_MAXCONN 100
	#endif

	/* Minimum check interval for spread health checks. Servers with intervals
	* greater than or equal to this value will have their checks spread apart
	* and will be considered when searching the minimal interval.
	* Others will be ignored for the minimal interval and will have their checks
	* scheduled on a different basis.
	*/
	#ifndef SRV_CHK_INTER_THRES
	#define SRV_CHK_INTER_THRES 1000
	#endif

	/* Specifies the string used to report the version and release date on the
	* statistics page. May be defined to the empty string ("") to permanently
	* disable the feature.
	*/
	#ifndef STATS_VERSION_STRING
	#define STATS_VERSION_STRING " version " HAPROXY_VERSION ", released " HAPROXY_DATE
	#endif

	/* Maximum signal queue size, and also number of different signals we can
	* handle.
	*/
	#ifndef MAX_SIGNAL
	#define MAX_SIGNAL 256
	#endif

	/* Maximum host name length */
	#ifndef MAX_HOSTNAME_LEN
	#if MAXHOSTNAMELEN
	#define MAX_HOSTNAME_LEN MAXHOSTNAMELEN
	#else
	#define MAX_HOSTNAME_LEN 64
	#endif // MAXHOSTNAMELEN
	#endif // MAX_HOSTNAME_LEN

	/* Maximum health check description length */
	#ifndef HCHK_DESC_LEN
	#define HCHK_DESC_LEN 128
	#endif

	/* ciphers used as defaults on connect */
	#ifndef CONNECT_DEFAULT_CIPHERS
	#define CONNECT_DEFAULT_CIPHERS NULL
	#endif

	/* ciphers used as defaults on TLS 1.3 connect */
	#ifndef CONNECT_DEFAULT_CIPHERSUITES
	#define CONNECT_DEFAULT_CIPHERSUITES NULL
	#endif

	/* ciphers used as defaults on listeners */
	#ifndef LISTEN_DEFAULT_CIPHERS
	#define LISTEN_DEFAULT_CIPHERS NULL
	#endif

	/* cipher suites used as defaults on TLS 1.3 listeners */
	#ifndef LISTEN_DEFAULT_CIPHERSUITES
	#define LISTEN_DEFAULT_CIPHERSUITES NULL
	#endif

	/* named curve used as defaults for ECDHE ciphers */
	#ifndef ECDHE_DEFAULT_CURVE
	#define ECDHE_DEFAULT_CURVE "prime256v1"
	#endif

	/* ssl cache size */
	#ifndef SSLCACHESIZE
	#define SSLCACHESIZE 20000
	#endif

	/* ssl max dh param size */
	#ifndef SSL_DEFAULT_DH_PARAM
	#define SSL_DEFAULT_DH_PARAM 0
	#endif

	/* max memory cost per SSL session */
	#ifndef SSL_SESSION_MAX_COST
	#define SSL_SESSION_MAX_COST (16*1024) // measured
	#endif

	/* max memory cost per SSL handshake (on top of session) */
	#ifndef SSL_HANDSHAKE_MAX_COST
	#define SSL_HANDSHAKE_MAX_COST (76*1024) // measured
	#endif

	#ifndef DEFAULT_SSL_CTX_CACHE
	#define DEFAULT_SSL_CTX_CACHE 1000
	#endif

	/* approximate stream size (for maxconn estimate) */
	#ifndef STREAM_MAX_COST
	#define STREAM_MAX_COST (sizeof(struct stream) + \
	2 * sizeof(struct channel) + \
	2 * sizeof(struct connection) + \
	global.tune.requri_len + \
	2 * global.tune.cookie_len)
	#endif

	/* available memory estimate : count about 3% of overhead in various structures */
	#ifndef MEM_USABLE_RATIO
	#define MEM_USABLE_RATIO 0.97
	#endif

	/* Number of samples used to compute the times reported in stats. A power of
	* two is highly recommended, and this value multiplied by the largest response
	* time must not overflow and unsigned int. See freq_ctr.h for more information.
	* We consider that values are accurate to 95% with two batches of samples below,
	* so in order to advertise accurate times across 1k samples, we effectively
	* measure over 512.
	*/
	#ifndef TIME_STATS_SAMPLES
	#define TIME_STATS_SAMPLES 512
	#endif

	/* max ocsp cert id asn1 encoded length */
	#ifndef OCSP_MAX_CERTID_ASN1_LENGTH
	#define OCSP_MAX_CERTID_ASN1_LENGTH 128
	#endif

	#ifndef OCSP_MAX_RESPONSE_TIME_SKEW
	#define OCSP_MAX_RESPONSE_TIME_SKEW 300
	#endif

	/* Number of TLS tickets to check, used for rotation */
	#ifndef TLS_TICKETS_NO
	#define TLS_TICKETS_NO 3
	#endif

	/* pattern lookup default cache size, in number of entries :
	* 10k entries at 10k req/s mean 1% risk of a collision after 60 years, that's
	* already much less than the memory's reliability in most machines and more
	* durable than most admin's life expectancy. A collision will result in a
	* valid result to be returned for a different entry from the same list.
	*/
	#ifndef DEFAULT_PAT_LRU_SIZE
	#define DEFAULT_PAT_LRU_SIZE 10000
	#endif

	#endif /* _COMMON_DEFAULTS_H */