[thirdparty/squid.git] / src / icmp / IcmpSquid.cc

/*
 * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/* DEBUG: section 37    ICMP Routines */

#include "squid.h"
#include "comm.h"
#include "comm/Loops.h"
#include "defines.h"
#include "fd.h"
#include "icmp/IcmpConfig.h"
#include "icmp/IcmpSquid.h"
#include "icmp/net_db.h"
#include "ip/tools.h"
#include "SquidConfig.h"
#include "SquidIpc.h"
#include "SquidTime.h"

#include <cerrno>

// Instance global to be available in main() and elsewhere.
IcmpSquid icmpEngine;

#if USE_ICMP

#define S_ICMP_ECHO     1
#define S_ICMP_DOM      3

static void * hIpc;
static pid_t pid;

#endif /* USE_ICMP */

IcmpSquid::IcmpSquid() : Icmp()
{
    ; // nothing new.
}

IcmpSquid::~IcmpSquid()
{
    Close();
}

#if USE_ICMP

void
IcmpSquid::SendEcho(Ip::Address &to, int opcode, const char *payload, int len)
{
    static pingerEchoData pecho;
    int x, slen;

    /** \li Does nothing if the pinger socket is not available. */
    if (icmp_sock < 0) {
        debugs(37, 2, HERE << " Socket Closed. Aborted send to " << pecho.to << ", opcode " << opcode << ", len " << pecho.psize);
        return;
    }

    /** \li  If no payload is given or is set as NULL it will ignore payload and len */
    if (!payload)
        len = 0;

    /** \li Otherwise if len is 0, uses strlen() to detect length of payload.
     \bug This will result in part of the payload being truncated if it contains a NULL character.
     \bug Or it may result in a buffer over-run if the payload is not nul-terminated properly.
     */
    else if (payload && len == 0)
        len = strlen(payload);

    // XXX: If length specified or auto-detected is greater than the possible payload squid will die with an assert.
    // TODO: This should perhapse be reduced to a truncated payload? or no payload. A WARNING is due anyway.
    assert(len <= PINGER_PAYLOAD_SZ);

    pecho.to = to;

    pecho.opcode = (unsigned char) opcode;

    pecho.psize = len;

    if (len > 0)
        memcpy(pecho.payload, payload, len);

    slen = sizeof(pingerEchoData) - PINGER_PAYLOAD_SZ + pecho.psize;

    debugs(37, 2, HERE << "to " << pecho.to << ", opcode " << opcode << ", len " << pecho.psize);

    x = comm_udp_send(icmp_sock, (char *)&pecho, slen, 0);

    if (x < 0) {
        int xerrno = errno;
        debugs(37, DBG_IMPORTANT, MYNAME << "send: " << xstrerr(xerrno));

        /** \li  If the send results in ECONNREFUSED or EPIPE errors from helper, will cleanly shutdown the module. */
        // TODO: try restarting the helper a few times before giving up?
        if (xerrno == ECONNREFUSED || xerrno == EPIPE) {
            Close();
            return;
        }
        /** All other send errors are ignored. */
    } else if (x != slen) {
        debugs(37, DBG_IMPORTANT, HERE << "Wrote " << x << " of " << slen << " bytes");
    }
}

// static Callback to wrap the squid-side ICMP handler.
// the IcmpSquid::Recv cannot be declared both static and virtual.
static void
icmpSquidRecv(int unused1, void *unused2)
{
    icmpEngine.Recv();
}

void
IcmpSquid::Recv()
{
    int n;
    static int fail_count = 0;
    pingerReplyData preply;
    static Ip::Address F;

    Comm::SetSelect(icmp_sock, COMM_SELECT_READ, icmpSquidRecv, NULL, 0);
    n = comm_udp_recv(icmp_sock,
                      (char *) &preply,
                      sizeof(pingerReplyData),
                      0);

    if (n < 0 && EAGAIN != errno) {
        int xerrno = errno;
        debugs(37, DBG_IMPORTANT, MYNAME << "recv: " << xstrerr(xerrno));

        if (xerrno == ECONNREFUSED)
            Close();

        if (xerrno == ECONNRESET)
            Close();

        if (++fail_count == 10)
            Close();

        return;
    }

    fail_count = 0;

    /** If its a test probe from the pinger. Do nothing. */
    if (n == 0) {
        return;
    }

    F = preply.from;

    F.port(0);

    switch (preply.opcode) {

    case S_ICMP_ECHO:
        debugs(37,4, HERE << " ICMP_ECHO of " << preply.from << " gave: hops=" << preply.hops <<", rtt=" << preply.rtt);
        break;

    case S_ICMP_DOM:
        debugs(37,4, HERE << " DomainPing of " << preply.from << " gave: hops=" << preply.hops <<", rtt=" << preply.rtt);
        netdbHandlePingReply(F, preply.hops, preply.rtt);
        break;

    default:
        debugs(37, DBG_IMPORTANT, HERE << "Bad opcode: " << preply.opcode << " from " << F);
        break;
    }
}

#endif /* USE_ICMP */

void
IcmpSquid::DomainPing(Ip::Address &to, const char *domain)
{
#if USE_ICMP
    debugs(37, 4, HERE << "'" << domain << "' (" << to << ")");
    SendEcho(to, S_ICMP_DOM, domain, 0);
#endif
}

int
IcmpSquid::Open(void)
{
#if USE_ICMP
    const char *args[2];
    int rfd;
    int wfd;
    Ip::Address localhost;

    /* User configured disabled. */
    if (!IcmpCfg.enable) {
        Close();
        return -1;
    }

    args[0] = "(pinger)";
    args[1] = NULL;
    localhost.setLocalhost();

    /*
     * Do NOT use IPC_DGRAM (=IPC_UNIX_DGRAM) here because you can't
     * send() more than 4096 bytes on a socketpair() socket (at
     * least on FreeBSD).
     */
    pid = ipcCreate(IPC_UDP_SOCKET,
                    IcmpCfg.program.c_str(),
                    args,
                    "Pinger Socket",
                    localhost,
                    &rfd,
                    &wfd,
                    &hIpc);

    if (pid < 0)
        return -1;

    assert(rfd == wfd);

    icmp_sock = rfd;

    fd_note(icmp_sock, "pinger");

    Comm::SetSelect(icmp_sock, COMM_SELECT_READ, icmpSquidRecv, NULL, 0);

    commUnsetFdTimeout(icmp_sock);

    debugs(37, DBG_IMPORTANT, HERE << "Pinger socket opened on FD " << icmp_sock);

    /* Tests the pinger immediately using localhost */
    if (Ip::EnableIpv6)
        SendEcho(localhost, S_ICMP_ECHO, "ip6-localhost");
    if (localhost.setIPv4())
        SendEcho(localhost, S_ICMP_ECHO, "localhost");

#if _SQUID_WINDOWS_

    debugs(37, 4, HERE << "Pinger handle: 0x" << std::hex << hIpc << std::dec << ", PID: " << pid);

#endif /* _SQUID_WINDOWS_ */
    return icmp_sock;
#else /* USE_ICMP */
    return -1;
#endif /* USE_ICMP */
}

void
IcmpSquid::Close(void)
{
#if USE_ICMP

    if (icmp_sock < 0)
        return;

    debugs(37, DBG_IMPORTANT, HERE << "Closing Pinger socket on FD " << icmp_sock);

#if _SQUID_WINDOWS_

    send(icmp_sock, (const void *) "$shutdown\n", 10, 0);

#endif

    comm_close(icmp_sock);

#if _SQUID_WINDOWS_

    if (hIpc) {
        if (WaitForSingleObject(hIpc, 12000) != WAIT_OBJECT_0) {
            getCurrentTime();
            debugs(37, DBG_CRITICAL, HERE << "WARNING: (pinger," << pid << ") didn't exit in 12 seconds");
        }

        CloseHandle(hIpc);
    }

#endif
    icmp_sock = -1;

#endif
}
Commit	Line	Data
cc192b50	1	/*
f70aedc4	2	* Copyright (C) 1996-2021 The Squid Software Foundation and contributors
cc192b50	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
cc192b50	7	*/
cc192b50	8
bbc27441 AJ	9	/* DEBUG: section 37 ICMP Routines */
bbc27441 AJ	10
582c2af2	11	#include "squid.h"
d841c88d AJ	12	#include "comm.h"
d841c88d AJ	13	#include "comm/Loops.h"
f1d156fa	14	#include "defines.h"
c4ad1349	15	#include "fd.h"
7a9d36e3	16	#include "icmp/IcmpConfig.h"
9b5c4a9a AJ	17	#include "icmp/IcmpSquid.h"
9b5c4a9a AJ	18	#include "icmp/net_db.h"
055421ee	19	#include "ip/tools.h"
4d5904f7	20	#include "SquidConfig.h"
96097880	21	#include "SquidIpc.h"
cc192b50	22	#include "SquidTime.h"
cc192b50	23
1a30fdf5	24	#include <cerrno>
21d845b1	25
cc192b50	26	// Instance global to be available in main() and elsewhere.
b826ffb5	27	IcmpSquid icmpEngine;
cc192b50	28
	29	#if USE_ICMP
	30
	31	#define S_ICMP_ECHO 1
cc192b50	32	#define S_ICMP_DOM 3
	33
	34	static void * hIpc;
	35	static pid_t pid;
	36
	37	#endif /* USE_ICMP */
	38
b826ffb5	39	IcmpSquid::IcmpSquid() : Icmp()
cc192b50	40	{
	41	; // nothing new.
	42	}
	43
b826ffb5	44	IcmpSquid::~IcmpSquid()
cc192b50	45	{
	46	Close();
	47	}
	48
cc192b50	49	#if USE_ICMP
	50
	51	void
b7ac5457	52	IcmpSquid::SendEcho(Ip::Address &to, int opcode, const char *payload, int len)
cc192b50	53	{
	54	static pingerEchoData pecho;
	55	int x, slen;
	56
	57	/** \li Does nothing if the pinger socket is not available. */
26ac0430	58	if (icmp_sock < 0) {
cc192b50	59	debugs(37, 2, HERE << " Socket Closed. Aborted send to " << pecho.to << ", opcode " << opcode << ", len " << pecho.psize);
	60	return;
	61	}
	62
	63	/** \li If no payload is given or is set as NULL it will ignore payload and len */
26ac0430	64	if (!payload)
cc192b50	65	len = 0;
26ac0430	66
cc192b50	67	/** \li Otherwise if len is 0, uses strlen() to detect length of payload.
	68	\bug This will result in part of the payload being truncated if it contains a NULL character.
	69	\bug Or it may result in a buffer over-run if the payload is not nul-terminated properly.
	70	*/
	71	else if (payload && len == 0)
	72	len = strlen(payload);
	73
9837567d AJ	74	// XXX: If length specified or auto-detected is greater than the possible payload squid will die with an assert.
9837567d AJ	75	// TODO: This should perhapse be reduced to a truncated payload? or no payload. A WARNING is due anyway.
cc192b50	76	assert(len <= PINGER_PAYLOAD_SZ);
	77
	78	pecho.to = to;
	79
	80	pecho.opcode = (unsigned char) opcode;
	81
	82	pecho.psize = len;
	83
26ac0430	84	if (len > 0)
41d00cd3	85	memcpy(pecho.payload, payload, len);
cc192b50	86
	87	slen = sizeof(pingerEchoData) - PINGER_PAYLOAD_SZ + pecho.psize;
	88
	89	debugs(37, 2, HERE << "to " << pecho.to << ", opcode " << opcode << ", len " << pecho.psize);
	90
	91	x = comm_udp_send(icmp_sock, (char *)&pecho, slen, 0);
	92
	93	if (x < 0) {
b69e9ffa AJ	94	int xerrno = errno;
b69e9ffa AJ	95	debugs(37, DBG_IMPORTANT, MYNAME << "send: " << xstrerr(xerrno));
cc192b50	96
cc192b50	97	/** \li If the send results in ECONNREFUSED or EPIPE errors from helper, will cleanly shutdown the module. */
9837567d	98	// TODO: try restarting the helper a few times before giving up?
b69e9ffa	99	if (xerrno == ECONNREFUSED \|\| xerrno == EPIPE) {
cc192b50	100	Close();
	101	return;
	102	}
	103	/** All other send errors are ignored. */
9166e142	104	} else if (x != slen) {
e0236918	105	debugs(37, DBG_IMPORTANT, HERE << "Wrote " << x << " of " << slen << " bytes");
cc192b50	106	}
	107	}
	108
	109	// static Callback to wrap the squid-side ICMP handler.
b826ffb5	110	// the IcmpSquid::Recv cannot be declared both static and virtual.
cc192b50	111	static void
	112	icmpSquidRecv(int unused1, void *unused2)
	113	{
	114	icmpEngine.Recv();
	115	}
	116
	117	void
b826ffb5	118	IcmpSquid::Recv()
cc192b50	119	{
	120	int n;
	121	static int fail_count = 0;
	122	pingerReplyData preply;
b7ac5457	123	static Ip::Address F;
cc192b50	124
d841c88d	125	Comm::SetSelect(icmp_sock, COMM_SELECT_READ, icmpSquidRecv, NULL, 0);
cc192b50	126	n = comm_udp_recv(icmp_sock,
	127	(char *) &preply,
	128	sizeof(pingerReplyData),
	129	0);
	130
	131	if (n < 0 && EAGAIN != errno) {
b69e9ffa AJ	132	int xerrno = errno;
b69e9ffa AJ	133	debugs(37, DBG_IMPORTANT, MYNAME << "recv: " << xstrerr(xerrno));
cc192b50	134
b69e9ffa	135	if (xerrno == ECONNREFUSED)
cc192b50	136	Close();
cc192b50	137
b69e9ffa	138	if (xerrno == ECONNRESET)
cc192b50	139	Close();
	140
	141	if (++fail_count == 10)
	142	Close();
	143
	144	return;
	145	}
	146
	147	fail_count = 0;
	148
	149	/** If its a test probe from the pinger. Do nothing. */
	150	if (n == 0) {
	151	return;
	152	}
	153
	154	F = preply.from;
	155
4dd643d5	156	F.port(0);
cc192b50	157
	158	switch (preply.opcode) {
	159
	160	case S_ICMP_ECHO:
	161	debugs(37,4, HERE << " ICMP_ECHO of " << preply.from << " gave: hops=" << preply.hops <<", rtt=" << preply.rtt);
	162	break;
	163
	164	case S_ICMP_DOM:
	165	debugs(37,4, HERE << " DomainPing of " << preply.from << " gave: hops=" << preply.hops <<", rtt=" << preply.rtt);
	166	netdbHandlePingReply(F, preply.hops, preply.rtt);
	167	break;
	168
	169	default:
e0236918	170	debugs(37, DBG_IMPORTANT, HERE << "Bad opcode: " << preply.opcode << " from " << F);
cc192b50	171	break;
	172	}
	173	}
	174
	175	#endif /* USE_ICMP */
	176
	177	void
b7ac5457	178	IcmpSquid::DomainPing(Ip::Address &to, const char *domain)
cc192b50	179	{
	180	#if USE_ICMP
	181	debugs(37, 4, HERE << "'" << domain << "' (" << to << ")");
	182	SendEcho(to, S_ICMP_DOM, domain, 0);
	183	#endif
	184	}
	185
	186	int
b826ffb5	187	IcmpSquid::Open(void)
cc192b50	188	{
	189	#if USE_ICMP
	190	const char *args[2];
	191	int rfd;
	192	int wfd;
b7ac5457	193	Ip::Address localhost;
cc192b50	194
cc192b50	195	/* User configured disabled. */
7a9d36e3	196	if (!IcmpCfg.enable) {
cc192b50	197	Close();
	198	return -1;
	199	}
	200
	201	args[0] = "(pinger)";
	202	args[1] = NULL;
4dd643d5	203	localhost.setLocalhost();
cc192b50	204
	205	/*
	206	* Do NOT use IPC_DGRAM (=IPC_UNIX_DGRAM) here because you can't
	207	* send() more than 4096 bytes on a socketpair() socket (at
	208	* least on FreeBSD).
	209	*/
	210	pid = ipcCreate(IPC_UDP_SOCKET,
7a9d36e3	211	IcmpCfg.program.c_str(),
cc192b50	212	args,
	213	"Pinger Socket",
	214	localhost,
	215	&rfd,
	216	&wfd,
	217	&hIpc);
	218
	219	if (pid < 0)
	220	return -1;
	221
	222	assert(rfd == wfd);
	223
	224	icmp_sock = rfd;
	225
	226	fd_note(icmp_sock, "pinger");
	227
d841c88d	228	Comm::SetSelect(icmp_sock, COMM_SELECT_READ, icmpSquidRecv, NULL, 0);
cc192b50	229
933dd095	230	commUnsetFdTimeout(icmp_sock);
cc192b50	231
e0236918	232	debugs(37, DBG_IMPORTANT, HERE << "Pinger socket opened on FD " << icmp_sock);
cc192b50	233
cc192b50	234	/* Tests the pinger immediately using localhost */
055421ee AJ	235	if (Ip::EnableIpv6)
055421ee AJ	236	SendEcho(localhost, S_ICMP_ECHO, "ip6-localhost");
4dd643d5	237	if (localhost.setIPv4())
cc192b50	238	SendEcho(localhost, S_ICMP_ECHO, "localhost");
cc192b50	239
7aa9bb3e	240	#if _SQUID_WINDOWS_
cc192b50	241
	242	debugs(37, 4, HERE << "Pinger handle: 0x" << std::hex << hIpc << std::dec << ", PID: " << pid);
	243
7aa9bb3e	244	#endif /* _SQUID_WINDOWS_ */
cc192b50	245	return icmp_sock;
b8e19d32 HN	246	#else /* USE_ICMP */
	247	return -1;
	248	#endif /* USE_ICMP */
cc192b50	249	}
	250
	251	void
b826ffb5	252	IcmpSquid::Close(void)
cc192b50	253	{
	254	#if USE_ICMP
	255
	256	if (icmp_sock < 0)
	257	return;
	258
e0236918	259	debugs(37, DBG_IMPORTANT, HERE << "Closing Pinger socket on FD " << icmp_sock);
cc192b50	260
7aa9bb3e	261	#if _SQUID_WINDOWS_
cc192b50	262
	263	send(icmp_sock, (const void *) "$shutdown\n", 10, 0);
	264
	265	#endif
	266
	267	comm_close(icmp_sock);
	268
7aa9bb3e	269	#if _SQUID_WINDOWS_
cc192b50	270
	271	if (hIpc) {
	272	if (WaitForSingleObject(hIpc, 12000) != WAIT_OBJECT_0) {
	273	getCurrentTime();
fa84c01d	274	debugs(37, DBG_CRITICAL, HERE << "WARNING: (pinger," << pid << ") didn't exit in 12 seconds");
cc192b50	275	}
	276
	277	CloseHandle(hIpc);
	278	}
	279
	280	#endif
	281	icmp_sock = -1;
	282
	283	#endif
	284	}
f53969cc	285