2 * DEBUG: section 12 Internet Cache Protocol (ICP)
3 * AUTHOR: Duane Wessels
5 * SQUID Web Proxy Cache http://www.squid-cache.org/
6 * ----------------------------------------------------------
8 * Squid is the result of efforts by numerous individuals from
9 * the Internet community; see the CONTRIBUTORS file for full
10 * details. Many organizations have provided support for Squid's
11 * development; see the SPONSORS file for full details. Squid is
12 * Copyrighted (C) 2001 by the Regents of the University of
13 * California; see the COPYRIGHT file for full details. Squid
14 * incorporates software developed and/or copyrighted by other
15 * sources; see the CREDITS file for full details.
17 * This program is free software; you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation; either version 2 of the License, or
20 * (at your option) any later version.
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
34 \defgroup ServerProtocolICPInternal2 ICPv2 Internals
35 \ingroup ServerProtocolICPAPI
42 #include "HttpRequest.h"
43 #include "acl/FilledChecklist.h"
45 #include "AccessLogEntry.h"
47 #include "SquidTime.h"
49 #include "icmp/net_db.h"
50 #include "ip/Address.h"
53 /// \ingroup ServerProtocolICPInternal2
54 static void icpLogIcp(const Ip::Address
&, log_type
, int, const char *, int);
56 /// \ingroup ServerProtocolICPInternal2
57 static void icpHandleIcpV2(int, Ip::Address
&, char *, int);
59 /// \ingroup ServerProtocolICPInternal2
60 static void icpCount(void *, int, size_t, int);
63 \ingroup ServerProtocolICPInternal2
64 * IcpQueueHead is global so comm_incoming() knows whether or not
65 * to call icpUdpSendQueue.
67 static icpUdpData
*IcpQueueHead
= NULL
;
68 /// \ingroup ServerProtocolICPInternal2
69 static icpUdpData
*IcpQueueTail
= NULL
;
71 /// \ingroup ServerProtocolICPInternal2
72 Ip::Address theOutICPAddr
;
75 _icp_common_t::_icp_common_t() : opcode(ICP_INVALID
), version(0), length(0), reqnum(0), flags(0), pad(0), shostid(0)
78 _icp_common_t::_icp_common_t(char *buf
, unsigned int len
)
80 if (len
< sizeof(_icp_common_t
)) {
86 xmemcpy(this, buf
, sizeof(icp_common_t
));
88 * Convert network order sensitive fields
90 length
= ntohs(length
);
91 reqnum
= ntohl(reqnum
);
97 _icp_common_t::getOpCode() const
99 if (opcode
> (char)ICP_END
)
102 return (icp_opcode
)opcode
;
107 ICPState::ICPState(icp_common_t
&aHeader
, HttpRequest
*aRequest
):
109 request(HTTPMSGLOCK(aRequest
)),
114 ICPState::~ICPState()
117 HTTPMSGUNLOCK(request
);
125 /// \ingroup ServerProtocolICPInternal2
126 class ICP2State
: public ICPState
, public StoreClient
130 ICP2State(icp_common_t
& aHeader
, HttpRequest
*aRequest
):
131 ICPState(aHeader
, aRequest
),rtt(0),src_rtt(0),flags(0) {}
134 void created(StoreEntry
* newEntry
);
141 ICP2State::~ICP2State()
145 ICP2State::created(StoreEntry
*newEntry
)
147 StoreEntry
*entry
= newEntry
->isNull () ? NULL
: newEntry
;
148 debugs(12, 5, "icpHandleIcpV2: OPCODE " << icp_opcode_str
[header
.opcode
]);
149 icp_opcode codeToSend
;
151 if (icpCheckUdpHit(entry
, request
)) {
152 codeToSend
= ICP_HIT
;
155 if (Config
.onoff
.test_reachability
&& rtt
== 0) {
156 if ((rtt
= netdbHostRtt(request
->GetHost())) == 0)
157 netdbPingSite(request
->GetHost());
159 #endif /* USE_ICMP */
161 if (icpGetCommonOpcode() != ICP_ERR
)
162 codeToSend
= icpGetCommonOpcode();
163 else if (Config
.onoff
.test_reachability
&& rtt
== 0)
164 codeToSend
= ICP_MISS_NOFETCH
;
166 codeToSend
= ICP_MISS
;
169 icpCreateAndSend(codeToSend
, flags
, url
, header
.reqnum
, src_rtt
, fd
, from
);
175 /// \ingroup ServerProtocolICPInternal2
177 icpLogIcp(const Ip::Address
&caddr
, log_type logcode
, int len
, const char *url
, int delay
)
181 if (LOG_TAG_NONE
== logcode
)
184 if (LOG_ICP_QUERY
== logcode
)
187 clientdbUpdate(caddr
, logcode
, PROTO_ICP
, len
);
189 if (!Config
.onoff
.log_udp
)
192 al
.icp
.opcode
= ICP_QUERY
;
196 al
.cache
.caddr
= caddr
;
198 al
.cache
.replySize
= len
;
200 al
.cache
.code
= logcode
;
202 al
.cache
.msec
= delay
;
204 accessLogLog(&al
, NULL
);
207 /// \ingroup ServerProtocolICPInternal2
209 icpUdpSendQueue(int fd
, void *unused
)
215 while ((q
= IcpQueueHead
) != NULL
) {
216 delay
= tvSubUsec(q
->queue_time
, current_time
);
217 /* increment delay to prevent looping */
218 x
= icpUdpSend(fd
, q
->address
, (icp_common_t
*) q
->msg
, q
->logcode
, ++delay
);
219 IcpQueueHead
= q
->next
;
228 _icp_common_t::createMessage(
236 icp_common_t
*headerp
= NULL
;
237 char *urloffset
= NULL
;
239 buf_len
= sizeof(icp_common_t
) + strlen(url
) + 1;
241 if (opcode
== ICP_QUERY
)
242 buf_len
+= sizeof(uint32_t);
244 buf
= (char *) xcalloc(buf_len
, 1);
246 headerp
= (icp_common_t
*) (void *) buf
;
248 headerp
->opcode
= (char) opcode
;
250 headerp
->version
= ICP_VERSION_CURRENT
;
252 headerp
->length
= (uint16_t) htons(buf_len
);
254 headerp
->reqnum
= htonl(reqnum
);
256 headerp
->flags
= htonl(flags
);
258 headerp
->pad
= htonl(pad
);
260 theOutICPAddr
.GetInAddr( *((struct in_addr
*)&headerp
->shostid
) );
262 urloffset
= buf
+ sizeof(icp_common_t
);
264 if (opcode
== ICP_QUERY
)
265 urloffset
+= sizeof(uint32_t);
267 xmemcpy(urloffset
, url
, strlen(url
));
269 return (icp_common_t
*)buf
;
274 const Ip::Address
&to
,
282 len
= (int) ntohs(msg
->length
);
283 debugs(12, 5, "icpUdpSend: FD " << fd
<< " sending " <<
284 icp_opcode_str
[msg
->opcode
] << ", " << len
<< " bytes to " << to
);
286 x
= comm_udp_sendto(fd
, to
, msg
, len
);
289 /* successfully written */
290 icpLogIcp(to
, logcode
, len
, (char *) (msg
+ 1), delay
);
291 icpCount(msg
, SENT
, (size_t) len
, delay
);
293 } else if (0 == delay
) {
294 /* send failed, but queue it */
295 queue
= (icpUdpData
*) xcalloc(1, sizeof(icpUdpData
));
298 queue
->len
= (int) ntohs(msg
->length
);
299 queue
->queue_time
= current_time
;
300 queue
->logcode
= logcode
;
302 if (IcpQueueHead
== NULL
) {
303 IcpQueueHead
= queue
;
304 IcpQueueTail
= queue
;
305 } else if (IcpQueueTail
== IcpQueueHead
) {
306 IcpQueueTail
= queue
;
307 IcpQueueHead
->next
= queue
;
309 IcpQueueTail
->next
= queue
;
310 IcpQueueTail
= queue
;
313 commSetSelect(fd
, COMM_SELECT_WRITE
, icpUdpSendQueue
, NULL
, 0);
314 statCounter
.icp
.replies_queued
++;
317 statCounter
.icp
.replies_dropped
++;
324 icpCheckUdpHit(StoreEntry
* e
, HttpRequest
* request
)
329 if (!e
->validToSend())
332 if (Config
.onoff
.icp_hit_stale
)
335 if (refreshCheckICP(e
, request
))
342 * This routine selects an ICP opcode for ICP misses.
344 \retval ICP_ERR no opcode selected here
345 \retval ICP_MISS_NOFETCH store is rebuilding, no fetch is possible yet
350 /* if store is rebuilding, return a UDP_MISS_NOFETCH */
352 if ((StoreController::store_dirs_rebuilding
&& opt_reload_hit_only
) ||
353 hit_only_mode_until
> squid_curtime
) {
354 return ICP_MISS_NOFETCH
;
361 icpLogFromICPCode(icp_opcode opcode
)
363 if (opcode
== ICP_ERR
)
364 return LOG_UDP_INVALID
;
366 if (opcode
== ICP_DENIED
)
367 return LOG_UDP_DENIED
;
369 if (opcode
== ICP_HIT
)
372 if (opcode
== ICP_MISS
)
375 if (opcode
== ICP_MISS_NOFETCH
)
376 return LOG_UDP_MISS_NOFETCH
;
378 fatal("expected ICP opcode\n");
380 return LOG_UDP_INVALID
;
384 icpCreateAndSend(icp_opcode opcode
, int flags
, char const *url
, int reqnum
, int pad
, int fd
, const Ip::Address
&from
)
386 icp_common_t
*reply
= _icp_common_t::createMessage(opcode
, flags
, url
, reqnum
, pad
);
387 icpUdpSend(fd
, from
, reply
, icpLogFromICPCode(opcode
), 0);
391 icpDenyAccess(Ip::Address
&from
, char *url
, int reqnum
, int fd
)
393 debugs(12, 2, "icpDenyAccess: Access Denied for " << from
<< " by " << AclMatchedName
<< ".");
395 if (clientdbCutoffDenied(from
)) {
397 * count this DENIED query in the clientdb, even though
398 * we're not sending an ICP reply...
400 clientdbUpdate(from
, LOG_UDP_DENIED
, PROTO_ICP
, 0);
402 icpCreateAndSend(ICP_DENIED
, 0, url
, reqnum
, 0, fd
, from
);
407 icpAccessAllowed(Ip::Address
&from
, HttpRequest
* icp_request
)
409 /* absent an explicit allow, we deny all */
410 if (!Config
.accessList
.icp
)
413 ACLFilledChecklist
checklist(Config
.accessList
.icp
, icp_request
, NULL
);
414 checklist
.src_addr
= from
;
415 checklist
.my_addr
.SetNoAddr();
416 int result
= checklist
.fastCheck();
421 icpGetUrlToSend(char *url
)
423 if (strpbrk(url
, w_space
))
424 return rfc1738_escape(url
);
430 icpGetRequest(char *url
, int reqnum
, int fd
, Ip::Address
&from
)
432 if (strpbrk(url
, w_space
)) {
433 url
= rfc1738_escape(url
);
434 icpCreateAndSend(ICP_ERR
, 0, rfc1738_escape(url
), reqnum
, 0, fd
, from
);
440 if ((result
= HttpRequest::CreateFromUrl(url
)) == NULL
)
441 icpCreateAndSend(ICP_ERR
, 0, url
, reqnum
, 0, fd
, from
);
448 doV2Query(int fd
, Ip::Address
&from
, char *buf
, icp_common_t header
)
453 /* We have a valid packet */
454 char *url
= buf
+ sizeof(icp_common_t
) + sizeof(uint32_t);
455 HttpRequest
*icp_request
= icpGetRequest(url
, header
.reqnum
, fd
, from
);
460 HTTPMSGLOCK(icp_request
);
462 if (!icpAccessAllowed(from
, icp_request
)) {
463 icpDenyAccess(from
, url
, header
.reqnum
, fd
);
464 HTTPMSGUNLOCK(icp_request
);
468 if (header
.flags
& ICP_FLAG_SRC_RTT
) {
469 rtt
= netdbHostRtt(icp_request
->GetHost());
470 int hops
= netdbHostHops(icp_request
->GetHost());
471 src_rtt
= ((hops
& 0xFFFF) << 16) | (rtt
& 0xFFFF);
474 flags
|= ICP_FLAG_SRC_RTT
;
476 #endif /* USE_ICMP */
478 /* The peer is allowed to use this cache */
479 ICP2State
*state
= new ICP2State (header
, icp_request
);
485 state
->url
= xstrdup (url
);
487 state
->flags
= flags
;
491 state
->src_rtt
= src_rtt
;
493 StoreEntry::getPublic (state
, url
, METHOD_GET
);
495 HTTPMSGUNLOCK(icp_request
);
499 _icp_common_t::handleReply(char *buf
, Ip::Address
&from
)
501 if (neighbors_do_private_keys
&& reqnum
== 0) {
502 debugs(12, 0, "icpHandleIcpV2: Neighbor " << from
<< " returned reqnum = 0");
503 debugs(12, 0, "icpHandleIcpV2: Disabling use of private keys");
504 neighbors_do_private_keys
= 0;
507 char *url
= buf
+ sizeof(icp_common_t
);
508 debugs(12, 3, "icpHandleIcpV2: " << icp_opcode_str
[opcode
] << " from " << from
<< " for '" << url
<< "'");
510 const cache_key
*key
= icpGetCacheKey(url
, (int) reqnum
);
511 /* call neighborsUdpAck even if ping_status != PING_WAITING */
512 neighborsUdpAck(key
, this, from
);
516 icpHandleIcpV2(int fd
, Ip::Address
&from
, char *buf
, int len
)
519 debugs(12, 3, "icpHandleIcpV2: ICP message is too small");
523 icp_common_t
header(buf
, len
);
525 * Length field should match the number of bytes read
528 if (len
!= header
.length
) {
529 debugs(12, 3, "icpHandleIcpV2: ICP message is too small");
533 switch (header
.opcode
) {
536 /* We have a valid packet */
537 doV2Query(fd
, from
, buf
, header
);
548 case ICP_MISS_NOFETCH
:
549 header
.handleReply(buf
, from
);
558 debugs(12, 0, "icpHandleIcpV2: UNKNOWN OPCODE: " << header
.opcode
<< " from " << from
);
566 icpPktDump(icp_common_t
* pkt
)
570 debugs(12, 9, "opcode: " << std::setw(3) << pkt
->opcode
<< " " << icp_opcode_str
[pkt
->opcode
]);
571 debugs(12, 9, "version: "<< std::left
<< std::setw(8) << pkt
->version
);
572 debugs(12, 9, "length: "<< std::left
<< std::setw(8) << ntohs(pkt
->length
));
573 debugs(12, 9, "reqnum: "<< std::left
<< std::setw(8) << ntohl(pkt
->reqnum
));
574 debugs(12, 9, "flags: "<< std::left
<< std::hex
<< std::setw(8) << ntohl(pkt
->flags
));
575 a
= (struct in_addr
)pkt
->shostid
;
576 debugs(12, 9, "shostid: " << a
);
577 debugs(12, 9, "payload: " << (char *) pkt
+ sizeof(icp_common_t
));
583 icpHandleUdp(int sock
, void *data
)
585 int *N
= &incoming_sockets_accepted
;
588 LOCAL_ARRAY(char, buf
, SQUID_UDP_SO_RCVBUF
);
591 int max
= INCOMING_ICP_MAX
;
592 commSetSelect(sock
, COMM_SELECT_READ
, icpHandleUdp
, NULL
, 0);
595 len
= comm_udp_recvfrom(sock
,
597 SQUID_UDP_SO_RCVBUF
- 1,
605 if (ignoreErrno(errno
))
609 /* Some Linux systems seem to set the FD for reading and then
610 * return ECONNREFUSED when sendto() fails and generates an ICMP
611 * port unreachable message. */
612 /* or maybe an EHOSTUNREACH "No route to host" message */
613 if (errno
!= ECONNREFUSED
&& errno
!= EHOSTUNREACH
)
616 debugs(50, 1, "icpHandleUdp: FD " << sock
<< " recvfrom: " << xstrerror());
622 icpCount(buf
, RECV
, (size_t) len
, 0);
624 debugs(12, 4, "icpHandleUdp: FD " << sock
<< ": received " <<
625 (unsigned long int)len
<< " bytes from " << from
);
627 #ifdef ICP_PACKET_DUMP
632 if ((size_t) len
< sizeof(icp_common_t
)) {
633 debugs(12, 4, "icpHandleUdp: Ignoring too-small UDP packet");
637 icp_version
= (int) buf
[1]; /* cheat! */
639 if (icp_version
== ICP_VERSION_2
)
640 icpHandleIcpV2(sock
, from
, buf
, len
);
641 else if (icp_version
== ICP_VERSION_3
)
642 icpHandleIcpV3(sock
, from
, buf
, len
);
644 debugs(12, 1, "WARNING: Unused ICP version " << icp_version
<<
645 " received from " << from
);
650 icpConnectionsOpen(void)
655 struct addrinfo
*xai
= NULL
;
659 if ((port
= Config
.Port
.icp
) <= 0)
664 addr
= Config
.Addrs
.udp_incoming
;
666 theInIcpConnection
= comm_open_listener(SOCK_DGRAM
,
673 if (theInIcpConnection
< 0)
674 fatal("Cannot open ICP Port");
676 commSetSelect(theInIcpConnection
,
682 for (s
= Config
.mcast_group_list
; s
; s
= s
->next
)
683 ipcache_nbgethostbyname(s
->key
, mcastJoinGroups
, NULL
);
685 debugs(12, 1, "Accepting ICP messages at " << addr
<< ", FD " << theInIcpConnection
<< ".");
687 addr
.SetEmpty(); // clear for next use.
688 addr
= Config
.Addrs
.udp_outgoing
;
689 if ( !addr
.IsNoAddr() ) {
692 theOutIcpConnection
= comm_open_listener(SOCK_DGRAM
,
699 if (theOutIcpConnection
< 0)
700 fatal("Cannot open Outgoing ICP Port");
702 commSetSelect(theOutIcpConnection
,
708 debugs(12, 1, "Outgoing ICP messages on port " << addr
.GetPort() << ", FD " << theOutIcpConnection
<< ".");
710 fd_note(theOutIcpConnection
, "Outgoing ICP socket");
712 fd_note(theInIcpConnection
, "Incoming ICP socket");
714 theOutIcpConnection
= theInIcpConnection
;
717 theOutICPAddr
.SetEmpty();
719 theOutICPAddr
.InitAddrInfo(xai
);
721 x
= getsockname(theOutIcpConnection
, xai
->ai_addr
, &xai
->ai_addrlen
);
724 debugs(50, 1, "theOutIcpConnection FD " << theOutIcpConnection
<< ": getsockname: " << xstrerror());
726 theOutICPAddr
= *xai
;
728 theOutICPAddr
.FreeAddrInfo(xai
);
732 * icpConnectionShutdown only closes the 'in' socket if it is
733 * different than the 'out' socket.
736 icpConnectionShutdown(void)
738 if (theInIcpConnection
< 0)
741 if (theInIcpConnection
!= theOutIcpConnection
) {
742 debugs(12, 1, "FD " << theInIcpConnection
<< " Closing ICP connection");
743 comm_close(theInIcpConnection
);
747 * Here we set 'theInIcpConnection' to -1 even though the ICP 'in'
748 * and 'out' sockets might be just one FD. This prevents this
749 * function from executing repeatedly. When we are really ready to
750 * exit or restart, main will comm_close the 'out' descriptor.
752 theInIcpConnection
= -1;
755 * Normally we only write to the outgoing ICP socket, but
756 * we also have a read handler there to catch messages sent
757 * to that specific interface. During shutdown, we must
758 * disable reading on the outgoing socket.
760 assert(theOutIcpConnection
> -1);
762 commSetSelect(theOutIcpConnection
, COMM_SELECT_READ
, NULL
, NULL
, 0);
766 icpConnectionClose(void)
768 icpConnectionShutdown();
770 if (theOutIcpConnection
> -1) {
771 debugs(12, 1, "FD " << theOutIcpConnection
<< " Closing ICP connection");
772 comm_close(theOutIcpConnection
);
773 theOutIcpConnection
= -1;
778 icpCount(void *buf
, int which
, size_t len
, int delay
)
780 icp_common_t
*icp
= (icp_common_t
*) buf
;
782 if (len
< sizeof(*icp
))
786 statCounter
.icp
.pkts_sent
++;
787 kb_incr(&statCounter
.icp
.kbytes_sent
, len
);
789 if (ICP_QUERY
== icp
->opcode
) {
790 statCounter
.icp
.queries_sent
++;
791 kb_incr(&statCounter
.icp
.q_kbytes_sent
, len
);
793 statCounter
.icp
.replies_sent
++;
794 kb_incr(&statCounter
.icp
.r_kbytes_sent
, len
);
795 /* this is the sent-reply service time */
796 statHistCount(&statCounter
.icp
.reply_svc_time
, delay
);
799 if (ICP_HIT
== icp
->opcode
)
800 statCounter
.icp
.hits_sent
++;
801 } else if (RECV
== which
) {
802 statCounter
.icp
.pkts_recv
++;
803 kb_incr(&statCounter
.icp
.kbytes_recv
, len
);
805 if (ICP_QUERY
== icp
->opcode
) {
806 statCounter
.icp
.queries_recv
++;
807 kb_incr(&statCounter
.icp
.q_kbytes_recv
, len
);
809 statCounter
.icp
.replies_recv
++;
810 kb_incr(&statCounter
.icp
.r_kbytes_recv
, len
);
811 /* statCounter.icp.query_svc_time set in clientUpdateCounters */
814 if (ICP_HIT
== icp
->opcode
)
815 statCounter
.icp
.hits_recv
++;
819 #define N_QUERIED_KEYS 8192
820 #define N_QUERIED_KEYS_MASK 8191
821 static cache_key queried_keys
[N_QUERIED_KEYS
][SQUID_MD5_DIGEST_LENGTH
];
824 icpSetCacheKey(const cache_key
* key
)
826 static int reqnum
= 0;
831 storeKeyCopy(queried_keys
[reqnum
& N_QUERIED_KEYS_MASK
], key
);
837 icpGetCacheKey(const char *url
, int reqnum
)
839 if (neighbors_do_private_keys
&& reqnum
)
840 return queried_keys
[reqnum
& N_QUERIED_KEYS_MASK
];
842 return storeKeyPublic(url
, METHOD_GET
);