-#include "squid.h"
+/*
+ * $Id$
+ *
+ * DEBUG: section 12 Internet Cache Protocol (ICP)
+ * AUTHOR: Duane Wessels
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+/**
+ \defgroup ServerProtocolICPInternal3 ICPv3 Internals
+ \ingroup ServerProtocolICPAPI
+ */
+
+#include "squid-old.h"
+#include "Store.h"
+#include "ICP.h"
+#include "HttpRequest.h"
+
+/// \ingroup ServerProtocolICPInternal3
+class ICP3State : public ICPState, public StoreClient
+{
+
+public:
+ ICP3State(icp_common_t &aHeader, HttpRequest *aRequest) :
+ ICPState(aHeader, aRequest) {}
+
+ ~ICP3State();
+ void created (StoreEntry *newEntry);
+};
+
+/// \ingroup ServerProtocolICPInternal3
+static void
+doV3Query(int fd, Ip::Address &from, char *buf, icp_common_t header)
+{
+ /* We have a valid packet */
+ char *url = buf + sizeof(icp_common_t) + sizeof(uint32_t);
+ HttpRequest *icp_request = icpGetRequest (url, header.reqnum, fd, from);
+
+ if (!icp_request)
+ return;
+
+ if (!icpAccessAllowed(from, icp_request)) {
+ icpDenyAccess (from, url, header.reqnum, fd);
+ delete icp_request;
+ return;
+ }
+
+ /* The peer is allowed to use this cache */
+ ICP3State *state = new ICP3State (header, icp_request);
+
+ state->fd = fd;
+
+ state->from = from;
+
+ state->url = xstrdup (url);
+
+ StoreEntry::getPublic (state, url, METHOD_GET);
+}
+
+ICP3State::~ICP3State()
+{}
+
+void
+ICP3State::created(StoreEntry *newEntry)
+{
+ StoreEntry *entry = newEntry->isNull () ? NULL : newEntry;
+ debugs(12, 5, "icpHandleIcpV3: OPCODE " << icp_opcode_str[header.opcode]);
+ icp_opcode codeToSend;
+
+ if (icpCheckUdpHit(entry, request)) {
+ codeToSend = ICP_HIT;
+ } else if (icpGetCommonOpcode() == ICP_ERR)
+ codeToSend = ICP_MISS;
+ else
+ codeToSend = icpGetCommonOpcode();
+
+ icpCreateAndSend (codeToSend, 0, url, header.reqnum, 0, fd, from);
+
+ delete this;
+}
+
+
+/// \ingroup ServerProtocolICPInternal3
/* Currently Harvest cached-2.x uses ICP_VERSION_3 */
void
-icpHandleIcpV3(int fd, struct sockaddr_in from, char *buf, int len)
+icpHandleIcpV3(int fd, Ip::Address &from, char *buf, int len)
{
- icp_common_t header;
- icp_common_t *reply;
- icp_common_t *headerp = (icp_common_t *) (void *) buf;
- StoreEntry *entry = NULL;
- char *url = NULL;
- const cache_key *key;
- request_t *icp_request = NULL;
- int allow = 0;
- char *data = NULL;
- u_short data_sz = 0;
- u_short u;
- aclCheck_t checklist;
-
- header.opcode = headerp->opcode;
- header.version = headerp->version;
- header.length = ntohs(headerp->length);
- header.reqnum = ntohl(headerp->reqnum);
- header.flags = ntohl(headerp->flags);
- header.shostid = ntohl(headerp->shostid);
+ if (len <= 0) {
+ debugs(12, 3, "icpHandleIcpV3: ICP message is too small");
+ return;
+ }
+
+ icp_common_t header (buf, len);
+ /*
+ * Length field should match the number of bytes read
+ */
+
+ if (len != header.length) {
+ debugs(12, 3, "icpHandleIcpV3: ICP message is too small");
+ return;
+ }
switch (header.opcode) {
- case ICP_OP_QUERY:
- nudpconn++;
- /* We have a valid packet */
- url = buf + sizeof(header) + sizeof(u_num32);
- if ((icp_request = urlParse(METHOD_GET, url)) == NULL) {
- reply = icpCreateMessage(ICP_OP_ERR, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_INVALID, PROTO_NONE);
- break;
- }
- checklist.src_addr = from.sin_addr;
- checklist.request = icp_request;
- allow = aclCheckFast(Config.accessList.icp, &checklist);
- if (!allow) {
- debug(12, 2) ("icpHandleIcpV3: Access Denied for %s by %s.\n",
- inet_ntoa(from.sin_addr), AclMatchedName);
- if (clientdbDeniedPercent(from.sin_addr) < 95) {
- reply = icpCreateMessage(ICP_OP_DENIED, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_DENIED, icp_request->protocol);
- }
- break;
- }
- /* The peer is allowed to use this cache */
- key = storeKeyPublic(url, METHOD_GET);
- entry = storeGet(key);
- debug(12, 5) ("icpHandleIcpV3: OPCODE %s\n",
- IcpOpcodeStr[header.opcode]);
- if (icpCheckUdpHit(entry, icp_request)) {
- reply = icpCreateMessage(ICP_OP_HIT, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_HIT, icp_request->protocol);
- break;
- }
- /* if store is rebuilding, return a UDP_HIT, but not a MISS */
- if (opt_reload_hit_only && store_rebuilding) {
- reply = icpCreateMessage(ICP_OP_MISS_NOFETCH, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS_NOFETCH, icp_request->protocol);
- } else if (hit_only_mode_until > squid_curtime) {
- reply = icpCreateMessage(ICP_OP_MISS_NOFETCH, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS_NOFETCH, icp_request->protocol);
- } else {
- reply = icpCreateMessage(ICP_OP_MISS, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS, icp_request->protocol);
- }
- break;
-
- case ICP_OP_HIT_OBJ:
- case ICP_OP_HIT:
- case ICP_OP_SECHO:
- case ICP_OP_DECHO:
- case ICP_OP_MISS:
- case ICP_OP_DENIED:
- case ICP_OP_MISS_NOFETCH:
- if (neighbors_do_private_keys && header.reqnum == 0) {
- debug(12, 0) ("icpHandleIcpV3: Neighbor %s returned reqnum = 0\n",
- inet_ntoa(from.sin_addr));
- debug(12, 0) ("icpHandleIcpV3: Disabling use of private keys\n");
- neighbors_do_private_keys = 0;
- }
- url = buf + sizeof(header);
- if (header.opcode == ICP_OP_HIT_OBJ) {
- data = url + strlen(url) + 1;
- xmemcpy((char *) &u, data, sizeof(u_short));
- data += sizeof(u_short);
- data_sz = ntohs(u);
- if ((int) data_sz > (len - (data - buf))) {
- debug(12, 0) ("icpHandleIcpV3: ICP_OP_HIT_OBJ object too small\n");
- break;
- }
- }
- debug(12, 3) ("icpHandleIcpV3: %s from %s for '%s'\n",
- IcpOpcodeStr[header.opcode],
- inet_ntoa(from.sin_addr),
- url);
- if (neighbors_do_private_keys && header.reqnum)
- key = storeKeyPrivate(url, METHOD_GET, header.reqnum);
- else
- key = storeKeyPublic(url, METHOD_GET);
- debug(12, 3) ("icpHandleIcpV3: Looking for key '%s'\n",
- storeKeyText(key));
- if ((entry = storeGet(key)) == NULL) {
- debug(12, 3) ("icpHandleIcpV3: Ignoring %s for NULL Entry.\n",
- IcpOpcodeStr[header.opcode]);
- } else {
- /* call neighborsUdpAck even if ping_status != PING_WAITING */
- neighborsUdpAck(url, &header, &from, entry);
- }
- break;
-
- case ICP_OP_INVALID:
- case ICP_OP_ERR:
- break;
+
+ case ICP_QUERY:
+ doV3Query(fd, from, buf, header);
+ break;
+
+ case ICP_HIT:
+
+ case ICP_DECHO:
+
+ case ICP_MISS:
+
+ case ICP_DENIED:
+
+ case ICP_MISS_NOFETCH:
+ header.handleReply(buf, from);
+ break;
+
+ case ICP_INVALID:
+
+ case ICP_ERR:
+ break;
default:
- debug(12, 0) ("icpHandleIcpV3: UNKNOWN OPCODE: %d from %s\n",
- header.opcode, inet_ntoa(from.sin_addr));
- break;
+ debugs(12, 0, "icpHandleIcpV3: UNKNOWN OPCODE: " << header.opcode << " from " << from);
+ break;
}
- if (icp_request)
- put_free_request_t(icp_request);
}
projects / thirdparty / squid.git / blobdiff