-
/*
- * $Id: icp_v3.cc,v 1.27 1998/12/05 00:54:30 wessels Exp $
- *
- * DEBUG: section 12 Internet Cache Protocol
- * AUTHOR: Duane Wessels
- *
- * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from the
- * Internet community. Development is led by Duane Wessels of the
- * National Laboratory for Applied Network Research and funded by the
- * National Science Foundation. Squid is Copyrighted (C) 1998 by
- * Duane Wessels and the University of California San Diego. Please
- * see the COPYRIGHT file for full details. Squid incorporates
- * software developed and/or copyrighted by other sources. Please see
- * the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
+/* DEBUG: section 12 Internet Cache Protocol (ICP) */
+
+/**
+ \defgroup ServerProtocolICPInternal3 ICPv3 Internals
+ \ingroup ServerProtocolICPAPI
*/
#include "squid.h"
+#include "HttpRequest.h"
+#include "ICP.h"
+#include "Store.h"
+
+/// \ingroup ServerProtocolICPInternal3
+class ICP3State : public ICPState, public StoreClient
+{
+
+public:
+ ICP3State(icp_common_t &aHeader, HttpRequest *aRequest) :
+ ICPState(aHeader, aRequest) {}
+
+ ~ICP3State();
+ void created (StoreEntry *newEntry);
+};
+
+/// \ingroup ServerProtocolICPInternal3
+static void
+doV3Query(int fd, Ip::Address &from, char *buf, icp_common_t header)
+{
+ /* We have a valid packet */
+ char *url = buf + sizeof(icp_common_t) + sizeof(uint32_t);
+ HttpRequest *icp_request = icpGetRequest(url, header.reqnum, fd, from);
+
+ if (!icp_request)
+ return;
+
+ if (!icpAccessAllowed(from, icp_request)) {
+ icpDenyAccess (from, url, header.reqnum, fd);
+ delete icp_request;
+ return;
+ }
+
+ /* The peer is allowed to use this cache */
+ ICP3State *state = new ICP3State (header, icp_request);
+ state->fd = fd;
+ state->from = from;
+ state->url = xstrdup(url);
+
+ StoreEntry::getPublic (state, url, Http::METHOD_GET);
+}
+ICP3State::~ICP3State()
+{}
+
+void
+ICP3State::created(StoreEntry *newEntry)
+{
+ StoreEntry *entry = newEntry->isNull () ? NULL : newEntry;
+ debugs(12, 5, "icpHandleIcpV3: OPCODE " << icp_opcode_str[header.opcode]);
+ icp_opcode codeToSend;
+
+ if (icpCheckUdpHit(entry, request)) {
+ codeToSend = ICP_HIT;
+ } else if (icpGetCommonOpcode() == ICP_ERR)
+ codeToSend = ICP_MISS;
+ else
+ codeToSend = icpGetCommonOpcode();
+
+ icpCreateAndSend (codeToSend, 0, url, header.reqnum, 0, fd, from);
+
+ delete this;
+}
+
+/// \ingroup ServerProtocolICPInternal3
/* Currently Harvest cached-2.x uses ICP_VERSION_3 */
void
-icpHandleIcpV3(int fd, struct sockaddr_in from, char *buf, int len)
+icpHandleIcpV3(int fd, Ip::Address &from, char *buf, int len)
{
- icp_common_t header;
- icp_common_t *reply;
- StoreEntry *entry = NULL;
- char *url = NULL;
- const cache_key *key;
- request_t *icp_request = NULL;
- int allow = 0;
- aclCheck_t checklist;
- xmemcpy(&header, buf, sizeof(icp_common_t));
+ if (len <= 0) {
+ debugs(12, 3, "icpHandleIcpV3: ICP message is too small");
+ return;
+ }
+
+ icp_common_t header (buf, len);
/*
- * Only these fields need to be converted
+ * Length field should match the number of bytes read
*/
- header.length = ntohs(header.length);
- header.reqnum = ntohl(header.reqnum);
- header.flags = ntohl(header.flags);
- header.pad = ntohl(header.pad);
+
+ if (len != header.length) {
+ debugs(12, 3, "icpHandleIcpV3: ICP message is too small");
+ return;
+ }
switch (header.opcode) {
+
case ICP_QUERY:
- /* We have a valid packet */
- url = buf + sizeof(icp_common_t) + sizeof(u_num32);
- if (strpbrk(url, w_space)) {
- url = rfc1738_escape(url);
- reply = icpCreateMessage(ICP_ERR, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_INVALID, 0);
- break;
- }
- if ((icp_request = urlParse(METHOD_GET, url)) == NULL) {
- reply = icpCreateMessage(ICP_ERR, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_INVALID, 0);
- break;
- }
- checklist.src_addr = from.sin_addr;
- checklist.request = icp_request;
- allow = aclCheckFast(Config.accessList.icp, &checklist);
- if (!allow) {
- debug(12, 2) ("icpHandleIcpV3: Access Denied for %s by %s.\n",
- inet_ntoa(from.sin_addr), AclMatchedName);
- if (clientdbCutoffDenied(from.sin_addr)) {
- /*
- * count this DENIED query in the clientdb, even though
- * we're not sending an ICP reply...
- */
- clientdbUpdate(from.sin_addr, LOG_UDP_DENIED, PROTO_ICP, 0);
- } else {
- reply = icpCreateMessage(ICP_DENIED, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_DENIED, 0);
- }
- break;
- }
- /* The peer is allowed to use this cache */
- entry = storeGetPublic(url, METHOD_GET);
- debug(12, 5) ("icpHandleIcpV3: OPCODE %s\n",
- icp_opcode_str[header.opcode]);
- if (icpCheckUdpHit(entry, icp_request)) {
- reply = icpCreateMessage(ICP_HIT, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_HIT, 0);
- break;
- }
- /* if store is rebuilding, return a UDP_HIT, but not a MISS */
- if (opt_reload_hit_only && store_rebuilding) {
- reply = icpCreateMessage(ICP_MISS_NOFETCH, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS_NOFETCH, 0);
- } else if (hit_only_mode_until > squid_curtime) {
- reply = icpCreateMessage(ICP_MISS_NOFETCH, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS_NOFETCH, 0);
- } else {
- reply = icpCreateMessage(ICP_MISS, 0, url, header.reqnum, 0);
- icpUdpSend(fd, &from, reply, LOG_UDP_MISS, 0);
- }
- break;
+ doV3Query(fd, from, buf, header);
+ break;
case ICP_HIT:
-#if ALLOW_SOURCE_PING
- case ICP_SECHO:
-#endif
+
case ICP_DECHO:
+
case ICP_MISS:
+
case ICP_DENIED:
+
case ICP_MISS_NOFETCH:
- if (neighbors_do_private_keys && header.reqnum == 0) {
- debug(12, 0) ("icpHandleIcpV3: Neighbor %s returned reqnum = 0\n",
- inet_ntoa(from.sin_addr));
- debug(12, 0) ("icpHandleIcpV3: Disabling use of private keys\n");
- neighbors_do_private_keys = 0;
- }
- url = buf + sizeof(icp_common_t);
- debug(12, 3) ("icpHandleIcpV3: %s from %s for '%s'\n",
- icp_opcode_str[header.opcode],
- inet_ntoa(from.sin_addr),
- url);
- key = icpGetCacheKey(url, (int) header.reqnum);
- /* call neighborsUdpAck even if ping_status != PING_WAITING */
- neighborsUdpAck(key, &header, &from);
- break;
+ header.handleReply(buf, from);
+ break;
case ICP_INVALID:
+
case ICP_ERR:
- break;
+ break;
default:
- debug(12, 0) ("icpHandleIcpV3: UNKNOWN OPCODE: %d from %s\n",
- header.opcode, inet_ntoa(from.sin_addr));
- break;
+ debugs(12, DBG_CRITICAL, "icpHandleIcpV3: UNKNOWN OPCODE: " << header.opcode << " from " << from);
+ break;
}
- if (icp_request)
- requestDestroy(icp_request);
}
+