preview handle problem

[mprzytulski]

I have a modified version of the example handler that supports ICAP preview which looks like that:

package ch.mimo.netty.example.icap.preview;

import java.util.UUID;

import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.MessageEvent;
import org.jboss.netty.channel.SimpleChannelUpstreamHandler;
import org.jboss.netty.logging.InternalLogger;
import org.jboss.netty.logging.InternalLoggerFactory;

import ch.mimo.netty.handler.codec.icap.DefaultIcapResponse;
import ch.mimo.netty.handler.codec.icap.IcapChunk;
import ch.mimo.netty.handler.codec.icap.IcapChunkTrailer;
import ch.mimo.netty.handler.codec.icap.IcapMethod;
import ch.mimo.netty.handler.codec.icap.IcapRequest;
import ch.mimo.netty.handler.codec.icap.IcapResponse;
import ch.mimo.netty.handler.codec.icap.IcapResponseStatus;
import ch.mimo.netty.handler.codec.icap.IcapVersion;

public class IcapServerHandler extends SimpleChannelUpstreamHandler {

    private boolean continueWasSent;

    private static final InternalLogger LOG = InternalLoggerFactory.getInstance(IcapServerHandler.class);

    @Override
    public void messageReceived(ChannelHandlerContext ctx, MessageEvent e) throws Exception {
        Object msg = e.getMessage();
        LOG.debug("New message received");
        if(msg instanceof IcapRequest) {
            LOG.debug("New IcapRequest");
            IcapRequest request = (IcapRequest)msg;
            LOG.debug("request method: " + request.getMethod() + " body: " + request);

            if(request.getMethod().equals(IcapMethod.OPTIONS)) {
                LOG.debug("handle options method call");                    
                IcapResponse response = new DefaultIcapResponse(IcapVersion.ICAP_1_0, IcapResponseStatus.OK);
                response.addHeader("Methods", "RESPMOD, OPTIONS");
                response.addHeader("X-Include", "X-Client-IP");
                response.addHeader("Service", "Safe Internet Gateway 1.0");
                response.addHeader("Allow","204");
                response.addHeader("Preview","0");
                response.addHeader("Options-TTL", "3600");
                response.addHeader("Transfer-Preview","*");
                //response.addHeader("Service-ID", "antivirus");
                response.addHeader("ISTag", "safe-v1.0" + UUID.randomUUID().toString().substring(0, 10));
                LOG.debug("Send options" + response);
                ctx.getChannel().write(response);
                LOG.debug("Options sent");
            }
        } else if(msg instanceof IcapChunkTrailer) {
            LOG.debug("GET IcapChunkTrailer");
            if(!continueWasSent) {
                LOG.debug("SEND Continue");
                continueWasSent = true;
                // sending 100 continue in order to receive the rest of the message
                IcapResponse response = new DefaultIcapResponse(IcapVersion.ICAP_1_0,IcapResponseStatus.CONTINUE);
                response.addHeader("ISTag", "surfsafe-v1.0" + UUID.randomUUID().toString().substring(0, 10));
                ctx.getChannel().write(response);
                LOG.debug("Continue SENT");
            } else {
                LOG.debug("No Content");
                // sending 204 No Content response
                IcapResponse response = new DefaultIcapResponse(IcapVersion.ICAP_1_0,IcapResponseStatus.NO_CONTENT);
                ctx.getChannel().write(response);
                LOG.debug("SENT No Content");
            }
        } else if(msg instanceof IcapChunk) {
            LOG.debug("GET IcapChunk");
        } 
    }

}

i have configure squid with:

icap_enable on
icap_service_failure_limit -1
icap_send_client_ip on
icap_send_client_username on
icap_preview_enable on
icap_preview_size 128
icap_send_client_ip on
icap_send_client_username on

icap_service antivirus respmod_precache bypass=0 icap://192.168.1.24:1344/antivirus

tcpdump session looks like:

12:37:53.142224 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [S], seq 3832557074, win 14600, options [mss 1460,sackOK,TS val 188236354 ecr 0,nop,wscale 7], length 0
E..<lP@.@.J..........%.@.p........9..~.........
.8BB........
12:37:53.143432 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [S.], seq 283116010, ack 3832557075, win 65535, options [mss 1460,nop,wscale 1,nop,nop,TS val 356648866 ecr 188236354,sackOK,eol], length 0
E..@(.@.@............@.%.....p......a..............
.B...8BB....
12:37:53.143456 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [.], ack 1, win 115, options [nop,nop,TS val 188236355 ecr 356648866], length 0
E..4lQ@.@.J#.........%.@.p.........s.v.....
.8BC.B..
12:37:53.143550 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [P.], seq 1:81, ack 1, win 115, options [nop,nop,TS val 188236355 ecr 356648866], length 80
E...lR@.@.I..........%.@.p.........s.......
.8BC.B..OPTIONS icap://192.168.1.24:1344/antivirus ICAP/1.0
Host: 192.168.1.24:1344


12:37:53.144673 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [.], ack 81, win 33264, options [nop,nop,TS val 356648867 ecr 188236355], length 0
E..4..@.@............@.%.....p.c...........
.B...8BC
12:37:53.157915 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [P.], seq 1:234, ack 81, win 33304, options [nop,nop,TS val 356648878 ecr 188236355], length 233
E...l.@.@.H..........@.%.....p.c....Pn.....
.B...8BCICAP/1.0 200 OK
Methods: RESPMOD, OPTIONS
X-Include: X-Client-IP
Service: Safe Internet Gateway 1.0
Allow: 204
Preview: 0
Options-TTL: 3600
Transfer-Preview: *
ISTag: safe-v1.0f0750183-2
Encapsulated: null-body=0


12:37:53.157933 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [.], ack 234, win 123, options [nop,nop,TS val 188236369 ecr 356648878], length 0
E..4lS@.@.J!.........%.@.p.c.......{.v.....
.8BQ.B..
12:37:53.158174 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [P.], seq 81:875, ack 234, win 123, options [nop,nop,TS val 188236370 ecr 356648878], length 794
E..NlT@.@.G..........%.@.p.c.......{.......
.8BR.B..RESPMOD icap://192.168.1.24:1344/antivirus ICAP/1.0
Host: 192.168.1.24:1344
Date: Thu, 22 Mar 2012 11:37:53 GMT
Encapsulated: req-hdr=0, res-hdr=315, res-body=574
Preview: 0
Allow: 204
X-Client-IP: 192.168.1.24

GET http://eicar.org/download/eicar.com.txt HTTP/1.1
Host: eicar.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: pl,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Date: Thu, 22 Mar 2012 12:38:50 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Content-Disposition: attachment; filename="eicar.com.txt"
Cache-Control: private
Content-Length: 68
Content-Type: application/octet-stream


12:37:53.158195 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [P.], seq 875:880, ack 234, win 123, options [nop,nop,TS val 188236370 ecr 356648878], length 5
E..9lU@.@.J..........%.@.p1}.......{.{.....
.8BR.B..0


12:37:53.160398 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [.], ack 875, win 32907, options [nop,nop,TS val 356648879 ecr 188236370], length 0
E..4..@.@............@.%.....p1}....._.....
.B...8BR
12:37:53.160646 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [.], ack 880, win 33301, options [nop,nop,TS val 356648880 ecr 188236370], length 0
E..4r.@.@.C..........@.%.....p1............
.B...8BR
12:37:53.168155 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [P.], seq 234:318, ack 880, win 33304, options [nop,nop,TS val 356648886 ecr 188236370], length 84
E...5.@.@..".........@.%.....p1.....y......
.B...8BRICAP/1.0 100 Continue
ISTag: safe-v1.09ef7d26c-d
Encapsulated: null-body=0


12:37:53.168226 IP 192.168.1.231.48165 > 192.168.1.24.1344: Flags [P.], seq 880:959, ack 318, win 123, options [nop,nop,TS val 188236380 ecr 356648886], length 79
E...lV@.@.I..........%.@.p1....(...{.......
.8B\.B..44
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
0


12:37:53.169263 IP 192.168.1.24.1344 > 192.168.1.231.48165: Flags [.], ack 959, win 33264, options [nop,nop,TS val 356648887 ecr 188236380], length 0
E..4..@.@.&..........@.%...(.p1......@.....
.B...8B\

which will throw exception like that:

2012-03-22 14:03:12,844 [New I/O server worker #1-6] DEBUG (Log4JLogger.java:39) - Executing state [READ_ICAP_INITIAL_STATE]
2012-03-22 14:03:12,845 [New I/O server worker #1-6] WARN  (Log4JLogger.java:83) - EXCEPTION, please implement ch.mimo.netty.example.icap.preview.IcapServerHandler.exceptionCaught() for proper handling.
java.lang.IllegalArgumentException: invalid version format: []
    at ch.mimo.netty.handler.codec.icap.IcapVersion.<init>(IcapVersion.java:62)
    at ch.mimo.netty.handler.codec.icap.IcapVersion.valueOf(IcapVersion.java:116)
    at ch.mimo.netty.handler.codec.icap.IcapRequestDecoder.createMessage(IcapRequestDecoder.java:42)
    at ch.mimo.netty.handler.codec.icap.IcapRequestDecoder.createMessage(IcapRequestDecoder.java:1)
    at ch.mimo.netty.handler.codec.icap.ReadIcapInitialState.execute(ReadIcapInitialState.java:42)
    at ch.mimo.netty.handler.codec.icap.IcapMessageDecoder.decode(IcapMessageDecoder.java:99)
    at ch.mimo.netty.handler.codec.icap.IcapMessageDecoder.decode(IcapMessageDecoder.java:1)
    at org.jboss.netty.handler.codec.replay.ReplayingDecoder.callDecode(ReplayingDecoder.java:470)
    at org.jboss.netty.handler.codec.replay.ReplayingDecoder.cleanup(ReplayingDecoder.java:541)
    at org.jboss.netty.handler.codec.replay.ReplayingDecoder.channelDisconnected(ReplayingDecoder.java:449)
    at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:360)
    at org.jboss.netty.channel.socket.nio.NioWorker.close(NioWorker.java:593)
    at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:356)
    at org.jboss.netty.channel.socket.nio.NioWorker.processSelectedKeys(NioWorker.java:280)
    at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:200)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:680)