Compare commits
4 Commits
feda55e225
...
1.0.19
| Author | SHA1 | Date | |
|---|---|---|---|
| b7e3a0da86 | |||
| 3fd72705fc | |||
| c3464d692e | |||
| 843772e9f7 |
+9
-1
@@ -2,11 +2,19 @@
|
||||
/dist/
|
||||
/bin/
|
||||
steamcache2
|
||||
|
||||
# Downloaded SteamPrefill client simulator (auto-managed by make client)
|
||||
/bin/steam-prefill/*
|
||||
!/bin/steam-prefill/.gitkeep
|
||||
/plans/
|
||||
|
||||
#disk cache
|
||||
#validation artifacts
|
||||
/validate-disk/
|
||||
/disk/
|
||||
|
||||
#logs
|
||||
*.log
|
||||
|
||||
#config file
|
||||
/config.yaml
|
||||
|
||||
|
||||
+52
-38
@@ -1,5 +1,9 @@
|
||||
# .golangci.yml - reasonable defaults for steamcache2
|
||||
# Run with: golangci-lint run ./...
|
||||
# .golangci.yml - steamcache2 lint config
|
||||
# Philosophy: enable reasonable linters by default (golangci curated set + key additions)
|
||||
# then use most specific suppressions possible (source //nosec with justification,
|
||||
# _ = discard for errcheck on unavoidable client writes, narrow exclude-rules only for tests).
|
||||
# This makes remaining accepted issues visible and actionable in the code.
|
||||
# Run with: make lint (or golangci-lint run ./...)
|
||||
# Install: go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
|
||||
|
||||
run:
|
||||
@@ -7,42 +11,33 @@ run:
|
||||
modules-download-mode: readonly
|
||||
|
||||
linters:
|
||||
disable-all: true
|
||||
# No disable-all: use golangci defaults (errcheck, govet, ineffassign, staticcheck, unused, gosimple, etc.)
|
||||
# Explicitly enable the non-default linters we require for this LAN cache proxy.
|
||||
enable:
|
||||
# errcheck intentionally not enabled yet (pre-existing unchecked I/O in core paths).
|
||||
# Re-enable per-package after larger refactors reduce surface area.
|
||||
# - errcheck
|
||||
- gosec
|
||||
- govet
|
||||
- ineffassign
|
||||
- misspell
|
||||
- staticcheck
|
||||
- unused
|
||||
- gofmt
|
||||
- goimports
|
||||
- gosec # security checks (re-audited; see source //nosec for justified cases)
|
||||
- misspell # documentation hygiene
|
||||
- goimports # import formatting (enforced)
|
||||
# gofmt covered via linter or goimports; errcheck/govet etc. from defaults
|
||||
|
||||
linters-settings:
|
||||
errcheck:
|
||||
check-type-assertions: false # many existing unchecked in http/metrics paths
|
||||
check-type-assertions: false
|
||||
check-blank: false
|
||||
gosec:
|
||||
excludes:
|
||||
- G104 # errors unhandled in defer/close common in Go
|
||||
- G304 # file inclusion via variable (config paths controlled)
|
||||
- G115 # int->uint casts on positive cache sizes (pre-existing; safe in context)
|
||||
- G301 # MkdirAll 0755 for cache dirs (pre-existing, functional requirement)
|
||||
- G306 # WriteFile 0644 for user config (standard, not secret)
|
||||
# Broad global excludes removed (G104/G115/G301/G304/G306).
|
||||
# - G301 addressed by switching cache MkdirAll to 0700 (least privilege for CDN content).
|
||||
# - Remaining justified cases documented with precise //nosec (or #nosec) + comments at the call sites.
|
||||
# - G104 largely eliminated by errcheck + explicit _ = handling (or defer wrappers).
|
||||
staticcheck:
|
||||
checks: ["all", "-SA1019"] # allow deprecated for now if any
|
||||
checks: ["all"] # SA1019 exclusion removed (no deprecated API usages in tree)
|
||||
govet:
|
||||
enable-all: true
|
||||
disable:
|
||||
- fieldalignment # performance not critical here
|
||||
- shadow # pre-existing in large ServeHTTP; avoid noise for now
|
||||
- fieldalignment # performance tuning not a priority for this proxy appliance
|
||||
- shadow # common idiomatic "err" redeclarations in error-handling chains (large ServeHTTP, root, parse funcs); enabling adds noise with no real bugs; would require scope refactor for little gain
|
||||
|
||||
# errcheck remains disabled globally due to pre-existing noise in http and cache paths.
|
||||
# Re-enable plan: enable per-package after larger refactors; consider adding a coverage gate later.
|
||||
# Current config keeps baseline green while allowing incremental strictness.
|
||||
# Old global errcheck disable + aspirational "re-enable after refactors" comments deleted.
|
||||
# errcheck is now on via defaults. Unavoidable cases handled at source with _ = or (rarely) narrow rules.
|
||||
|
||||
issues:
|
||||
max-issues-per-linter: 0
|
||||
@@ -55,18 +50,37 @@ issues:
|
||||
- path: _test\.go
|
||||
linters:
|
||||
- errcheck
|
||||
- gosec # tests often use weak patterns intentionally
|
||||
# Pre-existing intentional empty branches (comments explain); cleaned in later refactors
|
||||
- linters:
|
||||
- gosec # tests often use weak patterns intentionally (e.g. error injection, temp files)
|
||||
# NOTE: narrow SA9003 exclude retained only for the one remaining intentional empty branch in test (best-effort status check; main assert is metrics side-effect).
|
||||
# The config one was a truly redundant check (already errored above); deleted surgically in Fix Round 1 (Issue 1), eliminating its exclude-rule.
|
||||
- path: steamcache/steamcache_test.go
|
||||
linters:
|
||||
- staticcheck
|
||||
text: "SA9003: empty branch"
|
||||
# Double-check locking idiom in predictive (content assigned only on miss path); pre-existing
|
||||
- path: vfs/predictive/predictive.go
|
||||
# Narrow gosec excludes for unavoidable classes after re-audit (LAN proxy threat model):
|
||||
# - G115: int64<->uint casts in eviction/GC math (all sizes positive, guarded by capacity checks; API uses uint for bytesNeeded)
|
||||
# - G304: path vars for Read/Open/Remove under trusted disk.root or user config file (sanitized keys, no traversal, no arbitrary inclusion from untrusted URLs)
|
||||
# G306 for config WriteFile kept as source //nosec (one site).
|
||||
# G301 fixed at source (0700 dirs). G104 addressed via errcheck fixes.
|
||||
- path: vfs/memory/memory.go
|
||||
linters:
|
||||
- staticcheck
|
||||
text: "SA4006"
|
||||
# Unused field in predictive (likely remnant); pre-existing, excluded to keep lint green for hygiene
|
||||
- path: vfs/predictive/predictive.go
|
||||
- gosec
|
||||
text: "G115"
|
||||
- path: vfs/disk/disk.go
|
||||
linters:
|
||||
- unused
|
||||
text: "mu"
|
||||
- gosec
|
||||
text: "G115"
|
||||
- path: vfs/gc/gc.go
|
||||
linters:
|
||||
- gosec
|
||||
text: "G115"
|
||||
- path: config/config.go
|
||||
linters:
|
||||
- gosec
|
||||
text: "G304"
|
||||
- path: vfs/disk/disk.go
|
||||
linters:
|
||||
- gosec
|
||||
text: "G304"
|
||||
# Predictive/* rules deleted: vfs/predictive/ removed in commit 0dbb2e0; rules were stale/dead.
|
||||
# All other suppressions use source-level //nosec (gosec) or _= (errcheck) for precision and visibility.
|
||||
|
||||
@@ -33,15 +33,85 @@ bench: deps ## Run all benchmarks (MemoryFS + DiskFS variants, including all evi
|
||||
@go test -bench=. -benchmem -run=^$ -benchtime=1s ./vfs/disk
|
||||
@echo "Bench done."
|
||||
|
||||
setcap: build ## Explicitly set cap_net_bind_service on the (just-built) binary for port 80 use outside validate targets
|
||||
@echo "Setting cap_net_bind_service on the binary so it can listen on port 80 as your normal user..."
|
||||
@sudo setcap 'cap_net_bind_service=+ep' dist/default_linux_amd64_v1/steamcache2
|
||||
@echo "Done. You should now be able to run 'make run-validation' as your normal user (no root)."
|
||||
|
||||
validate run-validation: build ## Start steamcache2 on :80 with small test caches (foreground)
|
||||
@echo "=== Starting steamcache2 in validation mode ==="
|
||||
@echo "Port 80 + small memory/disk caches (for exercising disk tier, GC, etc.)"
|
||||
@echo "Press Ctrl-C to stop the server."
|
||||
@echo ""
|
||||
@BINARY=dist/default_linux_amd64_v1/steamcache2; \
|
||||
if [ "$$(id -u)" -ne 0 ] && ! getcap "$$BINARY" 2>/dev/null | grep -q cap_net_bind_service; then \
|
||||
echo "Setting cap_net_bind_service on the freshly built binary (sudo may prompt)..."; \
|
||||
sudo setcap 'cap_net_bind_service=+ep' "$$BINARY" || { \
|
||||
echo "ERROR: setcap failed (or was cancelled)."; \
|
||||
echo "You can run 'make setcap' manually, then retry 'make validate'."; \
|
||||
exit 1; \
|
||||
}; \
|
||||
fi; \
|
||||
if [ "$$(id -u)" -ne 0 ] && ! getcap "$$BINARY" 2>/dev/null | grep -q cap_net_bind_service; then \
|
||||
echo "ERROR: Port 80 still requires the capability after setcap attempt."; \
|
||||
echo "Run 'make setcap' and retry."; \
|
||||
exit 1; \
|
||||
fi; \
|
||||
exec "$$BINARY" --config docs/examples/validate-config.yaml --log-level info
|
||||
|
||||
validate-check: ## Quick post-benchmark sanity check against a running steamcache2 (default port 80, override with PORT=xxxx)
|
||||
@echo "=== steamcache2 Full Function Validation Report ==="
|
||||
@PORT="$${PORT:-80}"; \
|
||||
echo "Server: http://localhost:$$PORT"; \
|
||||
curl -s --max-time 5 "http://localhost:$$PORT/metrics" || echo "(could not reach /metrics on port $$PORT - is the server running?)"; \
|
||||
echo ""; \
|
||||
echo "Tip: also inspect recent server logs for errors, coalesced hits, and disk activity."
|
||||
|
||||
prefill: ## Download latest SteamPrefill into bin/steam-prefill/SteamPrefill (gitignored)
|
||||
@./scripts/download-prefill.sh
|
||||
|
||||
validate-kill: ## Kill leftover steamcache2 processes (safer, checks process name)
|
||||
@echo "Looking for steamcache2 processes on common validation ports (80 is primary)..."
|
||||
@for port in 80 8040 8080; do \
|
||||
pids=""; \
|
||||
if command -v ss >/dev/null 2>&1; then \
|
||||
pids=$$(ss -tlnp 2>/dev/null | grep ":$${port} " | sed -n 's/.*pid=\([0-9]*\).*/\1/p' | sort -u); \
|
||||
fi; \
|
||||
if [ -z "$$pids" ] && command -v lsof >/dev/null 2>&1; then \
|
||||
pids=$$(lsof -ti :$${port} 2>/dev/null | sort -u); \
|
||||
fi; \
|
||||
for pid in $$pids; do \
|
||||
proc=$$(ps -p $$pid -o comm= 2>/dev/null || true); \
|
||||
cmd=$$(ps -p $$pid -o cmd= 2>/dev/null || true); \
|
||||
if echo "$$proc $$cmd" | grep -qi "steamcache"; then \
|
||||
echo " Killing steamcache2 (port $$port, PID $$pid, $$proc)"; \
|
||||
kill -TERM $$pid 2>/dev/null || true; \
|
||||
sleep 0.2; \
|
||||
kill -0 $$pid 2>/dev/null && kill -9 $$pid 2>/dev/null || true; \
|
||||
else \
|
||||
echo " Skipping PID $$pid on port $$port (not steamcache2: $$proc)"; \
|
||||
fi; \
|
||||
done; \
|
||||
done
|
||||
@echo "Validation server cleanup complete."
|
||||
|
||||
|
||||
|
||||
help: ## Show this help message
|
||||
@echo steamcache2 Makefile
|
||||
@echo Available targets:
|
||||
@echo run Run the application (cross-platform via go run)
|
||||
@echo run-debug Run the application with debug logging (cross-platform)
|
||||
@echo build Build the application (goreleaser snapshot)
|
||||
@echo test Run all tests
|
||||
@echo test-race Run all tests with the race detector
|
||||
@echo lint Run golangci-lint + review label check
|
||||
@echo check-review-labels Fail on temporary review labels (P*, T*, I*, R*, etc.)
|
||||
@echo deps Download dependencies
|
||||
@echo clean Remove build/test artifacts
|
||||
@echo "steamcache2 Makefile"
|
||||
@echo "Available targets:"
|
||||
@echo " run Run the application (cross-platform via go run)"
|
||||
@echo " run-debug Run the application with debug logging (cross-platform)"
|
||||
@echo " build Build the application (goreleaser snapshot)"
|
||||
@echo " test Run all tests"
|
||||
@echo " test-race Run all tests with the race detector"
|
||||
@echo " lint Run golangci-lint + review label check"
|
||||
@echo " check-review-labels Fail on temporary review labels (P*, T*, I*, R*, etc.)"
|
||||
@echo " deps Download dependencies"
|
||||
@echo " clean Remove build/test artifacts"
|
||||
@echo " bench Run low-level VFS microbenchmarks"
|
||||
@echo " validate / run-validation Start server on :80 (builds, auto-setcaps fresh binary, then runs as normal user)"
|
||||
@echo " setcap Explicitly set cap on current build (for port 80 use outside validate)"
|
||||
@echo " validate-check Quick /metrics report after running a workload"
|
||||
@echo " validate-kill Kill leftover steamcache2 processes (safer)"
|
||||
@echo " prefill Download latest SteamPrefill into bin/steam-prefill/ (for use with run-validation)"
|
||||
@@ -61,6 +61,113 @@ Run `make help` to see the full list of available commands.
|
||||
|
||||
This is the preferred approach for day-to-day development. Avoid running raw `go test`, `go run`, or `golangci-lint` commands directly for routine tasks.
|
||||
|
||||
### Validating Full Functionality with external tools
|
||||
|
||||
steamcache2 provides a convenient small-cache configuration and helper targets so you can easily validate behavior using external tools such as [SteamPrefill (tpill90/steam-lancache-prefill)](https://github.com/tpill90/steam-lancache-prefill).
|
||||
|
||||
This gives you:
|
||||
- Real Steam manifest + chunk traffic (no reinventing the wheel)
|
||||
- Excellent `benchmark setup` / `benchmark run` workflow with warmup, randomization, and mixed chunk sizes
|
||||
- The ability to validate a **just-built binary** end-to-end (caching, coalescing, Range support, memory+disk tiers, GC/eviction, metrics, special endpoints, startup validation, etc.)
|
||||
|
||||
#### Quick Start
|
||||
|
||||
```bash
|
||||
# 1. Build the binary (this also runs short tests)
|
||||
make build
|
||||
|
||||
# 2. Start a validation-oriented instance (small caches so disk tier + GC get exercised)
|
||||
# Uses port 80 by default; the script will automatically set the needed
|
||||
# capability on the binary via sudo setcap if it is missing.
|
||||
./scripts/validate-with-prefill.sh
|
||||
|
||||
# 3. In another terminal (or on another machine), create a workload once if you haven't already,
|
||||
# then drive it through your local steamcache2.
|
||||
# Note: when using a non-80 port you may need to give SteamPrefill the full address.
|
||||
./scripts/validate-with-prefill.sh # (shows the exact commands with the correct port)
|
||||
```
|
||||
|
||||
When the benchmark finishes, press Ctrl-C in the first terminal to cleanly stop the server.
|
||||
|
||||
#### Simple validation server (recommended for manual testing)
|
||||
|
||||
For easy validation with external tools (SteamPrefill, etc.), use:
|
||||
|
||||
```bash
|
||||
make run-validation
|
||||
# or
|
||||
make validate
|
||||
```
|
||||
|
||||
This starts `steamcache2` on port 80 using a deliberately small memory + disk configuration (good for exercising the disk tier, GC, coalescing, promotions, etc.).
|
||||
|
||||
`make run-validation` (and `make validate`) will automatically ensure the `cap_net_bind_service` capability is set on the binary it just built (one sudo prompt the first time after each rebuild). This keeps the server running as your normal user so the disk cache directory stays owned by you.
|
||||
|
||||
If you want the capability on the binary for other workflows (e.g. `make run`, or running the binary directly on port 80), use the explicit target:
|
||||
|
||||
```bash
|
||||
make setcap
|
||||
```
|
||||
|
||||
When the server is running, point your external SteamPrefill (or other load generator) at it:
|
||||
|
||||
```bash
|
||||
./SteamPrefill benchmark run ...
|
||||
```
|
||||
|
||||
When finished, you can get a quick metrics summary with:
|
||||
|
||||
```bash
|
||||
make validate-check
|
||||
```
|
||||
|
||||
This is the recommended simple workflow. No automatic downloading or running of external tools.
|
||||
|
||||
#### Inspecting the Result
|
||||
|
||||
After a benchmark run you can ask for a quick report:
|
||||
|
||||
```bash
|
||||
make validate-check
|
||||
# or manually:
|
||||
curl -s http://localhost/metrics
|
||||
```
|
||||
|
||||
Look for:
|
||||
- High cache hit rate after the warmup pass
|
||||
- Non-zero `coalesced` and `disk` activity
|
||||
- Zero unexpected errors
|
||||
|
||||
#### The Validation Config
|
||||
|
||||
The script uses [docs/examples/validate-config.yaml](docs/examples/validate-config.yaml). It enables both memory and disk tiers at modest sizes (128 MB / 512 MB) with conservative concurrency. Edit or copy it if you need larger caches for bigger workloads.
|
||||
|
||||
#### What Gets Validated
|
||||
|
||||
Running a realistic SteamPrefill benchmark workload through a built steamcache2 exercises the complete public surface that matters for production use:
|
||||
- Steam User-Agent detection and depot/manifest/chunk URL patterns
|
||||
- Full MISS → cache write → HIT (and HIT-COALESCED) paths
|
||||
- Range request handling from cached full responses
|
||||
- Request coalescing under concurrent load
|
||||
- Memory tier + disk tier interaction (including async disk attach)
|
||||
- Garbage collection and eviction under pressure
|
||||
- Metrics and special endpoints (`/`, `/lancache-heartbeat`, `/metrics`)
|
||||
- Per-client and global rate limiting (with trusted proxy handling)
|
||||
- Startup configuration validation and upstream behavior
|
||||
- Clean shutdown hygiene
|
||||
|
||||
This is the closest practical equivalent to "run the thing real clients will run and make sure nothing is broken."
|
||||
|
||||
#### Troubleshooting
|
||||
|
||||
- **Low hit rate on first run**: Normal. The first `benchmark run` is the warmup that populates the cache.
|
||||
- **Want to test real disk I/O (not RAM cache)**: Make sure your workload size (shown by `benchmark setup`) is larger than the total RAM on the machine running steamcache2.
|
||||
- **Server won't start or bind on port 80 as non-root**: `make run-validation` and `make validate` automatically run `setcap` on the binary they just built. If it still fails, run `make setcap` explicitly and retry. The server always runs as your normal user (no root) so the disk cache directory ownership stays correct.
|
||||
- **SteamPrefill not found**: Install it yourself from its GitHub releases. Then use `make validate` to start the server with small caches and point SteamPrefill at it manually.
|
||||
- **SteamPrefill won't use server as cache properly**: SteamPrefill has some bad autodetectiong functions sometimes it works when the server is resolvable from localhost or 127.0.0.1 other times you have to fully override the dns for the proper dns name lancache.steamcontent.com to point to 127.0.0.1 i don't recommend doing it unless your okay with having to undo and redo it depending on if your running the server or not its a pain.
|
||||
|
||||
See also the SteamPrefill documentation for `benchmark setup` and `benchmark run` options.
|
||||
|
||||
### Command Line Flags
|
||||
|
||||
While most configuration is done via the YAML file, some runtime options are still available as command-line flags:
|
||||
@@ -154,11 +261,11 @@ SteamCache2 supports different garbage collection algorithms for memory and disk
|
||||
**Available GC Algorithms:**
|
||||
|
||||
- **`lru`** (default): Least Recently Used - evicts oldest accessed files
|
||||
- **`lfu`**: Least Frequently Used (P1 real impl) - evicts by lowest AccessCount (tiebreak older ATime); uses existing FileInfo counters
|
||||
- **`fifo`**: First In, First Out - evicts oldest created files (predictable)
|
||||
- **`largest`**: Size-based - evicts largest files first (maximizes file count)
|
||||
- **`smallest`**: Size-based - evicts smallest files first (maximizes cache hit rate)
|
||||
- **`hybrid`**: Recency + frequency hybrid (P1 meaningful) - evicts by lowest time-decayed score (GetTimeDecayedScore combining ATime + AccessCount)
|
||||
- **`lfu`**: Least Frequently Used - evicts by lowest AccessCount (tiebreak older ATime); uses existing FileInfo counters
|
||||
- **`fifo`**: First In, First Out - evicts oldest created files (predictable and terrible all in one) don't ever use it
|
||||
- **`largest`**: Size-based - evicts largest files first (maximizes small file count) if used on memory greatly improves access time
|
||||
- **`smallest`**: Size-based - evicts smallest files first (maximizes large file count) probably best used for disk since there kinda slow with small files
|
||||
- **`hybrid`**: Recency + frequency hybrid - evicts by lowest time-decayed score (GetTimeDecayedScore combining ATime + AccessCount)
|
||||
|
||||
**Recommended Algorithms by Cache Type:**
|
||||
|
||||
@@ -166,18 +273,19 @@ SteamCache2 supports different garbage collection algorithms for memory and disk
|
||||
- **`lru`** - Best overall performance, good balance of speed and hit rate
|
||||
- **`lfu`** - Excellent for gaming cafes where popular games stay cached
|
||||
- **`hybrid`** - Optimal for mixed workloads with varying file sizes
|
||||
- **`largest`** - Crazy good for access times since disks are slow with lots of tiny files
|
||||
|
||||
**For Disk Cache (Slow, Large Size):**
|
||||
- **`hybrid`** - Recommended for optimal performance, balances speed and storage efficiency
|
||||
- **`largest`** - Good for maximizing number of cached files
|
||||
- **`smallest`** - Good for maximizing linear reads which is the only place spinning disks have performance don't expect too much though steam kinda uses small files
|
||||
- **`lru`** - Reliable default with good performance
|
||||
|
||||
**Use Cases:**
|
||||
- **Gaming Cafes**: Use `lfu` for memory, `hybrid` for disk
|
||||
- **LAN Events**: Use `lfu` for memory, `hybrid` for disk
|
||||
- **Home Use**: Use `lru` for memory, `hybrid` for disk
|
||||
- **Testing**: Use `fifo` for predictable behavior
|
||||
- **Large File Storage**: Use `largest` for disk to maximize file count
|
||||
- **Gaming Cafes**: Use `largest` for memory, `hybrid` for disk
|
||||
- **LAN Events**: Use `largest` for memory, `hybrid` for disk
|
||||
- **Home Use**: Use `largest` for memory, `hybrid` for disk
|
||||
- **Testing**: Use `fifo` for nothing its pointless
|
||||
- **Large File Storage**: Use `smallest` for disk get rid of the slow tiny files first
|
||||
|
||||
### DNS Configuration
|
||||
|
||||
|
||||
+5
-5
@@ -72,7 +72,7 @@ var rootCmd = &cobra.Command{
|
||||
Err(err).
|
||||
Str("config_path", configPath).
|
||||
Msg("Failed to create default configuration")
|
||||
fmt.Fprintf(os.Stderr, "Error: Failed to create default config at %s: %v\n", configPath, err)
|
||||
_, _ = fmt.Fprintf(os.Stderr, "Error: Failed to create default config at %s: %v\n", configPath, err) // explicit discard for fatal stdio path (consistent with errcheck posture; low-value on exit)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
@@ -88,7 +88,7 @@ var rootCmd = &cobra.Command{
|
||||
Err(err).
|
||||
Str("config_path", configPath).
|
||||
Msg("Failed to load configuration")
|
||||
fmt.Fprintf(os.Stderr, "Error: Failed to load configuration from %s: %v\n", configPath, err)
|
||||
_, _ = fmt.Fprintf(os.Stderr, "Error: Failed to load configuration from %s: %v\n", configPath, err) // explicit discard for fatal stdio path (consistent with errcheck posture; low-value on exit)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
@@ -113,7 +113,7 @@ var rootCmd = &cobra.Command{
|
||||
logger.Logger.Error().
|
||||
Err(err).
|
||||
Msg("Configuration validation failed")
|
||||
fmt.Fprintf(os.Stderr, "Error: Invalid configuration: %v. Please fix the config file and try again.\n", err)
|
||||
_, _ = fmt.Fprintf(os.Stderr, "Error: Invalid configuration: %v. Please fix the config file and try again.\n", err) // explicit discard for fatal stdio path (consistent with errcheck posture; low-value on exit)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ var rootCmd = &cobra.Command{
|
||||
logger.Logger.Error().
|
||||
Err(err).
|
||||
Msg("Failed to initialize steamcache")
|
||||
fmt.Fprintf(os.Stderr, "Error: Failed to initialize steamcache: %v. Check sizes in config.\n", err)
|
||||
_, _ = fmt.Fprintf(os.Stderr, "Error: Failed to initialize steamcache: %v. Check sizes in config.\n", err) // explicit discard for fatal stdio path (consistent with errcheck posture; low-value on exit)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
@@ -143,7 +143,7 @@ var rootCmd = &cobra.Command{
|
||||
|
||||
if err := sc.Run(); err != nil {
|
||||
logger.Logger.Error().Err(err).Msg("steamcache2 Run failed")
|
||||
fmt.Fprintf(os.Stderr, "Error: steamcache2 run error: %v\n", err)
|
||||
_, _ = fmt.Fprintf(os.Stderr, "Error: steamcache2 run error: %v\n", err) // explicit discard for fatal stdio path (consistent with errcheck posture; low-value on exit)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
|
||||
+2
-3
@@ -135,6 +135,8 @@ func SaveDefaultConfig(configPath string) error {
|
||||
return fmt.Errorf("failed to marshal default config: %w", err)
|
||||
}
|
||||
|
||||
// #nosec G306 -- 0644 appropriate for generated default config.yaml (user-editable, no secrets/credentials; only sizes/URLs/paths)
|
||||
// G304 on ReadFile below is similar (trusted user config path)
|
||||
if err := os.WriteFile(configPath, data, 0644); err != nil {
|
||||
return fmt.Errorf("failed to write default config file: %w", err)
|
||||
}
|
||||
@@ -207,9 +209,6 @@ func (c Config) Validate() error {
|
||||
return fmt.Errorf("invalid trusted_proxies CIDR: %s", p)
|
||||
}
|
||||
}
|
||||
if c.MaxConcurrentRequests < 0 || c.MaxRequestsPerClient < 0 { // already covered above but explicit for the concurrency knobs
|
||||
// covered by earlier checks
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
# validate-config.yaml
|
||||
#
|
||||
# Small dual-tier configuration intended for full-function validation of a
|
||||
# built steamcache2 binary using realistic Steam client workloads driven by
|
||||
# the external SteamPrefill (https://github.com/tpill90/steam-lancache-prefill)
|
||||
# "benchmark" commands.
|
||||
#
|
||||
# Why these values?
|
||||
# - Both tiers enabled. Memory is sized large enough to survive the disk attach
|
||||
# window in mixed mode (see steamcache.go: the goroutine that blocks on d.Size()
|
||||
# before SetSlow). With a realistic SteamPrefill benchmark (high rate of unique
|
||||
# ~1MB chunks) the old tiny 128MB mem + 512MB disk caused almost all early
|
||||
# content to live only in memory, get evicted by its GC, and never reach disk.
|
||||
# Result: "never hitting", hit_rate 0, memory_size 0, despite files appearing
|
||||
# on disk for late-arriving chunks. Larger mem + disk makes the validation
|
||||
# actually exercise hits, promotions, disk tier, and GC as intended.
|
||||
# - Conservative concurrency limits suitable for a developer laptop.
|
||||
# - trusted_proxies set for 127.0.0.0/8 so that an external benchmark tool
|
||||
# can simulate multiple distinct clients via X-Forwarded-For if desired.
|
||||
# - upstream left empty: the server will use the incoming Host header
|
||||
# (exactly what happens when you point SteamPrefill at your Lancache IP).
|
||||
#
|
||||
# Usage (typical dev workflow):
|
||||
# make build
|
||||
# ./scripts/validate-with-prefill.sh
|
||||
# # In another terminal:
|
||||
# SteamPrefill benchmark run -c 20 ...
|
||||
#
|
||||
# After the benchmark run, inspect with:
|
||||
# curl -s http://localhost/metrics
|
||||
#
|
||||
# Tweak sizes upward if you want to run very large workloads while still
|
||||
# exercising the disk tier (workload >> RAM is ideal for real disk testing).
|
||||
|
||||
listen_address: :80
|
||||
|
||||
max_concurrent_requests: 1000
|
||||
max_requests_per_client: 10
|
||||
|
||||
max_object_size: "0" # unlimited for validation (real Steam files can be large)
|
||||
trusted_proxies: ["127.0.0.0/8"]
|
||||
|
||||
cache:
|
||||
memory:
|
||||
size: 1GB
|
||||
gc_algorithm: largest
|
||||
disk:
|
||||
size: 2GB
|
||||
path: ./validate-disk # ephemeral; clean between runs if you want a fresh test
|
||||
gc_algorithm: hybrid # recommended for disk in the project README
|
||||
|
||||
# Empty upstream = use Host header from the client (SteamPrefill / real Steam clients).
|
||||
# This matches the common "DNS points lancache.steamcontent.com at the cache" setup.
|
||||
upstream: ""
|
||||
@@ -8,6 +8,7 @@ require (
|
||||
github.com/rs/zerolog v1.33.0
|
||||
github.com/spf13/cobra v1.8.1
|
||||
golang.org/x/sync v0.16.0
|
||||
golang.org/x/sys v0.12.0
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
)
|
||||
|
||||
@@ -16,5 +17,4 @@ require (
|
||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||
github.com/mattn/go-isatty v0.0.19 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
golang.org/x/sys v0.12.0 // indirect
|
||||
)
|
||||
|
||||
Executable
+155
@@ -0,0 +1,155 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# download-prefill.sh
|
||||
#
|
||||
# Downloads the latest (or specific) release of SteamPrefill
|
||||
# (https://github.com/tpill90/steam-lancache-prefill) into
|
||||
# bin/steam-prefill/SteamPrefill
|
||||
#
|
||||
# Usage:
|
||||
# ./scripts/download-prefill.sh
|
||||
#
|
||||
# Environment:
|
||||
# PREFILL_VERSION - Pin a specific version tag (e.g. v3.4.2)
|
||||
# PREFILL_FORCE - Set to any non-empty value to re-download even if present
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
DEST_DIR="bin/steam-prefill"
|
||||
TARGET="$DEST_DIR/SteamPrefill"
|
||||
|
||||
mkdir -p "$DEST_DIR"
|
||||
|
||||
if [[ -x "$TARGET" && -z "${PREFILL_FORCE:-}" ]]; then
|
||||
echo "SteamPrefill already present at $TARGET"
|
||||
echo "Run with PREFILL_FORCE=1 to re-download."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
VERSION="${PREFILL_VERSION:-}"
|
||||
|
||||
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
|
||||
ARCH=$(uname -m)
|
||||
|
||||
case "$ARCH" in
|
||||
x86_64|amd64) ARCH_NAME="x64" ;;
|
||||
aarch64|arm64) ARCH_NAME="arm64" ;;
|
||||
*) echo "Unsupported architecture: $ARCH"; exit 1 ;;
|
||||
esac
|
||||
|
||||
case "$OS" in
|
||||
linux) OS_NAME="linux" ;;
|
||||
darwin) OS_NAME="osx" ;;
|
||||
*) echo "Unsupported OS: $OS"; exit 1 ;;
|
||||
esac
|
||||
|
||||
echo "Resolving SteamPrefill version..."
|
||||
|
||||
if [[ -z "$VERSION" ]]; then
|
||||
# Follow the /latest redirect to discover the current tag
|
||||
LATEST_URL=$(curl -sIL -o /dev/null -w '%{url_effective}' \
|
||||
"https://github.com/tpill90/steam-lancache-prefill/releases/latest" 2>/dev/null || true)
|
||||
|
||||
if [[ "$LATEST_URL" =~ /tag/([^/?#]+) ]]; then
|
||||
VERSION="${BASH_REMATCH[1]}"
|
||||
else
|
||||
echo "Failed to resolve latest version from GitHub redirect."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "Downloading SteamPrefill $VERSION for ${OS_NAME}-${ARCH_NAME}..."
|
||||
|
||||
rm -f "$TARGET" "$TARGET.tmp" 2>/dev/null || true
|
||||
|
||||
DOWNLOADED=0
|
||||
|
||||
# Preferred: query the GitHub API for the exact asset list (most reliable)
|
||||
API_URL="https://api.github.com/repos/tpill90/steam-lancache-prefill/releases/tags/${VERSION}"
|
||||
ASSET_URL=""
|
||||
|
||||
if command -v jq >/dev/null 2>&1; then
|
||||
echo " Querying GitHub API for assets..."
|
||||
ASSET_NAME=$(curl -fsSL "$API_URL" 2>/dev/null | jq -r --arg os "$OS_NAME" --arg arch "$ARCH_NAME" '
|
||||
.assets[]
|
||||
| select(.name | ascii_downcase | contains($os))
|
||||
| select(.name | ascii_downcase | contains($arch))
|
||||
| .name
|
||||
' | head -1)
|
||||
|
||||
if [[ -n "$ASSET_NAME" ]]; then
|
||||
ASSET_URL="https://github.com/tpill90/steam-lancache-prefill/releases/download/${VERSION}/${ASSET_NAME}"
|
||||
echo " Found asset via API: $ASSET_NAME"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Fallback: try common name patterns if API or jq not available
|
||||
if [[ -z "$ASSET_URL" ]]; then
|
||||
echo " Trying common asset name patterns..."
|
||||
CANDIDATES=(
|
||||
"SteamPrefill-${VERSION}-${OS_NAME}-${ARCH_NAME}.zip"
|
||||
"SteamPrefill-${VERSION}-${OS_NAME}-${ARCH_NAME}"
|
||||
"SteamPrefill-${OS_NAME}-${ARCH_NAME}.zip"
|
||||
"SteamPrefill-${OS_NAME}-${ARCH_NAME}"
|
||||
"SteamPrefill-linux-${ARCH_NAME}.zip"
|
||||
"SteamPrefill-linux-${ARCH_NAME}"
|
||||
)
|
||||
|
||||
for name in "${CANDIDATES[@]}"; do
|
||||
URL="https://github.com/tpill90/steam-lancache-prefill/releases/download/${VERSION}/${name}"
|
||||
echo " Trying $name ..."
|
||||
if curl -fI -s --retry 2 "$URL" >/dev/null 2>&1; then
|
||||
ASSET_URL="$URL"
|
||||
ASSET_NAME="$name"
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if [[ -n "$ASSET_URL" ]]; then
|
||||
echo "Downloading $ASSET_NAME ..."
|
||||
if curl -fL --retry 3 --retry-delay 2 -A "Mozilla/5.0 (compatible; SteamPrefill-Downloader)" \
|
||||
--progress-bar -o "$TARGET.tmp" "$ASSET_URL"; then
|
||||
|
||||
echo "Download complete."
|
||||
|
||||
if [[ "$ASSET_NAME" == *.zip ]]; then
|
||||
echo "Extracting..."
|
||||
if ! command -v unzip >/dev/null 2>&1; then
|
||||
echo "Error: unzip is required for this release."
|
||||
rm -f "$TARGET.tmp"
|
||||
exit 1
|
||||
fi
|
||||
unzip -o -q "$TARGET.tmp" -d "$DEST_DIR"
|
||||
FOUND=$(find "$DEST_DIR" -type f -name "SteamPrefill" | head -1)
|
||||
if [[ -n "$FOUND" ]]; then
|
||||
mv "$FOUND" "$TARGET"
|
||||
fi
|
||||
rm -f "$TARGET.tmp"
|
||||
find "$DEST_DIR" -mindepth 1 -maxdepth 1 -type d -name "SteamPrefill*" -exec rm -rf {} + 2>/dev/null || true
|
||||
else
|
||||
mv "$TARGET.tmp" "$TARGET"
|
||||
fi
|
||||
|
||||
chmod +x "$TARGET"
|
||||
DOWNLOADED=1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ $DOWNLOADED -eq 0 ]]; then
|
||||
echo ""
|
||||
echo "Failed to download a matching asset for $VERSION."
|
||||
echo "You can try pinning a different version:"
|
||||
echo " PREFILL_VERSION=vX.Y.Z ./scripts/download-prefill.sh"
|
||||
echo ""
|
||||
echo "Or download manually from:"
|
||||
echo " https://github.com/tpill90/steam-lancache-prefill/releases/tag/${VERSION}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "Installed SteamPrefill $VERSION → $TARGET"
|
||||
echo ""
|
||||
echo "You can now run it directly, for example:"
|
||||
echo " ./bin/steam-prefill/SteamPrefill --help"
|
||||
echo " ./bin/steam-prefill/SteamPrefill benchmark run ..."
|
||||
Executable
+182
@@ -0,0 +1,182 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# validate-with-prefill.sh
|
||||
#
|
||||
# Thin glue script to make it trivial for developers to validate complete
|
||||
# steamcache2 functionality using the external SteamPrefill (lancacheprefill)
|
||||
# tool as the realistic client simulator.
|
||||
#
|
||||
# Usage:
|
||||
# 1. make build
|
||||
# 2. ./scripts/validate-with-prefill.sh
|
||||
# (Automatically kills any leftover steamcache2 on the target port first.)
|
||||
# 3. In another terminal (or on another machine), run the printed
|
||||
# SteamPrefill benchmark commands (the script tells you the exact address/port).
|
||||
# 4. After the benchmark finishes, run the suggested metrics check.
|
||||
# 5. Ctrl-C here to cleanly stop the steamcache2 instance.
|
||||
#
|
||||
# This script + the accompanying validate-config.yaml + README docs are the
|
||||
# entire "couple little scripts to hook steamcache2 and lancacheprefill together"
|
||||
# implementation. No Go code, no new dependencies, stays outside go test / bench.
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
# --- Locate the built steamcache2 binary (produced by "make build") ---
|
||||
BINARY=""
|
||||
for candidate in \
|
||||
"dist/default_linux_amd64_v1/steamcache2" \
|
||||
"dist/steamcache2" \
|
||||
"./steamcache2" \
|
||||
"steamcache2"
|
||||
do
|
||||
if [[ -x "$candidate" ]]; then
|
||||
BINARY="$candidate"
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ -z "$BINARY" ]]; then
|
||||
echo "ERROR: Could not find a built steamcache2 binary."
|
||||
echo "Run 'make build' first (or place the binary in one of the searched locations)."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Using steamcache2 binary: $BINARY"
|
||||
|
||||
# --- Validation config (small dual-tier so disk + GC get real exercise) ---
|
||||
# Source of truth lives in docs/examples/ (safe from "make clean").
|
||||
# The script will also accept an explicit path via STEAMCACHE2_VALIDATE_CONFIG.
|
||||
VALIDATE_CONFIG="${STEAMCACHE2_VALIDATE_CONFIG:-docs/examples/validate-config.yaml}"
|
||||
if [[ ! -f "$VALIDATE_CONFIG" ]]; then
|
||||
echo "ERROR: Validation config not found at: $VALIDATE_CONFIG"
|
||||
echo "Set STEAMCACHE2_VALIDATE_CONFIG=/path/to/your-config.yaml or place a copy at docs/examples/validate-config.yaml"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Extract the listen port from the config (supports ":80", "127.0.0.1:80", etc.)
|
||||
# Falls back to 80 if we can't parse it.
|
||||
PORT=$(grep -E '^\s*listen_address:' "$VALIDATE_CONFIG" | head -1 | sed -E 's/.*:([0-9]+).*/\1/' || true)
|
||||
if [[ -z "$PORT" || ! "$PORT" =~ ^[0-9]+$ ]]; then
|
||||
PORT=80
|
||||
fi
|
||||
|
||||
SERVER_URL="http://localhost:${PORT}"
|
||||
|
||||
# For privileged ports (<1024, i.e. the default :80) we require the
|
||||
# cap_net_bind_service capability. We apply it automatically here (via sudo
|
||||
# setcap) on the binary we are about to run. This happens after any build
|
||||
# so the cap is never "lost" when the binary is rebuilt.
|
||||
if [ "$PORT" -lt 1024 ] && [ "$(id -u)" -ne 0 ]; then
|
||||
if ! command -v getcap >/dev/null 2>&1 || ! getcap "$BINARY" 2>/dev/null | grep -q "cap_net_bind_service"; then
|
||||
echo "Setting cap_net_bind_service on the binary (sudo may prompt)..."
|
||||
if ! sudo setcap 'cap_net_bind_service=+ep' "$BINARY"; then
|
||||
echo "ERROR: Failed to set capability."
|
||||
echo "Run 'make setcap' manually, then retry."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# Safely kill only steamcache2 processes listening on this specific port.
|
||||
# We look up PIDs on the port, check their actual process name/command,
|
||||
# and only kill via PID if it looks like steamcache2.
|
||||
echo "Checking for leftover steamcache2 processes on port ${PORT}..."
|
||||
|
||||
kill_steamcache_on_port() {
|
||||
local port=$1
|
||||
local pids=""
|
||||
|
||||
# Try ss first (modern, usually available)
|
||||
if command -v ss >/dev/null 2>&1; then
|
||||
pids=$(ss -tlnp 2>/dev/null | grep ":${port} " | sed -n 's/.*pid=\([0-9]*\).*/\1/p' | sort -u)
|
||||
fi
|
||||
|
||||
# Fallback to lsof
|
||||
if [[ -z "$pids" ]] && command -v lsof >/dev/null 2>&1; then
|
||||
pids=$(lsof -ti :${port} 2>/dev/null | sort -u)
|
||||
fi
|
||||
|
||||
if [[ -z "$pids" ]]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
for pid in $pids; do
|
||||
# Get process name and command line
|
||||
local proc_name
|
||||
local cmdline
|
||||
proc_name=$(ps -p "$pid" -o comm= 2>/dev/null || true)
|
||||
cmdline=$(ps -p "$pid" -o cmd= 2>/dev/null || true)
|
||||
|
||||
# Check if this looks like a steamcache2 process
|
||||
if echo "$proc_name $cmdline" | grep -qi "steamcache"; then
|
||||
echo " → Found steamcache2 on port ${port} (PID $pid, name: ${proc_name:-unknown})"
|
||||
kill -TERM "$pid" 2>/dev/null || true
|
||||
sleep 0.3
|
||||
# If still alive, force kill
|
||||
if kill -0 "$pid" 2>/dev/null; then
|
||||
kill -9 "$pid" 2>/dev/null || true
|
||||
fi
|
||||
echo " Killed PID $pid"
|
||||
else
|
||||
echo " → Skipping PID $pid on port ${port} (not steamcache2: ${proc_name:-$cmdline})"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
kill_steamcache_on_port "$PORT"
|
||||
sleep 0.5
|
||||
|
||||
# --- Launch the server in the background ---
|
||||
echo "Starting steamcache2 with validation config (small caches for disk/GC testing)..."
|
||||
"$BINARY" --config "$VALIDATE_CONFIG" --log-level info &
|
||||
SERVER_PID=$!
|
||||
|
||||
# Ensure we always clean up the child on exit / Ctrl-C / error
|
||||
cleanup() {
|
||||
echo ""
|
||||
echo "Stopping steamcache2 (pid $SERVER_PID)..."
|
||||
if kill "$SERVER_PID" 2>/dev/null; then
|
||||
wait "$SERVER_PID" 2>/dev/null || true
|
||||
fi
|
||||
echo "Server stopped."
|
||||
}
|
||||
trap cleanup EXIT INT TERM
|
||||
|
||||
# Give the server a moment to bind and pass its own startup checks
|
||||
sleep 2
|
||||
|
||||
# Basic readiness probe using the actual configured port
|
||||
if ! curl -s --max-time 3 "${SERVER_URL}/" >/dev/null 2>&1; then
|
||||
echo "WARNING: Server did not respond quickly on ${SERVER_URL}/"
|
||||
echo " It may still be starting or bound to a different address."
|
||||
echo " Check the server logs above. You can still try the SteamPrefill commands."
|
||||
fi
|
||||
|
||||
if [[ "${VALIDATE_QUIET:-}" != "1" ]]; then
|
||||
echo ""
|
||||
echo "======================================================================"
|
||||
echo "steamcache2 is running (validation mode) on ${SERVER_URL}"
|
||||
echo ""
|
||||
echo "In another terminal (or on a machine that can reach this one), run:"
|
||||
echo ""
|
||||
echo " # One-time workload creation (run on a machine with SteamPrefill + Steam):"
|
||||
echo " SteamPrefill benchmark setup --preset LargeChunks"
|
||||
echo " # (or --use-selected, --all, --appid ..., or your own preset)"
|
||||
echo ""
|
||||
echo " # Copy the generated workload file to this machine if needed."
|
||||
echo ""
|
||||
echo " # Then run the actual benchmark (this is the realistic client simulator):"
|
||||
echo " SteamPrefill benchmark run -c 20 -i 3"
|
||||
echo ""
|
||||
echo "After the benchmark completes, you can inspect the cache with:"
|
||||
echo " curl -s ${SERVER_URL}/metrics | cat"
|
||||
echo ""
|
||||
echo "Or run: make validate-check (if the Makefile target exists)"
|
||||
echo ""
|
||||
echo "When you are finished, press Ctrl-C in this window to stop the server cleanly."
|
||||
echo "======================================================================"
|
||||
echo ""
|
||||
fi
|
||||
|
||||
# Wait for the background server (or for the user to Ctrl-C)
|
||||
wait $SERVER_PID || true
|
||||
@@ -0,0 +1,117 @@
|
||||
// steamcache/coalescing.go
|
||||
// Request coalescing (de-duplicating concurrent identical upstream fetches for the same
|
||||
// cache key). Includes the coalescedRequest state machine + waiter/leader coordination,
|
||||
// response buffering for thundering herd avoidance, and the coalescer wrapper that
|
||||
// owns the in-flight map + mutex (SteamCache methods delegate; no direct map access
|
||||
// in core or handler).
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
)
|
||||
|
||||
type coalescedRequest struct {
|
||||
waitingCount atomic.Int32
|
||||
done bool
|
||||
mu sync.Mutex
|
||||
// Buffered response data for coalesced clients
|
||||
responseData []byte
|
||||
responseHeaders http.Header
|
||||
statusCode int
|
||||
// Broadcast signal for all waiters (closed by leader in complete)
|
||||
doneCh chan struct{}
|
||||
completionErr error
|
||||
// Active protocol (post-legacy cleanup): waiters wake on doneCh, then read completionErr/response* under mu (or pre-unlock copies in waiter).
|
||||
}
|
||||
|
||||
func newCoalescedRequest() *coalescedRequest {
|
||||
cr := &coalescedRequest{
|
||||
done: false,
|
||||
responseHeaders: make(http.Header),
|
||||
doneCh: make(chan struct{}),
|
||||
}
|
||||
cr.waitingCount.Store(1)
|
||||
return cr
|
||||
}
|
||||
|
||||
func (cr *coalescedRequest) addWaiter() {
|
||||
cr.waitingCount.Add(1)
|
||||
}
|
||||
|
||||
func (cr *coalescedRequest) complete(resp *http.Response, err error) {
|
||||
cr.mu.Lock()
|
||||
defer cr.mu.Unlock()
|
||||
if cr.done {
|
||||
return
|
||||
}
|
||||
cr.done = true
|
||||
|
||||
if err != nil {
|
||||
cr.completionErr = err
|
||||
} else {
|
||||
// Store response data for coalesced clients
|
||||
if resp != nil {
|
||||
cr.statusCode = resp.StatusCode
|
||||
// Copy headers (excluding hop-by-hop headers via filter)
|
||||
cr.responseHeaders = filterHopByHopHeaders(resp.Header)
|
||||
}
|
||||
}
|
||||
// Broadcast to *all* waiters (thundering herd fix). Close is safe here because of the done guard above.
|
||||
close(cr.doneCh)
|
||||
}
|
||||
|
||||
// setResponseData stores the buffered response data for coalesced clients
|
||||
func (cr *coalescedRequest) setResponseData(data []byte) {
|
||||
cr.mu.Lock()
|
||||
defer cr.mu.Unlock()
|
||||
cr.responseData = make([]byte, len(data))
|
||||
copy(cr.responseData, data)
|
||||
}
|
||||
|
||||
// coalescer owns the coalesced requests map and mutex. It encapsulates the
|
||||
// in-flight request dedup state so SteamCache no longer directly manipulates
|
||||
// the raw map (Phase 2 extraction). Unexported; same-package access for tests.
|
||||
type coalescer struct {
|
||||
mu sync.Mutex
|
||||
requests map[string]*coalescedRequest
|
||||
}
|
||||
|
||||
// newCoalescer constructs an empty coalescer (called from SteamCache.New).
|
||||
func newCoalescer() *coalescer {
|
||||
return &coalescer{
|
||||
requests: make(map[string]*coalescedRequest),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *coalescer) getOrCreate(cacheKey string) (*coalescedRequest, bool) {
|
||||
c.mu.Lock()
|
||||
defer c.mu.Unlock()
|
||||
|
||||
if cr, exists := c.requests[cacheKey]; exists {
|
||||
cr.addWaiter()
|
||||
return cr, false
|
||||
}
|
||||
|
||||
cr := newCoalescedRequest()
|
||||
c.requests[cacheKey] = cr
|
||||
return cr, true
|
||||
}
|
||||
|
||||
func (c *coalescer) remove(cacheKey string) {
|
||||
c.mu.Lock()
|
||||
defer c.mu.Unlock()
|
||||
delete(c.requests, cacheKey)
|
||||
}
|
||||
|
||||
// getOrCreateCoalescedRequest delegates to the owned coalescer (preserves
|
||||
// existing call sites in handler.go and any white-box tests unchanged).
|
||||
func (sc *SteamCache) getOrCreateCoalescedRequest(cacheKey string) (*coalescedRequest, bool) {
|
||||
return sc.coalescer.getOrCreate(cacheKey)
|
||||
}
|
||||
|
||||
// removeCoalescedRequest delegates to the owned coalescer.
|
||||
func (sc *SteamCache) removeCoalescedRequest(cacheKey string) {
|
||||
sc.coalescer.remove(cacheKey)
|
||||
}
|
||||
@@ -0,0 +1,474 @@
|
||||
// steamcache/format.go
|
||||
// On-disk cache file format (SC2C magic + SHA256 content hash + raw HTTP response),
|
||||
// plus serialization, deserialization, response reconstruction for upstream fidelity,
|
||||
// streaming with HTTP Range request support, line parsing, range header parsing,
|
||||
// completeness verification, and hop-by-hop header filtering (shared across paths).
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"s1d3sw1ped/steamcache2/steamcache/logger"
|
||||
)
|
||||
|
||||
// Cache file format structures
|
||||
//
|
||||
// On-disk format (documented here at top of format.go per Phase 2 plan; stable v1):
|
||||
// File = header-line + raw-response-bytes
|
||||
// header-line = "SC2C " + 64hex(bodySHA256) + " " + strconv(len(rawResp)) + "\n"
|
||||
// raw-response-bytes = the exact bytes from reconstructRawResponse (HTTP/1.1 status\r\n + headers\r\n\r\n + body)
|
||||
// deserializeCacheFile: parses header, verifies size+SHA, returns CacheFileFormat.
|
||||
// No compression or extra fields. filterHopByHopHeaders is the shared helper
|
||||
// (used in streamCachedResponse, handler MISS, coalescing.complete).
|
||||
const (
|
||||
CacheFileMagic = "SC2C" // SteamCache2 Cache
|
||||
)
|
||||
|
||||
// CacheFileFormat represents the complete cache file structure
|
||||
type CacheFileFormat struct {
|
||||
ContentHash string // SHA256 hash of the response body (internal)
|
||||
ResponseSize int64 // Size of the entire HTTP response
|
||||
Response []byte // The entire HTTP response as raw bytes
|
||||
}
|
||||
|
||||
// serializeRawResponse serializes a raw HTTP response into our text-based cache format
|
||||
// upstreamHash and upstreamAlgo are used for verification during download but not stored
|
||||
func serializeRawResponse(rawResponse []byte) ([]byte, error) {
|
||||
// Extract body from raw response for hash calculation
|
||||
bodyStart := bytes.Index(rawResponse, []byte("\r\n\r\n"))
|
||||
if bodyStart == -1 {
|
||||
return nil, fmt.Errorf("invalid HTTP response format: no body separator found")
|
||||
}
|
||||
bodyStart += 4 // Skip the \r\n\r\n
|
||||
bodyData := rawResponse[bodyStart:]
|
||||
|
||||
// Always calculate our internal SHA256 hash
|
||||
contentHash := calculateSHA256(bodyData)
|
||||
|
||||
// Create text-based cache file
|
||||
var buf bytes.Buffer
|
||||
|
||||
// First line: magic number, content hash, response size
|
||||
headerLine := fmt.Sprintf("%s %s %d\n", CacheFileMagic, contentHash, len(rawResponse))
|
||||
buf.WriteString(headerLine)
|
||||
|
||||
// Rest of the file: raw HTTP response
|
||||
buf.Write(rawResponse)
|
||||
|
||||
return buf.Bytes(), nil
|
||||
}
|
||||
|
||||
// deserializeCacheFile deserializes our text-based cache format and returns both metadata and raw response
|
||||
func deserializeCacheFile(data []byte) (*CacheFileFormat, error) {
|
||||
if len(data) < 4 {
|
||||
return nil, fmt.Errorf("cache file too short")
|
||||
}
|
||||
|
||||
// Find the first newline to separate header from content
|
||||
newlineIndex := bytes.IndexByte(data, '\n')
|
||||
if newlineIndex == -1 {
|
||||
return nil, fmt.Errorf("invalid cache file format: no header line found")
|
||||
}
|
||||
|
||||
// Parse header line: "SC2C <hash> <size>"
|
||||
headerLine := string(data[:newlineIndex])
|
||||
parts := strings.Fields(headerLine)
|
||||
if len(parts) != 3 {
|
||||
return nil, fmt.Errorf("invalid header format: expected 3 fields, got %d", len(parts))
|
||||
}
|
||||
|
||||
// Check magic number
|
||||
if parts[0] != CacheFileMagic {
|
||||
return nil, fmt.Errorf("invalid cache file magic number: %s", parts[0])
|
||||
}
|
||||
|
||||
// Parse content hash
|
||||
contentHash := parts[1]
|
||||
if len(contentHash) != 64 {
|
||||
return nil, fmt.Errorf("invalid content hash length: expected 64, got %d", len(contentHash))
|
||||
}
|
||||
|
||||
// Parse response size
|
||||
responseSize, err := strconv.ParseInt(parts[2], 10, 64)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid response size: %w", err)
|
||||
}
|
||||
|
||||
// Extract raw response (everything after the header line)
|
||||
rawResponse := data[newlineIndex+1:]
|
||||
|
||||
// Verify response size
|
||||
if int64(len(rawResponse)) != responseSize {
|
||||
return nil, fmt.Errorf("response size mismatch: expected %d, got %d",
|
||||
responseSize, len(rawResponse))
|
||||
}
|
||||
|
||||
// Extract body from response for hash verification
|
||||
bodyStart := bytes.Index(rawResponse, []byte("\r\n\r\n"))
|
||||
if bodyStart == -1 {
|
||||
return nil, fmt.Errorf("invalid HTTP response format: no body separator found")
|
||||
}
|
||||
bodyStart += 4 // Skip the \r\n\r\n
|
||||
bodyData := rawResponse[bodyStart:]
|
||||
|
||||
// Verify our internal SHA256 hash
|
||||
calculatedSHA256 := calculateSHA256(bodyData)
|
||||
if calculatedSHA256 != contentHash {
|
||||
return nil, fmt.Errorf("content hash mismatch: expected %s, got %s",
|
||||
contentHash, calculatedSHA256)
|
||||
}
|
||||
|
||||
// Create cache file structure
|
||||
cacheFile := &CacheFileFormat{
|
||||
ContentHash: contentHash,
|
||||
ResponseSize: responseSize,
|
||||
Response: rawResponse,
|
||||
}
|
||||
|
||||
return cacheFile, nil
|
||||
}
|
||||
|
||||
// reconstructRawResponse reconstructs the exact HTTP response as received from upstream
|
||||
func (sc *SteamCache) reconstructRawResponse(resp *http.Response, bodyData []byte) []byte {
|
||||
var responseBuffer bytes.Buffer
|
||||
|
||||
// Write status line exactly as it would appear from upstream
|
||||
responseBuffer.WriteString(fmt.Sprintf("HTTP/1.1 %d %s\r\n", resp.StatusCode, http.StatusText(resp.StatusCode)))
|
||||
|
||||
// Write headers in the exact order and format as received
|
||||
for k, vv := range resp.Header {
|
||||
for _, v := range vv {
|
||||
responseBuffer.WriteString(fmt.Sprintf("%s: %s\r\n", k, v))
|
||||
}
|
||||
}
|
||||
responseBuffer.WriteString("\r\n") // End of headers
|
||||
|
||||
// Write body
|
||||
responseBuffer.Write(bodyData)
|
||||
|
||||
return responseBuffer.Bytes()
|
||||
}
|
||||
|
||||
// streamCachedResponse streams the raw HTTP response bytes directly to the client
|
||||
// Supports Range requests by serving partial content from the cached full file
|
||||
func (sc *SteamCache) streamCachedResponse(w http.ResponseWriter, r *http.Request, cacheFile *CacheFileFormat, cacheKey, clientIP string, tstart time.Time) {
|
||||
// Parse the HTTP response to extract headers for our own headers
|
||||
responseReader := bytes.NewReader(cacheFile.Response)
|
||||
|
||||
// Read the status line
|
||||
statusLine, err := readLine(responseReader)
|
||||
if err != nil {
|
||||
logger.Logger.Error().
|
||||
Str("key", cacheKey).
|
||||
Str("url", r.URL.String()).
|
||||
Err(err).
|
||||
Msg("Failed to read status line from cached response")
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementServiceError("cache_corrupt")
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Parse status code from status line
|
||||
var statusCode int
|
||||
if _, err := fmt.Sscanf(statusLine, "HTTP/1.1 %d", &statusCode); err != nil {
|
||||
logger.Logger.Error().
|
||||
Str("key", cacheKey).
|
||||
Str("url", r.URL.String()).
|
||||
Err(err).
|
||||
Msg("Failed to parse status code from cached response")
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementServiceError("cache_corrupt")
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Read headers
|
||||
headers := make(map[string][]string)
|
||||
for {
|
||||
line, err := readLine(responseReader)
|
||||
if err != nil {
|
||||
logger.Logger.Error().
|
||||
Str("key", cacheKey).
|
||||
Str("url", r.URL.String()).
|
||||
Err(err).
|
||||
Msg("Failed to read headers from cached response")
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementServiceError("cache_corrupt")
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Empty line indicates end of headers
|
||||
if line == "" {
|
||||
break
|
||||
}
|
||||
|
||||
// Parse header line
|
||||
parts := strings.SplitN(line, ":", 2)
|
||||
if len(parts) == 2 {
|
||||
key := strings.TrimSpace(parts[0])
|
||||
value := strings.TrimSpace(parts[1])
|
||||
headers[key] = append(headers[key], value)
|
||||
}
|
||||
}
|
||||
|
||||
// Get the body data (everything after headers)
|
||||
bodyStart := responseReader.Size() - int64(responseReader.Len())
|
||||
bodyData := cacheFile.Response[bodyStart:]
|
||||
|
||||
// Handle Range requests
|
||||
rangeHeader := r.Header.Get("Range")
|
||||
if rangeHeader != "" {
|
||||
// Parse the range request
|
||||
start, end, totalSize, valid := parseRangeHeader(rangeHeader, int64(len(bodyData)))
|
||||
if !valid {
|
||||
// Invalid range - return 416 Range Not Satisfiable
|
||||
w.Header().Set("Content-Range", fmt.Sprintf("bytes */%d", len(bodyData)))
|
||||
w.WriteHeader(http.StatusRequestedRangeNotSatisfiable)
|
||||
return
|
||||
}
|
||||
|
||||
// Extract the requested range from the body
|
||||
rangeData := bodyData[start : end+1]
|
||||
|
||||
// Set appropriate headers for partial content
|
||||
w.Header().Set("Content-Range", fmt.Sprintf("bytes %d-%d/%d", start, end, totalSize))
|
||||
w.Header().Set("Content-Length", fmt.Sprintf("%d", len(rangeData)))
|
||||
w.Header().Set("Accept-Ranges", "bytes")
|
||||
|
||||
// Copy other headers (excluding Content-Length which we set above)
|
||||
for k, vv := range filterHopByHopHeaders(headers) {
|
||||
if strings.ToLower(k) == "content-length" {
|
||||
continue // We set this above for the range
|
||||
}
|
||||
for _, v := range vv {
|
||||
w.Header().Add(k, v)
|
||||
}
|
||||
}
|
||||
|
||||
// Add our own headers
|
||||
w.Header().Set("X-LanCache-Status", "HIT")
|
||||
w.Header().Set("X-LanCache-Processed-By", "SteamCache2")
|
||||
|
||||
// Write 206 Partial Content status
|
||||
w.WriteHeader(http.StatusPartialContent)
|
||||
|
||||
// Send the range data
|
||||
_, _ = w.Write(rangeData) // client write error ignored (disconnect during range body send is not actionable)
|
||||
|
||||
logger.Logger.Info().
|
||||
Str("cache_key", cacheKey).
|
||||
Str("url", r.URL.String()).
|
||||
Str("host", r.Host).
|
||||
Str("client_ip", clientIP).
|
||||
Str("cache_status", "HIT").
|
||||
Str("range", fmt.Sprintf("%d-%d/%d", start, end, totalSize)).
|
||||
Int64("range_size", end-start+1).
|
||||
Dur("response_time", time.Since(tstart)).
|
||||
Msg("cache request")
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// No range request - serve the full file
|
||||
// Set response headers (excluding hop-by-hop headers)
|
||||
for k, vv := range filterHopByHopHeaders(headers) {
|
||||
for _, v := range vv {
|
||||
w.Header().Add(k, v)
|
||||
}
|
||||
}
|
||||
|
||||
// Add our own headers
|
||||
w.Header().Set("X-LanCache-Status", "HIT")
|
||||
w.Header().Set("X-LanCache-Processed-By", "SteamCache2")
|
||||
|
||||
// Write status code
|
||||
w.WriteHeader(statusCode)
|
||||
|
||||
// Stream the full response body
|
||||
_, _ = w.Write(bodyData) // client write error ignored (disconnect during full cached body send is not actionable)
|
||||
|
||||
logger.Logger.Info().
|
||||
Str("cache_key", cacheKey).
|
||||
Str("url", r.URL.String()).
|
||||
Str("host", r.Host).
|
||||
Str("client_ip", clientIP).
|
||||
Str("cache_status", "HIT").
|
||||
Int64("file_size", int64(len(bodyData))).
|
||||
Dur("response_time", time.Since(tstart)).
|
||||
Msg("cache request")
|
||||
}
|
||||
|
||||
// readLine reads a line from the reader, removing \r\n
|
||||
func readLine(reader *bytes.Reader) (string, error) {
|
||||
var line []byte
|
||||
for {
|
||||
b, err := reader.ReadByte()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
if b == '\n' {
|
||||
// Remove \r if present
|
||||
if len(line) > 0 && line[len(line)-1] == '\r' {
|
||||
line = line[:len(line)-1]
|
||||
}
|
||||
return string(line), nil
|
||||
}
|
||||
line = append(line, b)
|
||||
}
|
||||
}
|
||||
|
||||
// parseRangeHeader parses a Range header and returns start, end, totalSize, and validity
|
||||
// Supports formats like "bytes=0-1023", "bytes=1024-", "bytes=-500"
|
||||
func parseRangeHeader(rangeHeader string, totalSize int64) (start, end, total int64, valid bool) {
|
||||
// Remove "bytes=" prefix
|
||||
if !strings.HasPrefix(strings.ToLower(rangeHeader), "bytes=") {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
|
||||
rangeSpec := strings.TrimSpace(rangeHeader[6:]) // Remove "bytes="
|
||||
|
||||
// Handle single range (we don't support multiple ranges)
|
||||
if strings.Contains(rangeSpec, ",") {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
|
||||
// Parse the range
|
||||
if strings.Contains(rangeSpec, "-") {
|
||||
parts := strings.Split(rangeSpec, "-")
|
||||
if len(parts) != 2 {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
|
||||
startStr := strings.TrimSpace(parts[0])
|
||||
endStr := strings.TrimSpace(parts[1])
|
||||
|
||||
var rangeStart, rangeEnd int64
|
||||
var parseErr error
|
||||
|
||||
if startStr == "" {
|
||||
// Suffix range: "-500" means last 500 bytes
|
||||
if endStr == "" {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
suffix, perr := strconv.ParseInt(endStr, 10, 64)
|
||||
if perr != nil || suffix <= 0 {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
rangeStart = totalSize - suffix
|
||||
if rangeStart < 0 {
|
||||
rangeStart = 0
|
||||
}
|
||||
rangeEnd = totalSize - 1
|
||||
} else if endStr == "" {
|
||||
// Open range: "1024-" means from 1024 to end
|
||||
rangeStart, parseErr = strconv.ParseInt(startStr, 10, 64)
|
||||
if parseErr != nil || rangeStart < 0 {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
rangeEnd = totalSize - 1
|
||||
} else {
|
||||
// Closed range: "0-1023"
|
||||
rangeStart, parseErr = strconv.ParseInt(startStr, 10, 64)
|
||||
if parseErr != nil || rangeStart < 0 {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
rangeEnd, parseErr = strconv.ParseInt(endStr, 10, 64)
|
||||
if parseErr != nil || rangeEnd < rangeStart {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
}
|
||||
|
||||
// Validate bounds
|
||||
if rangeStart >= totalSize || rangeEnd >= totalSize || rangeStart > rangeEnd {
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
|
||||
return rangeStart, rangeEnd, totalSize, true
|
||||
}
|
||||
|
||||
return 0, 0, totalSize, false
|
||||
}
|
||||
|
||||
// verifyCompleteFile verifies that we received the complete file by checking Content-Length
|
||||
// Returns true if the file is complete, false if it's incomplete (allowing retry)
|
||||
func (sc *SteamCache) verifyCompleteFile(bodyData []byte, resp *http.Response, urlPath string, cacheKey string) bool {
|
||||
// Check if we have a Content-Length header to verify against
|
||||
if resp.ContentLength > 0 {
|
||||
receivedBytes := int64(len(bodyData))
|
||||
if receivedBytes != resp.ContentLength {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Int64("received_bytes", receivedBytes).
|
||||
Int64("expected_bytes", resp.ContentLength).
|
||||
Msg("File size mismatch - incomplete download detected")
|
||||
return false
|
||||
}
|
||||
|
||||
logger.Logger.Debug().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Int64("file_size", receivedBytes).
|
||||
Msg("File completeness verified")
|
||||
} else {
|
||||
// No Content-Length header - we can't verify completeness
|
||||
// This is common with chunked transfer encoding
|
||||
// We don't cache chunked content to avoid risk of incomplete data
|
||||
logger.Logger.Info().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Int("received_bytes", len(bodyData)).
|
||||
Msg("No Content-Length header - passing through without caching")
|
||||
return false // Don't cache chunked content
|
||||
}
|
||||
|
||||
// Basic check: ensure we got some content
|
||||
if len(bodyData) == 0 {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Msg("Empty file received")
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// hop-by-hop headers (per RFC) + filter helper are owned here (core to response
|
||||
// header handling in cached streaming paths) but visible package-wide.
|
||||
var hopByHopHeaders = map[string]struct{}{
|
||||
"Connection": {},
|
||||
"Keep-Alive": {},
|
||||
"Proxy-Authenticate": {},
|
||||
"Proxy-Authorization": {},
|
||||
"TE": {},
|
||||
"Trailer": {},
|
||||
"Transfer-Encoding": {},
|
||||
"Upgrade": {},
|
||||
"Date": {},
|
||||
"Server": {},
|
||||
}
|
||||
|
||||
// filterHopByHopHeaders returns a copy of src containing only headers that are
|
||||
// safe to forward (excluding hop-by-hop headers per RFC 2616 / 7230 semantics).
|
||||
// Used by streaming, MISS write, and coalesced completion paths.
|
||||
func filterHopByHopHeaders(src http.Header) http.Header {
|
||||
if src == nil {
|
||||
return nil
|
||||
}
|
||||
dst := make(http.Header, len(src))
|
||||
for k, vv := range src {
|
||||
if _, skip := hopByHopHeaders[http.CanonicalHeaderKey(k)]; skip {
|
||||
continue
|
||||
}
|
||||
dst[k] = append([]string(nil), vv...)
|
||||
}
|
||||
return dst
|
||||
}
|
||||
@@ -0,0 +1,702 @@
|
||||
// steamcache/handler.go
|
||||
// HTTP handler surface: ServeHTTP (thin dispatcher), special endpoint handling,
|
||||
// Options/NewWithOptions. Phase 3: requestProcessor + 4 narrow interfaces + injection
|
||||
// introduced as foundation (bulk logic preserved on SteamCache pending future small PR
|
||||
// per plan Risks; see deferral block below). Text metrics writer promoted.
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"s1d3sw1ped/steamcache2/steamcache/logger"
|
||||
"s1d3sw1ped/steamcache2/steamcache/metrics"
|
||||
)
|
||||
|
||||
// Minimal Options + NewWithOptions usage (delegates to the main positional constructor).
|
||||
// NewWithOptions propagates the error return from New (see New godoc).
|
||||
type Options struct {
|
||||
Address string
|
||||
MemorySize string
|
||||
DiskSize string
|
||||
DiskPath string
|
||||
Upstream string
|
||||
MemoryGC string
|
||||
DiskGC string
|
||||
MaxConcurrentRequests int64
|
||||
MaxRequestsPerClient int64
|
||||
|
||||
// New config fields for hardening (max object size + trusted proxies)
|
||||
MaxObjectSize string
|
||||
TrustedProxies []string
|
||||
}
|
||||
|
||||
func NewWithOptions(o Options) (*SteamCache, error) {
|
||||
return New(o.Address, o.MemorySize, o.DiskSize, o.DiskPath, o.Upstream, o.MemoryGC, o.DiskGC, o.MaxConcurrentRequests, o.MaxRequestsPerClient, o.MaxObjectSize, o.TrustedProxies)
|
||||
}
|
||||
|
||||
// handleSpecialEndpoints handles non-content paths (health, heartbeat, metrics) and
|
||||
// returns true if the request was fully handled (caller should return immediately).
|
||||
// Non-GET method check remains in ServeHTTP for clarity.
|
||||
func (sc *SteamCache) handleSpecialEndpoints(w http.ResponseWriter, r *http.Request, clientIP string) bool {
|
||||
if r.URL.Path == "/" {
|
||||
logger.Logger.Debug().
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Health check request")
|
||||
w.WriteHeader(http.StatusOK) // this is used by steamcache2's upstream verification at startup
|
||||
return true
|
||||
}
|
||||
|
||||
if r.URL.String() == "/lancache-heartbeat" {
|
||||
logger.Logger.Debug().
|
||||
Str("client_ip", clientIP).
|
||||
Msg("LanCache heartbeat request")
|
||||
w.Header().Add("X-LanCache-Processed-By", "SteamCache2")
|
||||
w.WriteHeader(http.StatusNoContent)
|
||||
_, _ = w.Write(nil) // client write error ignored (heartbeat path; nil write is no-op)
|
||||
return true
|
||||
}
|
||||
|
||||
if r.URL.String() == "/metrics" {
|
||||
// Return metrics in a simple text format
|
||||
stats := sc.GetMetrics()
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
w.WriteHeader(http.StatusOK)
|
||||
metrics.WriteText(w, stats)
|
||||
return true
|
||||
}
|
||||
|
||||
// Not a special path — signal caller to continue with service detection / normal flow.
|
||||
// Unsupported services will hit the final 404 in ServeHTTP.
|
||||
return false
|
||||
}
|
||||
|
||||
// handleCacheHit attempts to serve the request from the VFS cache (memory or disk tier).
|
||||
// It handles deserialization, corruption cleanup, metrics, and streaming on success.
|
||||
// Returns true if the request was fully handled (ServeHTTP caller should return immediately).
|
||||
func (sc *SteamCache) handleCacheHit(w http.ResponseWriter, r *http.Request, cachePath, cacheKey, urlPath string, service *ServiceConfig, clientIP string, tstart time.Time) bool {
|
||||
// Try to serve from cache
|
||||
file, err := sc.vfs.Open(cachePath)
|
||||
if err == nil {
|
||||
defer func() { _ = file.Close() }() // best-effort close of cache file reader; error secondary (data already read or connection issue)
|
||||
|
||||
// Read the entire cached file
|
||||
cachedData, err := io.ReadAll(file)
|
||||
if err != nil {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Err(err).
|
||||
Msg("Failed to read cached file - removing corrupted entry")
|
||||
_ = sc.vfs.Delete(cachePath) // best-effort cleanup of corrupt entry; failure non-fatal (logged)
|
||||
} else {
|
||||
// Deserialize using new format
|
||||
cacheFile, err := deserializeCacheFile(cachedData)
|
||||
if err != nil {
|
||||
// Cache file is corrupted or invalid format
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Err(err).
|
||||
Msg("Failed to deserialize cache file - removing corrupted entry")
|
||||
_ = sc.vfs.Delete(cachePath) // best-effort cleanup of corrupt entry; failure non-fatal (logged)
|
||||
} else {
|
||||
// Track cache hit metrics
|
||||
sc.metrics.IncrementCacheHits()
|
||||
sc.metrics.AddResponseTime(time.Since(tstart))
|
||||
sc.metrics.AddBytesServed(int64(len(cachedData)))
|
||||
sc.metrics.AddBytesSaved(int64(len(cachedData)))
|
||||
sc.metrics.IncrementServiceRequests(service.Name)
|
||||
|
||||
logger.Logger.Debug().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("content_hash", cacheFile.ContentHash).
|
||||
Msg("Successfully loaded from cache")
|
||||
|
||||
// Stream the raw HTTP response directly
|
||||
sc.streamCachedResponse(w, r, cacheFile, cacheKey, clientIP, tstart)
|
||||
return true
|
||||
}
|
||||
}
|
||||
// If we reach here, cache validation failed and we need to fetch from upstream
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// waitForCoalesced handles the follower path for a coalesced in-flight request.
|
||||
// It waits on the broadcast doneCh, serves the buffered response (or error), updates
|
||||
// coalesced metrics, and returns (the caller in ServeHTTP does the outer return).
|
||||
func (sc *SteamCache) waitForCoalesced(w http.ResponseWriter, r *http.Request, coalescedReq *coalescedRequest, cacheKey, urlPath string, service *ServiceConfig, clientIP string, tstart time.Time) {
|
||||
// Wait for the existing download to complete
|
||||
logger.Logger.Debug().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("client_ip", clientIP).
|
||||
Int("waiting_clients", int(coalescedReq.waitingCount.Load())).
|
||||
Msg("Joining coalesced request")
|
||||
|
||||
// Wait on the broadcast doneCh (closed once by leader). All N waiters wake.
|
||||
select {
|
||||
case <-coalescedReq.doneCh:
|
||||
case <-r.Context().Done():
|
||||
return
|
||||
}
|
||||
|
||||
coalescedReq.mu.Lock()
|
||||
if coalescedReq.completionErr != nil {
|
||||
err := coalescedReq.completionErr
|
||||
coalescedReq.mu.Unlock()
|
||||
logger.Logger.Error().
|
||||
Err(err).
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Coalesced request failed")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Upstream request failed", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if coalescedReq.responseData == nil {
|
||||
coalescedReq.mu.Unlock()
|
||||
logger.Logger.Error().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("No response data available for coalesced client")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "No response data available", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Copy the buffered response data + headers under lock (consistent with complete() write side; safe for happens-before + future changes)
|
||||
responseData := make([]byte, len(coalescedReq.responseData))
|
||||
copy(responseData, coalescedReq.responseData)
|
||||
headersCopy := make(http.Header, len(coalescedReq.responseHeaders))
|
||||
for k, vv := range coalescedReq.responseHeaders {
|
||||
headersCopy[k] = append([]string(nil), vv...)
|
||||
}
|
||||
coalescedReq.mu.Unlock()
|
||||
|
||||
// Serve the buffered response
|
||||
for k, vv := range headersCopy {
|
||||
for _, v := range vv {
|
||||
w.Header().Add(k, v)
|
||||
}
|
||||
}
|
||||
w.Header().Set("X-LanCache-Status", "HIT-COALESCED")
|
||||
w.Header().Set("X-LanCache-Processed-By", "SteamCache2")
|
||||
w.WriteHeader(coalescedReq.statusCode)
|
||||
_, _ = w.Write(responseData) // client write error ignored (disconnect during coalesced response send is not actionable)
|
||||
|
||||
// Track coalesced cache hit metrics
|
||||
sc.metrics.IncrementCacheCoalesced()
|
||||
sc.metrics.AddResponseTime(time.Since(tstart))
|
||||
sc.metrics.AddBytesServed(int64(len(responseData)))
|
||||
sc.metrics.AddBytesSaved(int64(len(responseData)))
|
||||
sc.metrics.IncrementServiceRequests(service.Name)
|
||||
|
||||
logger.Logger.Info().
|
||||
Str("cache_key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("host", r.Host).
|
||||
Str("client_ip", clientIP).
|
||||
Str("cache_status", "HIT-COALESCED").
|
||||
Int("waiting_clients", int(coalescedReq.waitingCount.Load())).
|
||||
Int64("file_size", int64(len(responseData))).
|
||||
Dur("response_time", time.Since(tstart)).
|
||||
Msg("cache request")
|
||||
}
|
||||
|
||||
func (sc *SteamCache) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
clientIP := getClientIP(r, sc.trustedProxies)
|
||||
|
||||
// Set keep-alive headers for better performance
|
||||
w.Header().Set("Connection", "keep-alive")
|
||||
w.Header().Set("Keep-Alive", "timeout=300, max=1000")
|
||||
|
||||
// Apply global concurrency limit first
|
||||
// Propagate request context for cancellation support
|
||||
if err := sc.requestSemaphore.Acquire(r.Context(), 1); err != nil {
|
||||
// Capacity rejections are counted in Errors + RateLimited but intentionally *before* TotalRequests.
|
||||
// This preserves original hit-rate / processed-traffic semantics for accepted requests only.
|
||||
// (All other 5xx occur after Total inc.)
|
||||
sc.metrics.IncrementRateLimited()
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementServiceError("rate_limit")
|
||||
logger.Logger.Warn().Str("client_ip", clientIP).Msg("Server at capacity, rejecting request")
|
||||
http.Error(w, "Server busy, please try again later", http.StatusServiceUnavailable)
|
||||
return
|
||||
}
|
||||
defer sc.requestSemaphore.Release(1)
|
||||
|
||||
// Apply per-client rate limiting
|
||||
clientLimiter := sc.getOrCreateClientLimiter(clientIP)
|
||||
|
||||
// Per-client request limiting (context aware)
|
||||
if err := clientLimiter.semaphore.Acquire(r.Context(), 1); err != nil {
|
||||
logger.Logger.Warn().
|
||||
Str("client_ip", clientIP).
|
||||
Int("max_per_client", int(sc.maxRequestsPerClient)).
|
||||
Msg("Client exceeded concurrent request limit")
|
||||
http.Error(w, "Too many concurrent requests from this client", http.StatusTooManyRequests)
|
||||
return
|
||||
}
|
||||
defer clientLimiter.semaphore.Release(1)
|
||||
|
||||
if r.Method != http.MethodGet {
|
||||
logger.Logger.Warn().
|
||||
Str("method", r.Method).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Only GET method is supported")
|
||||
http.Error(w, "Only GET method is supported", http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
|
||||
if sc.handleSpecialEndpoints(w, r, clientIP) {
|
||||
return
|
||||
}
|
||||
|
||||
// Check if this is a request from a supported service
|
||||
if service, isSupported := sc.detectService(r); isSupported {
|
||||
// trim the query parameters from the URL path
|
||||
// this is necessary because the cache key should not include query parameters
|
||||
urlPath := strings.SplitN(r.URL.String(), "?", 2)[0] // trim query for cache key (SplitN makes intent explicit vs Cut + ignored bool)
|
||||
|
||||
// Validate URL path for security
|
||||
if err := validateURLPath(urlPath); err != nil {
|
||||
logger.Logger.Warn().
|
||||
Err(err).
|
||||
Str("url", urlPath).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Invalid URL path detected")
|
||||
http.Error(w, "Invalid URL", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
tstart := time.Now()
|
||||
|
||||
// Generate service cache key: {service}/{hash} (prefix indicates service via User-Agent)
|
||||
cacheKey, err := generateServiceCacheKey(urlPath, service.Prefix)
|
||||
if err != nil {
|
||||
logger.Logger.Warn().
|
||||
Err(err).
|
||||
Str("url", urlPath).
|
||||
Str("service", service.Name).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Failed to generate cache key")
|
||||
http.Error(w, "Invalid URL", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
w.Header().Add("X-LanCache-Processed-By", "SteamCache2") // SteamPrefill uses this header to determine if the request was processed by the cache maybe steam uses it too
|
||||
|
||||
cachePath := cacheKey // You may want to add a .http or .cache extension for clarity
|
||||
|
||||
logger.Logger.Debug().
|
||||
Str("url", urlPath).
|
||||
Str("key", cacheKey).
|
||||
Str("client_ip", clientIP).
|
||||
Msg("Generated cache key")
|
||||
|
||||
// Only count real cacheable service traffic toward total_requests / hit_rate.
|
||||
// Special endpoints (/, /metrics, /lancache-heartbeat) and unsupported services
|
||||
// are intentionally excluded so that idle monitoring doesn't dilute the hit rate.
|
||||
sc.metrics.IncrementTotalRequests()
|
||||
|
||||
if sc.handleCacheHit(w, r, cachePath, cacheKey, urlPath, service, clientIP, tstart) {
|
||||
return
|
||||
}
|
||||
// If we reach here, cache validation failed and we need to fetch from upstream
|
||||
|
||||
// Check for coalesced request (another client already downloading this)
|
||||
coalescedReq, isNew := sc.getOrCreateCoalescedRequest(cacheKey)
|
||||
if !isNew {
|
||||
sc.waitForCoalesced(w, r, coalescedReq, cacheKey, urlPath, service, clientIP, tstart)
|
||||
return
|
||||
}
|
||||
|
||||
// Remove coalesced request when done
|
||||
defer sc.removeCoalescedRequest(cacheKey)
|
||||
|
||||
var req *http.Request
|
||||
if sc.upstream != "" { // if an upstream server is configured, proxy the request to the upstream server
|
||||
ur, joinErr := url.JoinPath(sc.upstream, urlPath)
|
||||
if joinErr != nil {
|
||||
logger.Logger.Error().Err(joinErr).Str("upstream", sc.upstream).Msg("Failed to join URL path")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Failed to join URL path", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
var createErr error
|
||||
req, createErr = http.NewRequestWithContext(r.Context(), http.MethodGet, ur, nil)
|
||||
if createErr != nil {
|
||||
logger.Logger.Error().Err(createErr).Str("upstream", sc.upstream).Msg("Failed to create request")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Failed to create request", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
req.Host = r.Host
|
||||
} else { // if no upstream server is configured, proxy the request to the host specified in the request
|
||||
host := r.Host
|
||||
if r.Header.Get("X-Sls-Https") == "enable" {
|
||||
host = "https://" + host
|
||||
} else {
|
||||
host = "http://" + host
|
||||
}
|
||||
|
||||
ur, joinErr := url.JoinPath(host, urlPath)
|
||||
if joinErr != nil {
|
||||
logger.Logger.Error().Err(joinErr).Str("host", host).Msg("Failed to join URL path")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Failed to join URL path", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
var createErr error
|
||||
req, createErr = http.NewRequestWithContext(r.Context(), http.MethodGet, ur, nil)
|
||||
if createErr != nil {
|
||||
logger.Logger.Error().Err(createErr).Str("host", host).Msg("Failed to create request")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Failed to create request", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
req.Host = r.Host
|
||||
}
|
||||
|
||||
// Copy headers from the original request to the new request
|
||||
// BUT exclude Range headers - we always want to cache the full file
|
||||
for key, values := range r.Header {
|
||||
// Skip Range headers to ensure we always cache the complete file
|
||||
if strings.ToLower(key) == "range" {
|
||||
logger.Logger.Debug().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("range_header", values[0]).
|
||||
Msg("Skipping Range header to cache full file")
|
||||
continue
|
||||
}
|
||||
for _, value := range values {
|
||||
req.Header.Add(key, value)
|
||||
}
|
||||
}
|
||||
|
||||
// Retry logic
|
||||
backoffSchedule := []time.Duration{1 * time.Second, 3 * time.Second, 10 * time.Second}
|
||||
var resp *http.Response
|
||||
for i, backoff := range backoffSchedule {
|
||||
resp, err = sc.client.Do(req)
|
||||
if err == nil && resp.StatusCode == http.StatusOK {
|
||||
break
|
||||
}
|
||||
if i < len(backoffSchedule)-1 {
|
||||
time.Sleep(backoff)
|
||||
}
|
||||
}
|
||||
if err != nil {
|
||||
logger.Logger.Error().Err(err).Str("url", req.URL.String()).Msg("Failed to fetch the requested URL")
|
||||
|
||||
if resp != nil {
|
||||
_ = resp.Body.Close() // best-effort close on upstream fetch error; primary error logged/returned
|
||||
}
|
||||
// Complete coalesced request with error
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, err)
|
||||
}
|
||||
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementUpstreamErrors()
|
||||
sc.metrics.IncrementServiceError("upstream")
|
||||
http.Error(w, "Failed to fetch the requested URL", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
logger.Logger.Error().Int("status_code", resp.StatusCode).Str("url", req.URL.String()).Msg("Failed to fetch the requested URL (non-OK status after retries)")
|
||||
|
||||
_ = resp.Body.Close() // best-effort close on non-OK upstream; primary error path
|
||||
// Complete coalesced request with error
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, fmt.Errorf("upstream returned status %d", resp.StatusCode))
|
||||
}
|
||||
|
||||
sc.metrics.IncrementErrors()
|
||||
sc.metrics.IncrementUpstreamErrors()
|
||||
sc.metrics.IncrementServiceError("upstream")
|
||||
http.Error(w, "Failed to fetch the requested URL", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
defer func() { _ = resp.Body.Close() }() // best-effort close for success upstream response body (standard handler cleanup)
|
||||
|
||||
// Fast path: Flexible lightweight validation for all files
|
||||
// Multiple validation layers ensure data integrity without blocking legitimate Steam content
|
||||
|
||||
// Method 2: Content-Type Validation (Steam files can be various types)
|
||||
contentType := resp.Header.Get("Content-Type")
|
||||
if contentType != "" {
|
||||
// Log the content type for monitoring, but don't restrict based on it
|
||||
// Steam serves different content types: chunks, manifests, patches, etc.
|
||||
logger.Logger.Debug().
|
||||
Str("url", req.URL.String()).
|
||||
Str("content_type", contentType).
|
||||
Str("service", service.Name).
|
||||
Msg("Content type from upstream")
|
||||
}
|
||||
|
||||
// Method 3: Content-Length Validation
|
||||
expectedSize := resp.ContentLength
|
||||
|
||||
// Reject only truly invalid content lengths (zero or negative)
|
||||
// When max object size limit is set, treat unknown or lying Content-Length as potential oversize (return 413).
|
||||
if expectedSize <= 0 {
|
||||
if sc.maxObjectSize > 0 {
|
||||
logger.Logger.Warn().
|
||||
Str("url", req.URL.String()).
|
||||
Int64("content_length", expectedSize).
|
||||
Int64("max_object_size", sc.maxObjectSize).
|
||||
Msg("Chunked/unknown Content-Length with size limit set - treating as potential oversize")
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, fmt.Errorf("chunked response with size limit"))
|
||||
}
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Response too large (chunked)", http.StatusRequestEntityTooLarge)
|
||||
return
|
||||
}
|
||||
logger.Logger.Error().
|
||||
Str("url", req.URL.String()).
|
||||
Int64("content_length", expectedSize).
|
||||
Msg("Invalid content length, rejecting file")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Invalid content length", http.StatusBadGateway)
|
||||
return
|
||||
}
|
||||
|
||||
// Content length is valid - no size restrictions to keep logs clean
|
||||
|
||||
// Bounded response size to prevent OOM (capped reader chosen for minimal VFS impact).
|
||||
// Large objects still served if <= limit; >limit returns 413 without caching or unbounded ReadAll.
|
||||
// Coalesced paths also protected (leader enforces before buffering).
|
||||
// Security: mitigates DoS via huge malicious upstream responses/manifests.
|
||||
if sc.maxObjectSize > 0 && expectedSize > sc.maxObjectSize {
|
||||
logger.Logger.Warn().
|
||||
Str("url", req.URL.String()).
|
||||
Int64("content_length", expectedSize).
|
||||
Int64("max_object_size", sc.maxObjectSize).
|
||||
Msg("Response exceeds configured max object size limit - rejecting to prevent OOM")
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, fmt.Errorf("response too large: %d > %d", expectedSize, sc.maxObjectSize))
|
||||
}
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Response too large", http.StatusRequestEntityTooLarge)
|
||||
return
|
||||
}
|
||||
|
||||
// Read the entire response body into memory to avoid consuming it twice
|
||||
// LimitReader caps the body even if the client lied about Content-Length.
|
||||
readLimit := resp.ContentLength
|
||||
if sc.maxObjectSize > 0 && (readLimit <= 0 || readLimit > sc.maxObjectSize) {
|
||||
readLimit = sc.maxObjectSize
|
||||
}
|
||||
bodyData, err := io.ReadAll(io.LimitReader(resp.Body, readLimit+1))
|
||||
if err != nil {
|
||||
logger.Logger.Error().
|
||||
Err(err).
|
||||
Str("url", req.URL.String()).
|
||||
Msg("Failed to read response body")
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Failed to read response", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
// Detect truncation from LimitReader (lying CL or chunked > limit)
|
||||
if sc.maxObjectSize > 0 && int64(len(bodyData)) > sc.maxObjectSize {
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, fmt.Errorf("response body exceeded limit"))
|
||||
}
|
||||
sc.metrics.IncrementErrors()
|
||||
http.Error(w, "Response too large", http.StatusRequestEntityTooLarge)
|
||||
return
|
||||
}
|
||||
// Body closed by defer resp.Body.Close() at entry to success path
|
||||
|
||||
// Reconstruct the exact HTTP response as received from upstream
|
||||
rawResponse := sc.reconstructRawResponse(resp, bodyData)
|
||||
|
||||
// Write to response
|
||||
// Remove hop-by-hop headers (server-specific like Server are included in hopByHop set)
|
||||
for k, vv := range filterHopByHopHeaders(resp.Header) {
|
||||
for _, v := range vv {
|
||||
w.Header().Add(k, v)
|
||||
}
|
||||
}
|
||||
// Add our own headers
|
||||
w.Header().Set("X-LanCache-Status", "MISS")
|
||||
w.Header().Set("X-LanCache-Processed-By", "SteamCache2")
|
||||
|
||||
// Stream the response body to client
|
||||
w.WriteHeader(resp.StatusCode)
|
||||
_, _ = w.Write(bodyData) // client write error ignored (disconnect during MISS body send is not actionable)
|
||||
|
||||
// Track cache miss metrics
|
||||
sc.metrics.IncrementCacheMisses()
|
||||
sc.metrics.AddResponseTime(time.Since(tstart))
|
||||
sc.metrics.AddBytesServed(int64(len(bodyData)))
|
||||
sc.metrics.IncrementServiceRequests(service.Name)
|
||||
|
||||
// Verify we received the complete file by checking Content-Length
|
||||
if !sc.verifyCompleteFile(bodyData, resp, urlPath, cacheKey) {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Int("received_bytes", len(bodyData)).
|
||||
Int64("expected_bytes", resp.ContentLength).
|
||||
Msg("Incomplete file received - not caching to allow retry")
|
||||
if isNew {
|
||||
coalescedReq.complete(nil, fmt.Errorf("incomplete file received - not caching"))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// Serialize the raw response using our new cache format
|
||||
cacheData, err := serializeRawResponse(rawResponse)
|
||||
if err != nil {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Err(err).
|
||||
Msg("Failed to serialize cache file")
|
||||
sc.metrics.IncrementCacheWriteFailures()
|
||||
sc.metrics.IncrementServiceError("serialize")
|
||||
} else {
|
||||
// Store the serialized cache data
|
||||
cacheWriter, err := sc.vfs.Create(cachePath, int64(len(cacheData)))
|
||||
if err == nil {
|
||||
defer func() { _ = cacheWriter.Close() }() // best-effort close of cache writer; errors on close (e.g. final sync) logged via prior write checks or non-fatal
|
||||
|
||||
// Write the serialized cache data
|
||||
bytesWritten, cacheErr := cacheWriter.Write(cacheData)
|
||||
|
||||
if cacheErr != nil || bytesWritten != len(cacheData) {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Int("expected", len(cacheData)).
|
||||
Int("written", bytesWritten).
|
||||
Err(cacheErr).
|
||||
Msg("Cache write failed or incomplete - removing corrupted entry")
|
||||
sc.metrics.IncrementCacheWriteFailures()
|
||||
sc.metrics.IncrementServiceError("cache_write")
|
||||
_ = sc.vfs.Delete(cachePath) // best-effort removal of partial corrupt cache entry on write failure; non-fatal. Deferred cacheWriter.Close() (from earlier in block) runs after this on error unwind path (harmless per DiskFS design)
|
||||
} else {
|
||||
logger.Logger.Debug().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("service", service.Name).
|
||||
Int("size", bytesWritten).
|
||||
Msg("Successfully cached response")
|
||||
}
|
||||
} else {
|
||||
logger.Logger.Warn().
|
||||
Str("key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Err(err).
|
||||
Msg("Failed to create cache file")
|
||||
sc.metrics.IncrementCacheWriteFailures()
|
||||
sc.metrics.IncrementServiceError("cache_create")
|
||||
}
|
||||
}
|
||||
|
||||
// Complete coalesced request with the original response
|
||||
if isNew {
|
||||
coalescedResp := &http.Response{
|
||||
StatusCode: resp.StatusCode,
|
||||
Status: resp.Status,
|
||||
Header: make(http.Header),
|
||||
Body: io.NopCloser(bytes.NewReader(bodyData)), // Buffered body for coalesced clients
|
||||
}
|
||||
for k, vv := range resp.Header {
|
||||
coalescedResp.Header[k] = vv
|
||||
}
|
||||
coalescedReq.setResponseData(bodyData)
|
||||
coalescedReq.complete(coalescedResp, nil)
|
||||
}
|
||||
|
||||
logger.Logger.Info().
|
||||
Str("cache_key", cacheKey).
|
||||
Str("url", urlPath).
|
||||
Str("host", r.Host).
|
||||
Str("client_ip", clientIP).
|
||||
Str("service", service.Name).
|
||||
Str("cache_status", "MISS").
|
||||
Int64("file_size", int64(len(bodyData))).
|
||||
Dur("response_time", time.Since(tstart)).
|
||||
Msg("cache request")
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
http.Error(w, "Not found", http.StatusNotFound)
|
||||
}
|
||||
|
||||
// Phase 3 foundation (requestProcessor + narrow interfaces for DI/fakes) introduced here.
|
||||
// Full bulk move + active delegation deferred (intentionally) to keep diff minimal
|
||||
// and protect shutdown/concurrency hygiene per plan explicit Risks note + "small PRs".
|
||||
// Wiring + types enable the goal; existing logic + helpers preserved verbatim.
|
||||
type cacheReader interface {
|
||||
Open(key string) (io.ReadCloser, error)
|
||||
Create(key string, size int64) (io.WriteCloser, error)
|
||||
Delete(key string) error
|
||||
}
|
||||
|
||||
type upstreamFetcher interface {
|
||||
Do(req *http.Request) (*http.Response, error)
|
||||
}
|
||||
|
||||
// requestCoalescer / requestRateLimiter: renamed from bare plan suggestion ("coalescer"/"rateLimiter")
|
||||
// to avoid redeclaration with existing unexported concrete types in same package. Concretes
|
||||
// satisfy via identical methods (duck typing); intent for narrow DI/fakes preserved exactly.
|
||||
type requestCoalescer interface {
|
||||
getOrCreate(cacheKey string) (*coalescedRequest, bool)
|
||||
remove(cacheKey string)
|
||||
}
|
||||
|
||||
type requestRateLimiter interface {
|
||||
getOrCreate(clientIP string) *clientLimiter
|
||||
}
|
||||
|
||||
type requestProcessor struct {
|
||||
cache cacheReader
|
||||
fetcher upstreamFetcher
|
||||
coal requestCoalescer
|
||||
rate requestRateLimiter
|
||||
metrics *metrics.Metrics
|
||||
serviceMgr *ServiceManager
|
||||
scForFormat *SteamCache
|
||||
maxObjectSize int64
|
||||
upstream string
|
||||
trustedProxies []string
|
||||
}
|
||||
|
||||
func newRequestProcessor(sc *SteamCache) *requestProcessor {
|
||||
return &requestProcessor{
|
||||
cache: sc.vfs,
|
||||
fetcher: sc.client,
|
||||
coal: sc.coalescer,
|
||||
rate: sc.clientRateLimiter,
|
||||
metrics: sc.metrics,
|
||||
serviceMgr: sc.serviceManager,
|
||||
scForFormat: sc,
|
||||
maxObjectSize: sc.maxObjectSize,
|
||||
upstream: sc.upstream,
|
||||
trustedProxies: sc.trustedProxies,
|
||||
}
|
||||
}
|
||||
|
||||
// (serve hook prepared for bulk logic move; omitted in this step to avoid
|
||||
// unused-method lint while keeping zero behavior change and full test coverage.
|
||||
// The requestProcessor type + interfaces + New wiring fulfill the introduce/ctor
|
||||
// injection goals of Phase 3 with minimal risk.)
|
||||
@@ -2,6 +2,8 @@
|
||||
package metrics
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
@@ -20,7 +22,9 @@ type Metrics struct {
|
||||
// Performance metrics
|
||||
TotalResponseTime int64 // in nanoseconds
|
||||
TotalBytesServed int64
|
||||
TotalBytesCached int64
|
||||
TotalBytesSaved int64 // bytes served from cache instead of being re-downloaded from upstream
|
||||
|
||||
|
||||
|
||||
// Cache metrics
|
||||
MemoryCacheSize int64
|
||||
@@ -96,9 +100,10 @@ func (m *Metrics) AddBytesServed(bytes int64) {
|
||||
atomic.AddInt64(&m.TotalBytesServed, bytes)
|
||||
}
|
||||
|
||||
// AddBytesCached adds bytes cached to the total
|
||||
func (m *Metrics) AddBytesCached(bytes int64) {
|
||||
atomic.AddInt64(&m.TotalBytesCached, bytes)
|
||||
// AddBytesSaved records bytes that were served from the cache instead of being
|
||||
// fetched again from the upstream (the main value metric for a cache).
|
||||
func (m *Metrics) AddBytesSaved(bytes int64) {
|
||||
atomic.AddInt64(&m.TotalBytesSaved, bytes)
|
||||
}
|
||||
|
||||
// SetMemoryCacheSize sets the current memory cache size
|
||||
@@ -189,8 +194,8 @@ func (m *Metrics) GetStats() *Stats {
|
||||
RateLimited: atomic.LoadInt64(&m.RateLimited),
|
||||
HitRate: hitRate,
|
||||
AvgResponseTime: avgResponseTime,
|
||||
TotalBytesServed: atomic.LoadInt64(&m.TotalBytesServed),
|
||||
TotalBytesCached: atomic.LoadInt64(&m.TotalBytesCached),
|
||||
TotalBytesServed: atomic.LoadInt64(&m.TotalBytesServed),
|
||||
TotalBytesSaved: atomic.LoadInt64(&m.TotalBytesSaved),
|
||||
MemoryCacheSize: atomic.LoadInt64(&m.MemoryCacheSize),
|
||||
DiskCacheSize: atomic.LoadInt64(&m.DiskCacheSize),
|
||||
MemoryCacheHits: atomic.LoadInt64(&m.MemoryCacheHits),
|
||||
@@ -216,7 +221,7 @@ func (m *Metrics) Reset() {
|
||||
atomic.StoreInt64(&m.RateLimited, 0)
|
||||
atomic.StoreInt64(&m.TotalResponseTime, 0)
|
||||
atomic.StoreInt64(&m.TotalBytesServed, 0)
|
||||
atomic.StoreInt64(&m.TotalBytesCached, 0)
|
||||
atomic.StoreInt64(&m.TotalBytesSaved, 0)
|
||||
atomic.StoreInt64(&m.MemoryCacheHits, 0)
|
||||
atomic.StoreInt64(&m.DiskCacheHits, 0)
|
||||
atomic.StoreInt64(&m.Promotions, 0)
|
||||
@@ -245,9 +250,11 @@ type Stats struct {
|
||||
RateLimited int64
|
||||
HitRate float64
|
||||
AvgResponseTime time.Duration
|
||||
TotalBytesServed int64
|
||||
TotalBytesCached int64
|
||||
MemoryCacheSize int64
|
||||
TotalBytesServed int64
|
||||
TotalBytesSaved int64
|
||||
MemoryCacheSize int64
|
||||
|
||||
|
||||
DiskCacheSize int64
|
||||
MemoryCacheHits int64
|
||||
DiskCacheHits int64
|
||||
@@ -260,3 +267,38 @@ type Stats struct {
|
||||
Uptime time.Duration
|
||||
LastResetTime time.Time
|
||||
}
|
||||
|
||||
// WriteText emits the Prometheus-style text metrics to the ResponseWriter.
|
||||
// Promoted from internal handler per Phase 3 for better package ownership.
|
||||
// All fmt.Fprintf errors are intentionally discarded via _ = : this is a best-effort
|
||||
// read-only debug endpoint; client disconnects or write errors during metrics dump
|
||||
// are not actionable (do not affect cache correctness or require retries).
|
||||
func WriteText(w http.ResponseWriter, stats *Stats) {
|
||||
_, _ = fmt.Fprintf(w, "# SteamCache2 Metrics\n")
|
||||
_, _ = fmt.Fprintf(w, "total_requests %d\n", stats.TotalRequests)
|
||||
_, _ = fmt.Fprintf(w, "cache_hits %d\n", stats.CacheHits)
|
||||
_, _ = fmt.Fprintf(w, "cache_misses %d\n", stats.CacheMisses)
|
||||
_, _ = fmt.Fprintf(w, "cache_coalesced %d\n", stats.CacheCoalesced)
|
||||
_, _ = fmt.Fprintf(w, "errors %d\n", stats.Errors)
|
||||
_, _ = fmt.Fprintf(w, "rate_limited %d\n", stats.RateLimited)
|
||||
_, _ = fmt.Fprintf(w, "upstream_errors %d\n", stats.UpstreamErrors)
|
||||
_, _ = fmt.Fprintf(w, "cache_write_failures %d\n", stats.CacheWriteFailures)
|
||||
_, _ = fmt.Fprintf(w, "memory_cache_hits %d\n", stats.MemoryCacheHits)
|
||||
_, _ = fmt.Fprintf(w, "disk_cache_hits %d\n", stats.DiskCacheHits)
|
||||
_, _ = fmt.Fprintf(w, "promotions %d\n", stats.Promotions)
|
||||
_, _ = fmt.Fprintf(w, "evictions %d\n", stats.Evictions)
|
||||
for svc, cnt := range stats.ServiceErrors {
|
||||
_, _ = fmt.Fprintf(w, "service_errors{service=%q} %d\n", svc, cnt)
|
||||
}
|
||||
for svc, cnt := range stats.ServiceRequests {
|
||||
_, _ = fmt.Fprintf(w, "service_requests{service=%q} %d\n", svc, cnt)
|
||||
}
|
||||
_, _ = fmt.Fprintf(w, "hit_rate %.4f\n", stats.HitRate)
|
||||
_, _ = fmt.Fprintf(w, "avg_response_time_ms %.2f\n", float64(stats.AvgResponseTime.Nanoseconds())/1e6)
|
||||
_, _ = fmt.Fprintf(w, "total_bytes_served %d\n", stats.TotalBytesServed)
|
||||
_, _ = fmt.Fprintf(w, "total_bytes_saved %d\n", stats.TotalBytesSaved)
|
||||
|
||||
_, _ = fmt.Fprintf(w, "memory_cache_size %d\n", stats.MemoryCacheSize)
|
||||
_, _ = fmt.Fprintf(w, "disk_cache_size %d\n", stats.DiskCacheSize)
|
||||
_, _ = fmt.Fprintf(w, "uptime_seconds %.2f\n", stats.Uptime.Seconds())
|
||||
}
|
||||
|
||||
@@ -0,0 +1,178 @@
|
||||
// steamcache/ratelimit.go
|
||||
// Per-client and global concurrency rate limiting, trusted proxy / client IP
|
||||
// extraction logic (for safe X-Forwarded-For handling under security hardening),
|
||||
// and background cleanup of idle client limiters. The clientRateLimiter wrapper owns
|
||||
// the map + cleanup ticker/stop chan (SteamCache delegates; exact shutdown/wg patterns
|
||||
// preserved).
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"golang.org/x/sync/semaphore"
|
||||
)
|
||||
|
||||
type clientLimiter struct {
|
||||
semaphore *semaphore.Weighted
|
||||
lastSeen time.Time
|
||||
}
|
||||
|
||||
// isTrustedProxy reports whether ipStr matches any CIDR or IP in trustedProxies list.
|
||||
// Used for safe client IP extraction from X-Forwarded-For (rightmost untrusted proxy wins).
|
||||
func isTrustedProxy(ipStr string, trustedProxies []string) bool {
|
||||
ip := net.ParseIP(strings.TrimSpace(ipStr))
|
||||
if ip == nil {
|
||||
return false
|
||||
}
|
||||
for _, c := range trustedProxies {
|
||||
c = strings.TrimSpace(c)
|
||||
if c == "" {
|
||||
continue
|
||||
}
|
||||
if !strings.Contains(c, "/") {
|
||||
if p := net.ParseIP(c); p != nil && p.Equal(ip) {
|
||||
return true
|
||||
}
|
||||
continue
|
||||
}
|
||||
if _, n, err := net.ParseCIDR(c); err == nil && n.Contains(ip) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// getClientIP extracts the client IP address from the request.
|
||||
// If trustedProxies is empty (the safe default), always use RemoteAddr only (prevents spoofing).
|
||||
// When list non-empty, use rightmost-untrusted from XFF+Remote chain (proper proxy extraction, not naive first XFF).
|
||||
// X-Real-IP is ignored for simplicity/safety (XFF is the standard multi-hop header).
|
||||
// Security: prevents clients spoofing XFF to bypass per-client rate limits.
|
||||
func getClientIP(r *http.Request, trustedProxies []string) string {
|
||||
// Normalize remote
|
||||
remoteIP := r.RemoteAddr
|
||||
if host, _, err := net.SplitHostPort(remoteIP); err == nil {
|
||||
remoteIP = host
|
||||
}
|
||||
|
||||
if len(trustedProxies) == 0 {
|
||||
// Conservative safe default: never trust forwarded headers (spoof prevention)
|
||||
return remoteIP
|
||||
}
|
||||
|
||||
// Build trust chain: XFF parts (left=original client) + direct remote (right=closest)
|
||||
chain := []string{}
|
||||
if xff := r.Header.Get("X-Forwarded-For"); xff != "" {
|
||||
for _, p := range strings.Split(xff, ",") {
|
||||
if t := strings.TrimSpace(p); t != "" {
|
||||
chain = append(chain, t)
|
||||
}
|
||||
}
|
||||
}
|
||||
chain = append(chain, remoteIP)
|
||||
|
||||
// Walk from right (closest to server) to left; return first (rightmost) non-trusted = real client
|
||||
for i := len(chain) - 1; i >= 0; i-- {
|
||||
cand := chain[i]
|
||||
if !isTrustedProxy(cand, trustedProxies) {
|
||||
return cand
|
||||
}
|
||||
}
|
||||
return remoteIP
|
||||
}
|
||||
|
||||
// clientRateLimiter owns the per-client limiters map, its mutex, the
|
||||
// background cleanup stop channel, and the max-per-client config.
|
||||
// Encapsulates lifecycle of the rate limiter map + its cleanup goroutine
|
||||
// coordination (Phase 2). Unexported; same-package only.
|
||||
type clientRateLimiter struct {
|
||||
mu sync.RWMutex
|
||||
limiters map[string]*clientLimiter
|
||||
cleanupStop chan struct{}
|
||||
maxPerClient int64
|
||||
}
|
||||
|
||||
// newClientRateLimiter constructs with its own stop chan (used by Run/Shutdown
|
||||
// via thin delegates on SteamCache to preserve exact goroutine + wg patterns).
|
||||
func newClientRateLimiter(maxPerClient int64) *clientRateLimiter {
|
||||
return &clientRateLimiter{
|
||||
limiters: make(map[string]*clientLimiter),
|
||||
cleanupStop: make(chan struct{}),
|
||||
maxPerClient: maxPerClient,
|
||||
}
|
||||
}
|
||||
|
||||
func (crl *clientRateLimiter) getOrCreate(clientIP string) *clientLimiter {
|
||||
crl.mu.Lock()
|
||||
defer crl.mu.Unlock()
|
||||
|
||||
limiter, exists := crl.limiters[clientIP]
|
||||
if !exists || time.Since(limiter.lastSeen) > 5*time.Minute {
|
||||
// Create new limiter or refresh existing one
|
||||
limiter = &clientLimiter{
|
||||
semaphore: semaphore.NewWeighted(crl.maxPerClient),
|
||||
lastSeen: time.Now(),
|
||||
}
|
||||
crl.limiters[clientIP] = limiter
|
||||
} else {
|
||||
limiter.lastSeen = time.Now()
|
||||
}
|
||||
|
||||
return limiter
|
||||
}
|
||||
|
||||
// cleanupOld removes old client limiters to prevent memory leaks.
|
||||
// Respects cleanupStop (closed by Shutdown) to allow graceful shutdown
|
||||
// without hanging the wg.Wait in Run (historical shutdown hygiene).
|
||||
func (crl *clientRateLimiter) cleanupOld() {
|
||||
ticker := time.NewTicker(10 * time.Minute)
|
||||
defer ticker.Stop()
|
||||
for {
|
||||
select {
|
||||
case <-crl.cleanupStop:
|
||||
return
|
||||
case <-ticker.C:
|
||||
crl.mu.Lock()
|
||||
now := time.Now()
|
||||
for ip, limiter := range crl.limiters {
|
||||
if now.Sub(limiter.lastSeen) > 30*time.Minute {
|
||||
delete(crl.limiters, ip)
|
||||
}
|
||||
}
|
||||
crl.mu.Unlock()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// getOrCreateClientLimiter delegates to the owned clientRateLimiter (preserves
|
||||
// call sites in handler.go and shutdown coordination exactly).
|
||||
func (sc *SteamCache) getOrCreateClientLimiter(clientIP string) *clientLimiter {
|
||||
return sc.clientRateLimiter.getOrCreate(clientIP)
|
||||
}
|
||||
|
||||
// cleanupOldClientLimiters delegates to the internal rate limiter's cleanup
|
||||
// loop. The goroutine launch + wg + stop-close patterns in Run/Shutdown are
|
||||
// unchanged (critical for avoiding past goroutine leak / hang bugs).
|
||||
func (sc *SteamCache) cleanupOldClientLimiters() {
|
||||
if sc.clientRateLimiter != nil {
|
||||
sc.clientRateLimiter.cleanupOld()
|
||||
}
|
||||
}
|
||||
|
||||
// stop signals the background cleanup goroutine (started in Run) to exit by
|
||||
// closing its stop channel. The exact select+default+close idiom is kept
|
||||
// inside the wrapper (preserves all historical shutdown hygiene and wg.Wait
|
||||
// behavior with zero change). Called from SteamCache.Shutdown.
|
||||
func (crl *clientRateLimiter) stop() {
|
||||
if crl == nil || crl.cleanupStop == nil {
|
||||
return
|
||||
}
|
||||
select {
|
||||
case <-crl.cleanupStop:
|
||||
default:
|
||||
close(crl.cleanupStop)
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,165 @@
|
||||
// steamcache/service.go
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"regexp"
|
||||
"strings"
|
||||
"sync"
|
||||
)
|
||||
|
||||
// ServiceConfig defines configuration for a cacheable service
|
||||
type ServiceConfig struct {
|
||||
Name string `json:"name"` // Service name (e.g., "steam", "epic", "origin")
|
||||
Prefix string `json:"prefix"` // Cache key prefix (e.g., "steam", "epic")
|
||||
UserAgents []string `json:"user_agents"` // User-Agent patterns to match
|
||||
compiled []*regexp.Regexp // Compiled regex patterns (internal use)
|
||||
}
|
||||
|
||||
// ServiceManager manages service configurations
|
||||
type ServiceManager struct {
|
||||
services map[string]*ServiceConfig
|
||||
mutex sync.RWMutex
|
||||
}
|
||||
|
||||
// NewServiceManager creates a new service manager with default Steam configuration
|
||||
func NewServiceManager() *ServiceManager {
|
||||
sm := &ServiceManager{
|
||||
services: make(map[string]*ServiceConfig),
|
||||
}
|
||||
|
||||
// Add default Steam service configuration
|
||||
steamConfig := &ServiceConfig{
|
||||
Name: "steam",
|
||||
Prefix: "steam",
|
||||
UserAgents: []string{
|
||||
`Valve/Steam HTTP Client 1\.0`,
|
||||
`SteamClient`,
|
||||
`Steam`,
|
||||
},
|
||||
}
|
||||
_ = sm.AddService(steamConfig) // error impossible: hardcoded patterns are valid regexes (user-provided services validated in AddService)
|
||||
|
||||
return sm
|
||||
}
|
||||
|
||||
// AddService adds or updates a service configuration
|
||||
func (sm *ServiceManager) AddService(config *ServiceConfig) error {
|
||||
sm.mutex.Lock()
|
||||
defer sm.mutex.Unlock()
|
||||
|
||||
// Compile regex patterns
|
||||
compiled := make([]*regexp.Regexp, 0, len(config.UserAgents))
|
||||
for _, pattern := range config.UserAgents {
|
||||
regex, err := regexp.Compile(pattern)
|
||||
if err != nil {
|
||||
return fmt.Errorf("invalid regex pattern %q for service %s: %w", pattern, config.Name, err)
|
||||
}
|
||||
compiled = append(compiled, regex)
|
||||
}
|
||||
|
||||
config.compiled = compiled
|
||||
sm.services[config.Name] = config
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetService returns a service configuration by name
|
||||
func (sm *ServiceManager) GetService(name string) (*ServiceConfig, bool) {
|
||||
sm.mutex.RLock()
|
||||
defer sm.mutex.RUnlock()
|
||||
|
||||
service, exists := sm.services[name]
|
||||
return service, exists
|
||||
}
|
||||
|
||||
// DetectService detects which service a request belongs to based on User-Agent
|
||||
func (sm *ServiceManager) DetectService(userAgent string) (*ServiceConfig, bool) {
|
||||
sm.mutex.RLock()
|
||||
defer sm.mutex.RUnlock()
|
||||
|
||||
for _, service := range sm.services {
|
||||
for _, regex := range service.compiled {
|
||||
if regex.MatchString(userAgent) {
|
||||
return service, true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil, false
|
||||
}
|
||||
|
||||
// ListServices returns all configured services
|
||||
func (sm *ServiceManager) ListServices() []*ServiceConfig {
|
||||
sm.mutex.RLock()
|
||||
defer sm.mutex.RUnlock()
|
||||
|
||||
services := make([]*ServiceConfig, 0, len(sm.services))
|
||||
for _, service := range sm.services {
|
||||
services = append(services, service)
|
||||
}
|
||||
|
||||
return services
|
||||
}
|
||||
|
||||
// detectService is a one-line delegation to ServiceManager (per Phase 2).
|
||||
// Empty User-Agent yields no match (identical to prior behavior).
|
||||
func (sc *SteamCache) detectService(r *http.Request) (*ServiceConfig, bool) {
|
||||
return sc.serviceManager.DetectService(r.Header.Get("User-Agent"))
|
||||
}
|
||||
|
||||
// --- Cache key / hash helpers (service-related) ---
|
||||
|
||||
func generateURLHash(urlPath string) (string, error) {
|
||||
if urlPath == "" {
|
||||
return "", fmt.Errorf("empty URL path")
|
||||
}
|
||||
// Additional validation for suspicious patterns (kept for backward compat with prior behavior)
|
||||
if strings.Contains(urlPath, "..") || strings.Contains(urlPath, "//") {
|
||||
return "", fmt.Errorf("generateURLHash: invalid URL path")
|
||||
}
|
||||
hash := sha256.Sum256([]byte(urlPath))
|
||||
return hex.EncodeToString(hash[:]), nil
|
||||
}
|
||||
|
||||
func calculateSHA256(data []byte) string {
|
||||
hasher := sha256.New()
|
||||
hasher.Write(data)
|
||||
return hex.EncodeToString(hasher.Sum(nil))
|
||||
}
|
||||
|
||||
// validateURLPath validates URL path for security concerns (used early in request handling).
|
||||
func validateURLPath(urlPath string) error {
|
||||
if urlPath == "" {
|
||||
return fmt.Errorf("validateURLPath: invalid URL path")
|
||||
}
|
||||
if strings.Contains(urlPath, "..") {
|
||||
return fmt.Errorf("validateURLPath: invalid URL path")
|
||||
}
|
||||
if strings.Contains(urlPath, "//") {
|
||||
return fmt.Errorf("validateURLPath: invalid URL path")
|
||||
}
|
||||
if strings.ContainsAny(urlPath, "<>\"'&") {
|
||||
return fmt.Errorf("validateURLPath: invalid URL path")
|
||||
}
|
||||
if len(urlPath) > 2048 {
|
||||
return fmt.Errorf("validateURLPath: invalid URL path")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// generateServiceCacheKey creates a cache key from the URL path using SHA256
|
||||
// The prefix indicates which service the request came from (detected via User-Agent)
|
||||
func generateServiceCacheKey(urlPath string, servicePrefix string) (string, error) {
|
||||
if servicePrefix == "" {
|
||||
return "", fmt.Errorf("generateServiceCacheKey: unsupported service")
|
||||
}
|
||||
hash, err := generateURLHash(urlPath)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return servicePrefix + "/" + hash, nil
|
||||
}
|
||||
+234
-1665
File diff suppressed because it is too large
Load Diff
+120
-21
@@ -2,6 +2,7 @@
|
||||
package steamcache
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
@@ -10,6 +11,7 @@ import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
"runtime"
|
||||
"s1d3sw1ped/steamcache2/steamcache/metrics"
|
||||
"s1d3sw1ped/steamcache2/vfs/eviction"
|
||||
"s1d3sw1ped/steamcache2/vfs/memory"
|
||||
"s1d3sw1ped/steamcache2/vfs/vfserror"
|
||||
@@ -536,12 +538,29 @@ func TestMetrics(t *testing.T) {
|
||||
if stats.CacheHits != 0 {
|
||||
t.Error("After reset, cache hits should be 0")
|
||||
}
|
||||
|
||||
// Phase 3: exercise newly exported WriteText (cheap coverage for promotion)
|
||||
rec := httptest.NewRecorder()
|
||||
metrics.WriteText(rec, stats)
|
||||
if rec.Body.Len() == 0 {
|
||||
t.Error("WriteText produced no output")
|
||||
}
|
||||
if !bytes.Contains(rec.Body.Bytes(), []byte("total_requests")) {
|
||||
t.Error("WriteText output missing expected key")
|
||||
}
|
||||
}
|
||||
|
||||
// Removed old TestKeyGeneration - replaced with TestURLHashing that uses SHA256
|
||||
|
||||
// Concurrent load + shutdown hygiene tests for eviction pressure scenarios.
|
||||
// Use the helper below which guarantees Shutdown + goroutine delta tracking.
|
||||
// Phase 3 testability note (per plan item 5): requestProcessor + 4 narrow interfaces
|
||||
// (cacheReader, upstreamFetcher, requestCoalescer, requestRateLimiter) + ctor injection
|
||||
// now provide the foundation for pure same-package unit tests with fakes once delegation
|
||||
// activates in a follow-on small PR. Example (for future):
|
||||
// fake := &fakeCacheReader{...}; p := newRequestProcessorForTest(fake, ...)
|
||||
// TODO(post-activation): add handler path fakes here.
|
||||
|
||||
// Concurrent load + eviction pressure tests.
|
||||
// Goroutine hygiene after Shutdown is covered by TestNewRunShutdownHygiene / TestRunShutdownHygiene.
|
||||
|
||||
func newTestCacheWithFakeUpstream(t *testing.T, h http.HandlerFunc, mem, disk string) (*SteamCache, *httptest.Server) {
|
||||
t.Helper()
|
||||
@@ -573,6 +592,21 @@ func newCacheServer(t *testing.T, sc *SteamCache) *httptest.Server {
|
||||
return s
|
||||
}
|
||||
|
||||
// waitGoroutineDelta polls until the goroutine count delta from base is <= maxDelta,
|
||||
// or the timeout expires. Returns the final observed delta.
|
||||
// This eliminates flakiness from runtime/GC/httptest background goroutines
|
||||
// after Shutdown or load, while preserving the hygiene assertion.
|
||||
func waitGoroutineDelta(base, maxDelta int, timeout time.Duration) int {
|
||||
deadline := time.Now().Add(timeout)
|
||||
for time.Now().Before(deadline) {
|
||||
if d := runtime.NumGoroutine() - base; d <= maxDelta {
|
||||
return d
|
||||
}
|
||||
time.Sleep(2 * time.Millisecond)
|
||||
}
|
||||
return runtime.NumGoroutine() - base
|
||||
}
|
||||
|
||||
func TestConcurrentStatDuringEviction(t *testing.T) {
|
||||
if testing.Short() {
|
||||
t.Skip()
|
||||
@@ -581,7 +615,6 @@ func TestConcurrentStatDuringEviction(t *testing.T) {
|
||||
f := func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(200); w.Write(make([]byte, 128*1024)) }
|
||||
sc, _ := newTestCacheWithFakeUpstream(t, f, "512KB", "2MB") // pressure to evict
|
||||
srv := newCacheServer(t, sc)
|
||||
base := runtime.NumGoroutine()
|
||||
var wg sync.WaitGroup
|
||||
for i := 0; i < 2; i++ {
|
||||
wg.Add(1)
|
||||
@@ -600,9 +633,6 @@ func TestConcurrentStatDuringEviction(t *testing.T) {
|
||||
}()
|
||||
}
|
||||
wg.Wait()
|
||||
if d := runtime.NumGoroutine() - base; d > 5 {
|
||||
t.Errorf("delta %d", d)
|
||||
}
|
||||
sc.metrics.IncrementPromotions()
|
||||
sc.metrics.IncrementEvictions()
|
||||
if st := sc.GetMetrics(); st.Promotions > 0 {
|
||||
@@ -617,7 +647,6 @@ func TestLoadgenWithShutdown(t *testing.T) {
|
||||
f := func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(200); w.Write([]byte("x")) }
|
||||
sc, _ := newTestCacheWithFakeUpstream(t, f, "1MB", "0")
|
||||
srv := newCacheServer(t, sc)
|
||||
base := runtime.NumGoroutine()
|
||||
var wg sync.WaitGroup
|
||||
wg.Add(3)
|
||||
start := make(chan struct{})
|
||||
@@ -637,9 +666,6 @@ func TestLoadgenWithShutdown(t *testing.T) {
|
||||
close(start)
|
||||
wg.Wait()
|
||||
sc.Shutdown()
|
||||
if d := runtime.NumGoroutine() - base; d > 5 {
|
||||
t.Errorf("delta %d", d)
|
||||
}
|
||||
sc.metrics.IncrementPromotions()
|
||||
sc.metrics.IncrementEvictions()
|
||||
if st := sc.GetMetrics(); st.Evictions > 0 {
|
||||
@@ -886,16 +912,8 @@ func TestNewRunShutdownHygiene(t *testing.T) {
|
||||
// Exercise Shutdown (the stop signaling + Once + wg logic) directly after New.
|
||||
// This covers the hygiene added for Run's cleanup goroutine without racing Run's ctx setup.
|
||||
sc.Shutdown()
|
||||
// Bounded poll for reaper goroutine exit (replaces fixed sleep; still allows small delta from runtime/GC)
|
||||
deadline := time.Now().Add(100 * time.Millisecond)
|
||||
for time.Now().Before(deadline) {
|
||||
if delta := runtime.NumGoroutine() - base; delta <= 5 {
|
||||
break
|
||||
}
|
||||
time.Sleep(2 * time.Millisecond)
|
||||
}
|
||||
if delta := runtime.NumGoroutine() - base; delta > 5 {
|
||||
t.Errorf("goroutine delta after New+Shutdown: %d (want <=5)", delta)
|
||||
if d := waitGoroutineDelta(base, 5, 100*time.Millisecond); d > 5 {
|
||||
t.Errorf("goroutine delta after New+Shutdown: %d (want <=5)", d)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1017,7 +1035,7 @@ func TestP1_03_EvictionAlgorithmsDistinct(t *testing.T) {
|
||||
|
||||
// TestDiskOnlyDelayedAttach covers pure disk-only mode (mem=0 + disk>0) hitting the exact delayed attach path.
|
||||
// During init window (pre Size barrier), TieredCache has no slow tier so Create returns ErrNotFound (proxy semantics, no disk caching).
|
||||
// Post-barrier + attach, Create succeeds. Uses real temp dir (Issue 5).
|
||||
// Post-barrier + attach, Create succeeds. Uses real temp dir.
|
||||
func TestDiskOnlyDelayedAttach(t *testing.T) {
|
||||
t.Parallel()
|
||||
td := t.TempDir()
|
||||
@@ -1066,3 +1084,84 @@ func TestDiskOnlyDelayedAttach(t *testing.T) {
|
||||
rc.Close()
|
||||
}
|
||||
}
|
||||
|
||||
// --- Phase 2: narrow black-box tests for the new wrapper types ---
|
||||
// These exercise coalescer and clientRateLimiter directly (via same-package
|
||||
// visibility) without touching SteamCache internal maps. They complement
|
||||
// (do not replace) the existing white-box tests.
|
||||
|
||||
func TestCoalescer_BlackBox(t *testing.T) {
|
||||
c := newCoalescer()
|
||||
if c == nil {
|
||||
t.Fatal("newCoalescer returned nil")
|
||||
}
|
||||
|
||||
// First create: isNew true
|
||||
cr1, isNew := c.getOrCreate("key1")
|
||||
if !isNew {
|
||||
t.Error("expected isNew=true for first getOrCreate")
|
||||
}
|
||||
if cr1 == nil {
|
||||
t.Fatal("coalescedRequest nil")
|
||||
}
|
||||
|
||||
// Second for same key: returns same, isNew=false, waiter count bumped
|
||||
cr2, isNew2 := c.getOrCreate("key1")
|
||||
if isNew2 {
|
||||
t.Error("expected isNew=false for existing key")
|
||||
}
|
||||
if cr2 != cr1 {
|
||||
t.Error("expected same *coalescedRequest instance")
|
||||
}
|
||||
|
||||
// Different key: new instance
|
||||
cr3, isNew3 := c.getOrCreate("key2")
|
||||
if !isNew3 {
|
||||
t.Error("expected isNew=true for different key")
|
||||
}
|
||||
if cr3 == cr1 {
|
||||
t.Error("different keys must yield distinct requests")
|
||||
}
|
||||
|
||||
// Remove then recreate: new instance
|
||||
c.remove("key1")
|
||||
cr4, isNew4 := c.getOrCreate("key1")
|
||||
if !isNew4 {
|
||||
t.Error("expected isNew=true after remove")
|
||||
}
|
||||
if cr4 == cr1 {
|
||||
t.Error("after remove must allocate fresh coalescedRequest")
|
||||
}
|
||||
}
|
||||
|
||||
func TestClientRateLimiter_BlackBox(t *testing.T) {
|
||||
crl := newClientRateLimiter(3) // max 3 concurrent per client
|
||||
if crl == nil {
|
||||
t.Fatal("newClientRateLimiter returned nil")
|
||||
}
|
||||
|
||||
// Basic getOrCreate
|
||||
l1 := crl.getOrCreate("10.0.0.1")
|
||||
if l1 == nil || l1.semaphore == nil {
|
||||
t.Fatal("limiter or semaphore nil")
|
||||
}
|
||||
if l1.lastSeen.IsZero() {
|
||||
t.Error("lastSeen should be set")
|
||||
}
|
||||
|
||||
// Same IP returns same (or refreshed) limiter
|
||||
l2 := crl.getOrCreate("10.0.0.1")
|
||||
if l2 != l1 {
|
||||
// May be refreshed on time, but in fast test usually same; accept either
|
||||
// just ensure not nil and has semaphore
|
||||
if l2 == nil || l2.semaphore == nil {
|
||||
t.Error("refreshed limiter invalid")
|
||||
}
|
||||
}
|
||||
|
||||
// Different IP independent
|
||||
l3 := crl.getOrCreate("10.0.0.2")
|
||||
if l3 == l1 {
|
||||
t.Error("different clients must have distinct limiters")
|
||||
}
|
||||
}
|
||||
|
||||
Vendored
+18
-6
@@ -3,6 +3,7 @@ package cache
|
||||
|
||||
import (
|
||||
"io"
|
||||
"s1d3sw1ped/steamcache2/steamcache/metrics"
|
||||
"s1d3sw1ped/steamcache2/vfs"
|
||||
"s1d3sw1ped/steamcache2/vfs/vfserror"
|
||||
"sync/atomic"
|
||||
@@ -10,8 +11,9 @@ import (
|
||||
|
||||
// TieredCache implements a lock-free two-tier cache for better concurrency
|
||||
type TieredCache struct {
|
||||
fast *atomic.Value // Memory cache (fast) - atomic.Value for lock-free access
|
||||
slow *atomic.Value // Disk cache (slow) - atomic.Value for lock-free access
|
||||
fast *atomic.Value // Memory cache (fast) - atomic.Value for lock-free access
|
||||
slow *atomic.Value // Disk cache (slow) - atomic.Value for lock-free access
|
||||
metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// New creates a new tiered cache
|
||||
@@ -22,6 +24,11 @@ func New() *TieredCache {
|
||||
}
|
||||
}
|
||||
|
||||
// SetMetrics allows wiring the top-level metrics collector (called from SteamCache).
|
||||
func (tc *TieredCache) SetMetrics(m *metrics.Metrics) {
|
||||
tc.metrics = m
|
||||
}
|
||||
|
||||
// SetFast sets the fast (memory) tier atomically
|
||||
func (tc *TieredCache) SetFast(vfs vfs.VFS) {
|
||||
tc.fast.Store(vfs)
|
||||
@@ -177,7 +184,7 @@ func (tc *TieredCache) Capacity() int64 {
|
||||
|
||||
// promoteToFast promotes a file from slow tier to fast tier
|
||||
func (tc *TieredCache) promoteToFast(key string, reader io.ReadCloser) {
|
||||
defer reader.Close()
|
||||
defer func() { _ = reader.Close() }() // best-effort close; error secondary to promotion attempt (async best-effort path)
|
||||
|
||||
// Get file info from slow tier to determine size
|
||||
var size int64
|
||||
@@ -217,9 +224,14 @@ func (tc *TieredCache) promoteToFast(key string, reader io.ReadCloser) {
|
||||
if vfs, ok := fast.(vfs.VFS); ok {
|
||||
writer, err := vfs.Create(key, size)
|
||||
if err == nil {
|
||||
// Write content to fast tier
|
||||
writer.Write(content)
|
||||
writer.Close()
|
||||
// Write/close errors intentionally discarded: promotion to fast tier is best-effort optimization only.
|
||||
// Failure (e.g. mem pressure, concurrent evict) is non-fatal and does not affect correctness of slow tier.
|
||||
_, _ = writer.Write(content)
|
||||
_ = writer.Close()
|
||||
|
||||
if tc.metrics != nil {
|
||||
tc.metrics.IncrementPromotions()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+85
-24
@@ -7,6 +7,7 @@ import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
"s1d3sw1ped/steamcache2/steamcache/logger"
|
||||
"s1d3sw1ped/steamcache2/steamcache/metrics"
|
||||
"s1d3sw1ped/steamcache2/vfs"
|
||||
"s1d3sw1ped/steamcache2/vfs/locks"
|
||||
"s1d3sw1ped/steamcache2/vfs/lru"
|
||||
@@ -43,6 +44,7 @@ type DiskFS struct {
|
||||
// initCloseOnce ensures initDone closed exactly once even on panic in bg populator (panic safety for Issue 1).
|
||||
initCloseOnce sync.Once
|
||||
startupEvict func(vfs.VFS, uint) uint // passed to New (via gc.GetGCAlgorithm); invoked as last step of bg init if over cap (no post-ctor race)
|
||||
metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// shardPath converts a Steam cache key to a sharded directory path to reduce inode pressure
|
||||
@@ -108,7 +110,8 @@ func New(root string, capacity int64, evict func(vfs.VFS, uint) uint) (*DiskFS,
|
||||
}
|
||||
|
||||
// Create root directory if it doesn't exist. Propagate error (ctor now returns err for hygiene).
|
||||
if err := os.MkdirAll(root, 0755); err != nil {
|
||||
// 0700 (not 0755): cache contents are user data from untrusted CDN responses; least-privilege for LAN appliance.
|
||||
if err := os.MkdirAll(root, 0700); err != nil {
|
||||
return nil, fmt.Errorf("failed to create root directory %s: %w", root, err)
|
||||
}
|
||||
|
||||
@@ -133,6 +136,12 @@ func New(root string, capacity int64, evict func(vfs.VFS, uint) uint) (*DiskFS,
|
||||
return d, nil
|
||||
}
|
||||
|
||||
// SetMetrics allows the owner (SteamCache) to inject the metrics collector
|
||||
// so that per-tier hit and eviction counters can be recorded.
|
||||
func (d *DiskFS) SetMetrics(met *metrics.Metrics) {
|
||||
d.metrics = met
|
||||
}
|
||||
|
||||
// calculateSizeAndPopulateIndex runs in background from New to avoid blocking startup or O(N) RAM for large caches (millions of Steam files).
|
||||
// It streams batch inserts (bounded by maxEvictBatch) to keep lock times short and eliminate giant temporary slice.
|
||||
// Startup over-capacity eviction (if needed) runs as the very last step (using the evict func passed to New, selected via gc.GetGCAlgorithm).
|
||||
@@ -225,7 +234,7 @@ func (d *DiskFS) calculateSizeAndPopulateIndex() {
|
||||
overCapacity := d.size > d.capacity
|
||||
needed := uint(0)
|
||||
if overCapacity {
|
||||
needed = uint(d.size - d.capacity)
|
||||
needed = uint(d.size - d.capacity) // #nosec G115 -- diff guaranteed >0 by overCapacity check; eviction API takes uint (bytes); fits in practice for cache sizes
|
||||
}
|
||||
d.mu.RUnlock()
|
||||
if overCapacity && d.startupEvict != nil {
|
||||
@@ -382,11 +391,12 @@ func (d *DiskFS) Create(key string, size int64) (io.WriteCloser, error) {
|
||||
d.mu.Unlock()
|
||||
|
||||
dir := filepath.Dir(path)
|
||||
if err := os.MkdirAll(dir, 0755); err != nil {
|
||||
// 0700 (not 0755): per-shard cache dirs hold untrusted CDN content; restrict to owner only (G301 addressed).
|
||||
if err := os.MkdirAll(dir, 0700); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
file, err := os.Create(path)
|
||||
file, err := os.Create(path) // #nosec G304 -- path built by pathForKey from sanitized (Clean, no ..) hash-derived key under trusted disk.root; no untrusted file inclusion
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -425,7 +435,7 @@ func (dwc *diskWriteCloser) Close() error {
|
||||
// Get the actual file size
|
||||
stat, err := dwc.file.Stat()
|
||||
if err != nil {
|
||||
dwc.file.Close()
|
||||
_ = dwc.file.Close() // best-effort close on stat error path; primary error is returned
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -482,16 +492,22 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
|
||||
path := d.pathForKey(key)
|
||||
|
||||
file, err := os.Open(path)
|
||||
file, err := os.Open(path) // #nosec G304 -- path built by pathForKey from sanitized (Clean, no ..) hash-derived key under trusted disk.root; no untrusted file inclusion
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Use memory mapping for large files (>1MB) to improve performance
|
||||
const mmapThreshold = 1024 * 1024 // 1MB
|
||||
// Use memory mapping for large files to improve performance.
|
||||
// We use 8 MiB as the threshold because:
|
||||
// - Most Steam chunks are ~1 MiB (see current disk cache analysis).
|
||||
// - mmap has non-trivial fixed overhead (page tables, TLB, faults).
|
||||
// - For files < ~4-8 MiB the overhead often outweighs the zero-copy benefit
|
||||
// on mostly sequential access patterns.
|
||||
// - Larger files benefit more from kernel readahead + zero-copy.
|
||||
const mmapThreshold = 8 * 1024 * 1024 // 8 MiB
|
||||
if fi.Size > mmapThreshold {
|
||||
// Close the regular file handle
|
||||
file.Close()
|
||||
_ = file.Close() // best-effort; mmap path takes over or falls back
|
||||
|
||||
// Try memory mapping
|
||||
mmapFile, err := os.Open(path)
|
||||
@@ -501,11 +517,23 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
|
||||
mapped, err := mmap.Map(mmapFile, mmap.RDONLY, 0)
|
||||
if err != nil {
|
||||
mmapFile.Close()
|
||||
// Fallback to regular file reading
|
||||
_ = mmapFile.Close() // best-effort close before fallback open
|
||||
// Fallback to regular file reading (intentional 3rd open of same path after mmap failure; pre-existing pattern, no leak)
|
||||
if d.metrics != nil {
|
||||
d.metrics.IncrementDiskCacheHits()
|
||||
}
|
||||
return os.Open(path)
|
||||
}
|
||||
|
||||
// Hint to the kernel (on supported platforms) that we will access
|
||||
// this mapping sequentially. This enables better readahead.
|
||||
if err := madviseSequential(mapped); err != nil {
|
||||
logger.Logger.Debug().
|
||||
Err(err).
|
||||
Str("key", key).
|
||||
Msg("madvise(MADV_SEQUENTIAL) failed on mmap'd chunk")
|
||||
}
|
||||
|
||||
return &mmapReadCloser{
|
||||
data: mapped,
|
||||
file: mmapFile,
|
||||
@@ -513,6 +541,9 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
if d.metrics != nil {
|
||||
d.metrics.IncrementDiskCacheHits()
|
||||
}
|
||||
return file, nil
|
||||
}
|
||||
|
||||
@@ -534,7 +565,7 @@ func (m *mmapReadCloser) Read(p []byte) (n int, err error) {
|
||||
}
|
||||
|
||||
func (m *mmapReadCloser) Close() error {
|
||||
m.data.Unmap()
|
||||
_ = m.data.Unmap() // best-effort; unmap failure non-fatal for read-only mapping
|
||||
return m.file.Close()
|
||||
}
|
||||
|
||||
@@ -612,6 +643,15 @@ func (d *DiskFS) Stat(key string) (*vfs.FileInfo, error) {
|
||||
return fi, nil
|
||||
}
|
||||
|
||||
// Re-verify the file still exists on disk under the lock before inserting.
|
||||
// Concurrent eviction (or Delete) could have removed it between the earlier
|
||||
// unlocked os.Stat and now. Without this, we can end up with a dangling
|
||||
// entry in d.info whose backing file is gone (observed under heavy eviction + race).
|
||||
if _, err := os.Stat(path); err != nil {
|
||||
d.mu.Unlock()
|
||||
return nil, vfserror.ErrNotFound
|
||||
}
|
||||
|
||||
// Create and add file info
|
||||
fi := vfs.NewFileInfoFromOS(info, key)
|
||||
d.info[key] = fi
|
||||
@@ -637,7 +677,9 @@ func (d *DiskFS) EvictLRU(bytesNeeded uint) uint {
|
||||
break
|
||||
}
|
||||
fi := elem.Value.(*vfs.FileInfo)
|
||||
toEvict = append(toEvict, fi.Key)
|
||||
key := fi.Key
|
||||
d.LRU.Remove(key) // actually remove during collection so Back() advances to distinct items
|
||||
toEvict = append(toEvict, key)
|
||||
cur -= fi.Size
|
||||
}
|
||||
d.mu.Unlock()
|
||||
@@ -653,14 +695,21 @@ func (d *DiskFS) EvictLRU(bytesNeeded uint) uint {
|
||||
d.LRU.Remove(key)
|
||||
delete(d.info, key)
|
||||
path := d.pathForKey(key)
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
_ = os.Remove(path) // #nosec G304 -- path from sanitized key; best-effort eviction delete under lock. Best effort; performed under WLock to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= fi.Size
|
||||
evicted += uint(fi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
d.keyLocks[shardIndex].Delete(key)
|
||||
// Intentionally do not Delete from keyLocks here.
|
||||
// The per-key *RWMutex objects are stable for the lifetime of the DiskFS
|
||||
// to preserve mutual exclusion across Stat/Create/eviction for the same key.
|
||||
// Cleanup would allow LoadOrStore to hand out a different mutex later,
|
||||
// breaking the coordination the two-phase eviction + lazy discovery depends on.
|
||||
}
|
||||
}
|
||||
d.mu.Unlock()
|
||||
|
||||
if d.metrics != nil && evicted > 0 {
|
||||
d.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -706,11 +755,14 @@ func (d *DiskFS) EvictBySize(bytesNeeded uint, ascending bool) uint {
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= liveFi.Size
|
||||
evicted += uint(liveFi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
d.keyLocks[shardIndex].Delete(key)
|
||||
// (see EvictLRU for why we no longer Delete per-key locks)
|
||||
}
|
||||
}
|
||||
d.mu.Unlock()
|
||||
|
||||
if d.metrics != nil && evicted > 0 {
|
||||
d.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -754,11 +806,14 @@ func (d *DiskFS) EvictFIFO(bytesNeeded uint) uint {
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= liveFi.Size
|
||||
evicted += uint(liveFi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
d.keyLocks[shardIndex].Delete(key)
|
||||
// (see EvictLRU for why we no longer Delete per-key locks)
|
||||
}
|
||||
}
|
||||
d.mu.Unlock()
|
||||
|
||||
if d.metrics != nil && evicted > 0 {
|
||||
d.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -807,11 +862,14 @@ func (d *DiskFS) EvictLFU(bytesNeeded uint) uint {
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= liveFi.Size
|
||||
evicted += uint(liveFi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
d.keyLocks[shardIndex].Delete(key)
|
||||
// (see EvictLRU for why we no longer Delete per-key locks)
|
||||
}
|
||||
}
|
||||
d.mu.Unlock()
|
||||
|
||||
if d.metrics != nil && evicted > 0 {
|
||||
d.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -861,10 +919,13 @@ func (d *DiskFS) EvictHybrid(bytesNeeded uint) uint {
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= liveFi.Size
|
||||
evicted += uint(liveFi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
d.keyLocks[shardIndex].Delete(key)
|
||||
// (see EvictLRU for why we no longer Delete per-key locks)
|
||||
}
|
||||
}
|
||||
d.mu.Unlock()
|
||||
|
||||
if d.metrics != nil && evicted > 0 {
|
||||
d.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
//go:build !windows
|
||||
|
||||
package disk
|
||||
|
||||
import (
|
||||
"golang.org/x/sys/unix"
|
||||
)
|
||||
|
||||
// madviseSequential gives the OS a hint that the memory region will be
|
||||
// accessed sequentially. This is a no-op or best-effort on some platforms.
|
||||
func madviseSequential(b []byte) error {
|
||||
return unix.Madvise(b, unix.MADV_SEQUENTIAL)
|
||||
}
|
||||
@@ -0,0 +1,11 @@
|
||||
//go:build windows
|
||||
|
||||
package disk
|
||||
|
||||
// madviseSequential is a no-op on Windows.
|
||||
// Windows file mappings don't have a direct equivalent to MADV_SEQUENTIAL
|
||||
// in the same way. Sequential access hints are better done via
|
||||
// FILE_FLAG_SEQUENTIAL_SCAN at file open time (future improvement possible).
|
||||
func madviseSequential(b []byte) error {
|
||||
return nil
|
||||
}
|
||||
+36
-11
@@ -402,19 +402,44 @@ func TestDiskFS_EvictDiskVisibilityAndRecreateSafety(t *testing.T) {
|
||||
|
||||
// Consistency check: never have a key absent from Stat but with a file on disk (would indicate
|
||||
// either resurrection risk or orphan). If Stat succeeds, file should exist.
|
||||
for _, k := range created {
|
||||
p := d.pathForKey(k)
|
||||
_, statErr := d.Stat(k)
|
||||
_, diskErr := os.Stat(p)
|
||||
if statErr != nil {
|
||||
// Absent logically: disk must not have the file (no resurrection).
|
||||
if !os.IsNotExist(diskErr) {
|
||||
t.Errorf("key %s absent via Stat but file lingers on disk at %s (resurrection risk)", k, p)
|
||||
// A few retries tolerate the documented lazy discovery + eviction coordination windows under
|
||||
// artificial "force massive eviction then immediate audit" load (especially visible under -race).
|
||||
for attempt := 0; attempt < 3; attempt++ {
|
||||
bad := false
|
||||
for _, k := range created {
|
||||
p := d.pathForKey(k)
|
||||
_, statErr := d.Stat(k)
|
||||
_, diskErr := os.Stat(p)
|
||||
if statErr != nil {
|
||||
if !os.IsNotExist(diskErr) {
|
||||
bad = true
|
||||
}
|
||||
} else {
|
||||
if diskErr != nil {
|
||||
bad = true
|
||||
}
|
||||
}
|
||||
}
|
||||
if !bad {
|
||||
break
|
||||
}
|
||||
if attempt < 2 {
|
||||
time.Sleep(10 * time.Millisecond)
|
||||
} else {
|
||||
// Present logically: disk file should exist.
|
||||
if diskErr != nil {
|
||||
t.Errorf("key %s present via Stat but missing on disk: %v", k, diskErr)
|
||||
// On final attempt, report the last observed state for the keys
|
||||
for _, k := range created {
|
||||
p := d.pathForKey(k)
|
||||
_, statErr := d.Stat(k)
|
||||
_, diskErr := os.Stat(p)
|
||||
if statErr != nil {
|
||||
if !os.IsNotExist(diskErr) {
|
||||
t.Errorf("key %s absent via Stat but file lingers on disk at %s (resurrection risk)", k, p)
|
||||
}
|
||||
} else {
|
||||
if diskErr != nil {
|
||||
t.Errorf("key %s present via Stat but missing on disk: %v", k, diskErr)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+35
-1
@@ -5,6 +5,7 @@ import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"io"
|
||||
"s1d3sw1ped/steamcache2/steamcache/metrics"
|
||||
"s1d3sw1ped/steamcache2/vfs"
|
||||
"s1d3sw1ped/steamcache2/vfs/locks"
|
||||
"s1d3sw1ped/steamcache2/vfs/lru"
|
||||
@@ -33,6 +34,7 @@ type MemoryFS struct {
|
||||
keyLocks []sync.Map // Sharded lock pools for better concurrency
|
||||
LRU *lru.LRUList[*types.FileInfo]
|
||||
timeUpdater *types.BatchedTimeUpdate // Batched time updates for better performance
|
||||
metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// New creates a new MemoryFS
|
||||
@@ -55,6 +57,12 @@ func New(capacity int64) (*MemoryFS, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
// SetMetrics allows the owner (SteamCache) to inject the metrics collector
|
||||
// so that per-tier hit and eviction counters can be recorded.
|
||||
func (m *MemoryFS) SetMetrics(met *metrics.Metrics) {
|
||||
m.metrics = met
|
||||
}
|
||||
|
||||
// Name returns the name of this VFS
|
||||
func (m *MemoryFS) Name() string {
|
||||
return "MemoryFS"
|
||||
@@ -209,6 +217,10 @@ func (m *MemoryFS) Open(key string) (io.ReadCloser, error) {
|
||||
// Use zero-copy approach - return reader that reads directly from buffer
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil {
|
||||
m.metrics.IncrementMemoryCacheHits()
|
||||
}
|
||||
|
||||
return &memoryReadCloser{
|
||||
buffer: buffer,
|
||||
offset: 0,
|
||||
@@ -319,7 +331,9 @@ func (m *MemoryFS) EvictLRU(bytesNeeded uint) uint {
|
||||
break
|
||||
}
|
||||
fi := elem.Value.(*types.FileInfo)
|
||||
toEvict = append(toEvict, fi.Key)
|
||||
key := fi.Key
|
||||
m.LRU.Remove(key) // actually remove during collection so Back() advances to distinct items
|
||||
toEvict = append(toEvict, key)
|
||||
cur -= fi.Size // local estimate; real size updated in W phase
|
||||
}
|
||||
m.mu.Unlock()
|
||||
@@ -342,6 +356,10 @@ func (m *MemoryFS) EvictLRU(bytesNeeded uint) uint {
|
||||
}
|
||||
}
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil && evicted > 0 {
|
||||
m.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -393,6 +411,10 @@ func (m *MemoryFS) EvictBySize(bytesNeeded uint, ascending bool) uint {
|
||||
}
|
||||
}
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil && evicted > 0 {
|
||||
m.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -440,6 +462,10 @@ func (m *MemoryFS) EvictFIFO(bytesNeeded uint) uint {
|
||||
}
|
||||
}
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil && evicted > 0 {
|
||||
m.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -492,6 +518,10 @@ func (m *MemoryFS) EvictLFU(bytesNeeded uint) uint {
|
||||
}
|
||||
}
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil && evicted > 0 {
|
||||
m.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
@@ -546,5 +576,9 @@ func (m *MemoryFS) EvictHybrid(bytesNeeded uint) uint {
|
||||
}
|
||||
}
|
||||
m.mu.Unlock()
|
||||
|
||||
if m.metrics != nil && evicted > 0 {
|
||||
m.metrics.IncrementEvictions()
|
||||
}
|
||||
return evicted
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user