diff options
| -rw-r--r-- | CHANGES | 26 | ||||
| -rw-r--r-- | CHANGES.ru | 29 | ||||
| -rw-r--r-- | auto/make | 28 | ||||
| -rw-r--r-- | auto/modules | 24 | ||||
| -rw-r--r-- | auto/options | 15 | ||||
| -rw-r--r-- | auto/sources | 28 | ||||
| -rw-r--r-- | src/core/nginx.h | 2 | ||||
| -rw-r--r-- | src/core/ngx_connection.h | 3 | ||||
| -rw-r--r-- | src/core/ngx_log.c | 2 | ||||
| -rw-r--r-- | src/core/ngx_log.h | 4 | ||||
| -rw-r--r-- | src/core/ngx_radix_tree.c | 2 | ||||
| -rw-r--r-- | src/event/modules/ngx_devpoll_module.c | 2 | ||||
| -rw-r--r-- | src/event/modules/ngx_eventport_module.c | 6 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_upstream_ip_hash_module.c | 5 | ||||
| -rw-r--r-- | src/http/modules/perl/nginx.pm | 2 | ||||
| -rw-r--r-- | src/http/ngx_http_request.c | 6 | ||||
| -rw-r--r-- | src/imap/ngx_imap_handler.c | 1357 | ||||
| -rw-r--r-- | src/mail/ngx_mail.c (renamed from src/imap/ngx_imap.c) | 117 | ||||
| -rw-r--r-- | src/mail/ngx_mail.h (renamed from src/imap/ngx_imap.h) | 179 | ||||
| -rw-r--r-- | src/mail/ngx_mail_auth_http_module.c (renamed from src/imap/ngx_imap_auth_http_module.c) | 415 | ||||
| -rw-r--r-- | src/mail/ngx_mail_core_module.c (renamed from src/imap/ngx_imap_core_module.c) | 357 | ||||
| -rw-r--r-- | src/mail/ngx_mail_handler.c | 1838 | ||||
| -rw-r--r-- | src/mail/ngx_mail_parse.c (renamed from src/imap/ngx_imap_parse.c) | 271 | ||||
| -rw-r--r-- | src/mail/ngx_mail_proxy_module.c (renamed from src/imap/ngx_imap_proxy_module.c) | 530 | ||||
| -rw-r--r-- | src/mail/ngx_mail_ssl_module.c (renamed from src/imap/ngx_imap_ssl_module.c) | 122 | ||||
| -rw-r--r-- | src/mail/ngx_mail_ssl_module.h (renamed from src/imap/ngx_imap_ssl_module.h) | 18 | ||||
| -rw-r--r-- | src/os/unix/ngx_process_cycle.c | 46 |
27 files changed, 3329 insertions, 2105 deletions
@@ -1,4 +1,30 @@ +Changes with nginx 0.5.15 19 Mar 2007 + + *) Feature: the mail proxy supports authenticated SMTP proxying and the + "smtp_auth", "smtp_capablities", and "xclient" directives. + Thanks to Anton Yuzhaninov and Maxim Dounin. + + *) Change: the "imap" and "auth" directives were renamed to the "mail" + and "pop3_auth" directives. + + *) Bugfix: a segmentation fault occurred in worker process if the + CRAM-MD5 authentication method was used and the APOP method was + disabled. + + *) Bugfix: if the "starttls only" directive was used in POP3 protocol, + then nginx allowed authentication without switching to the SSL mode. + + *) Bugfix: worker processes did not exit after reconfiguration and did + not rotate logs if the eventport method was used. + + *) Bugfix: a worker process may got caught in an endless loop, if the + "ip_hash" directive was used. + + *) Bugfix: now nginx does not log some alerts if eventport or /dev/poll + methods are used. + + Changes with nginx 0.5.14 23 Feb 2007 *) Bugfix: nginx ignored superfluous closing "}" in the end of diff --git a/CHANGES.ru b/CHANGES.ru index 76c7f84ee..a6729515e 100644 --- a/CHANGES.ru +++ b/CHANGES.ru @@ -1,8 +1,35 @@ +Изменения в nginx 0.5.15 19.03.2007 + + *) Добавление: почтовый прокси-сервер поддерживает аутентифицированное + SMTP-проксирование и директивы smtp_auth, smtp_capablities и + xclient. + Спасибо Антону Южанинову и Максиму Дунину. + + *) Изменение: директивы imap и auth переименованы соответственно в mail + и pop3_auth. + + *) Исправление: если использовался метод аутентификации CRAM-MD5 и не + был разрешён метод APOP, то в рабочем процессе происходил + segmentation fault. + + *) Исправление: при использовании директивы starttls only в протоколе + POP3 nginx разрешал аутентификацию без перехода в режим SSL. + + *) Исправление: рабочие процессы не выходили после переконфигурации и + не переоткрывали логи, если использовался метод eventport. + + *) Исправление: при использовании директивы ip_hash рабочий процесс мог + зациклиться. + + *) Исправление: теперь nginx не пишет в лог некоторые alert'ы, если + используются методы eventport или /dev/poll. + + Изменения в nginx 0.5.14 23.02.2007 *) Исправление: nginx игнорировал лишние закрывающие скобки "}" в конце - конфигурационноого файла. + конфигурационного файла. Изменения в nginx 0.5.13 19.02.2007 @@ -6,7 +6,7 @@ mkdir -p $NGX_OBJS/src/core $NGX_OBJS/src/event $NGX_OBJS/src/event/modules \ $NGX_OBJS/src/os/unix $NGX_OBJS/src/os/win32 \ $NGX_OBJS/src/http $NGX_OBJS/src/http/modules \ $NGX_OBJS/src/http/modules/perl \ - $NGX_OBJS/src/imap + $NGX_OBJS/src/mail ngx_objs_dir=$NGX_OBJS$ngx_regex_dirsep @@ -41,7 +41,7 @@ fi # ALL_INCS, required by the addons and by OpenWatcom C precompiled headers -ngx_incs=`echo $CORE_INCS $NGX_OBJS $HTTP_INCS $IMAP_INCS\ +ngx_incs=`echo $CORE_INCS $NGX_OBJS $HTTP_INCS $MAIL_INCS\ | sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont$ngx_include_opt\1/g" \ -e "s/\//$ngx_regex_dirsep/g"` @@ -101,26 +101,26 @@ END fi -# the imap dependences and include pathes +# the mail dependences and include pathes -if [ $IMAP = YES ]; then +if [ $MAIL = YES ]; then - ngx_all_srcs="$ngx_all_srcs $IMAP_SRCS" + ngx_all_srcs="$ngx_all_srcs $MAIL_SRCS" - ngx_deps=`echo $IMAP_DEPS \ + ngx_deps=`echo $MAIL_DEPS \ | sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont\1/g" \ -e "s/\//$ngx_regex_dirsep/g"` - ngx_incs=`echo $IMAP_INCS \ + ngx_incs=`echo $MAIL_INCS \ | sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont$ngx_include_opt\1/g" \ -e "s/\//$ngx_regex_dirsep/g"` cat << END >> $NGX_MAKEFILE -IMAP_DEPS = $ngx_deps +MAIL_DEPS = $ngx_deps -IMAP_INCS = $ngx_include_opt$ngx_incs +MAIL_INCS = $ngx_include_opt$ngx_incs END @@ -279,17 +279,17 @@ END fi -# the imap sources +# the mail sources -if [ $IMAP = YES ]; then +if [ $MAIL = YES ]; then if test -n "$NGX_PCH"; then ngx_cc="\$(CC) $ngx_compile_opt \$(CFLAGS) $ngx_use_pch \$(ALL_INCS)" else - ngx_cc="\$(CC) $ngx_compile_opt \$(CFLAGS) \$(CORE_INCS) \$(IMAP_INCS)" + ngx_cc="\$(CC) $ngx_compile_opt \$(CFLAGS) \$(CORE_INCS) \$(MAIL_INCS)" fi - for ngx_src in $IMAP_SRCS + for ngx_src in $MAIL_SRCS do ngx_src=`echo $ngx_src | sed -e "s/\//$ngx_regex_dirsep/g"` ngx_obj=`echo $ngx_src \ @@ -300,7 +300,7 @@ if [ $IMAP = YES ]; then cat << END >> $NGX_MAKEFILE -$ngx_obj: \$(CORE_DEPS) \$(IMAP_DEPS)$ngx_cont$ngx_src +$ngx_obj: \$(CORE_DEPS) \$(MAIL_DEPS)$ngx_cont$ngx_src $ngx_cc$ngx_tab$ngx_objout$ngx_obj$ngx_tab$ngx_src$NGX_AUX END diff --git a/auto/modules b/auto/modules index a298210f6..dfd6f1220 100644 --- a/auto/modules +++ b/auto/modules @@ -302,10 +302,10 @@ if test -n "$NGX_ADDONS"; then fi -if [ $IMAP_SSL = YES ]; then - IMAP_DEPS="$IMAP_DEPS $IMAP_SSL_DEPS" - IMAP_SRCS="$IMAP_SRCS $IMAP_SSL_SRCS" - have=NGX_IMAP_SSL . auto/have +if [ $MAIL_SSL = YES ]; then + MAIL_DEPS="$MAIL_DEPS $MAIL_SSL_DEPS" + MAIL_SRCS="$MAIL_SRCS $MAIL_SSL_SRCS" + have=NGX_MAIL_SSL . auto/have USE_OPENSSL=YES fi @@ -331,18 +331,18 @@ if [ $HTTP = YES ]; then fi -if [ $IMAP = YES ]; then - modules="$modules $IMAP_MODULES" +if [ $MAIL = YES ]; then + modules="$modules $MAIL_MODULES" - if [ $IMAP_SSL = YES ]; then - modules="$modules $IMAP_SSL_MODULE" + if [ $MAIL_SSL = YES ]; then + modules="$modules $MAIL_SSL_MODULE" fi - modules="$modules $IMAP_AUTH_HTTP_MODULE" - IMAP_SRCS="$IMAP_SRCS $IMAP_AUTH_HTTP_SRCS" + modules="$modules $MAIL_AUTH_HTTP_MODULE" + MAIL_SRCS="$MAIL_SRCS $MAIL_AUTH_HTTP_SRCS" - modules="$modules $IMAP_PROXY_MODULE" - IMAP_SRCS="$IMAP_SRCS $IMAP_PROXY_SRCS" + modules="$modules $MAIL_PROXY_MODULE" + MAIL_SRCS="$MAIL_SRCS $MAIL_PROXY_SRCS" fi diff --git a/auto/options b/auto/options index c0bc3b428..379bb2318 100644 --- a/auto/options +++ b/auto/options @@ -77,8 +77,8 @@ HTTP_UPSTREAM_IP_HASH=YES # STUB HTTP_STUB_STATUS=NO -IMAP=NO -IMAP_SSL=NO +MAIL=NO +MAIL_SSL=NO NGX_ADDONS= @@ -182,8 +182,11 @@ do # STUB --with-http_stub_status_module) HTTP_STUB_STATUS=YES ;; - --with-imap) IMAP=YES ;; - --with-imap_ssl_module) IMAP_SSL=YES ;; + --with-mail) MAIL=YES ;; + --with-mail_ssl_module) MAIL_SSL=YES ;; + # STUB + --with-imap) MAIL=YES ;; + --with-imap_ssl_module) MAIL_SSL=YES ;; --add-module=*) NGX_ADDONS="$NGX_ADDONS $value" ;; @@ -292,8 +295,8 @@ cat << END --without-http disable HTTP server - --with-imap enable IMAP4/POP3 proxy module - --with-imap_ssl_module enable ngx_imap_ssl_module + --with-mail enable IMAP4/POP3/SMTP proxy module + --with-mail_ssl_module enable ngx_mail_ssl_module --with-cc=PATH set path to C compiler --with-cpp=PATH set path to C preprocessor diff --git a/auto/sources b/auto/sources index 0ff1ece09..0632d39f8 100644 --- a/auto/sources +++ b/auto/sources @@ -408,23 +408,23 @@ HTTP_UPSTREAM_IP_HASH_MODULE=ngx_http_upstream_ip_hash_module HTTP_UPSTREAM_IP_HASH_SRCS=src/http/modules/ngx_http_upstream_ip_hash_module.c -IMAP_INCS="src/imap" +MAIL_INCS="src/mail" -IMAP_DEPS="src/imap/ngx_imap.h" +MAIL_DEPS="src/mail/ngx_mail.h" -IMAP_MODULES="ngx_imap_module ngx_imap_core_module" +MAIL_MODULES="ngx_mail_module ngx_mail_core_module" -IMAP_SRCS="src/imap/ngx_imap.c \ - src/imap/ngx_imap_core_module.c \ - src/imap/ngx_imap_handler.c \ - src/imap/ngx_imap_parse.c" +MAIL_SRCS="src/mail/ngx_mail.c \ + src/mail/ngx_mail_core_module.c \ + src/mail/ngx_mail_handler.c \ + src/mail/ngx_mail_parse.c" -IMAP_SSL_MODULE="ngx_imap_ssl_module" -IMAP_SSL_DEPS="src/imap/ngx_imap_ssl_module.h" -IMAP_SSL_SRCS="src/imap/ngx_imap_ssl_module.c" +MAIL_SSL_MODULE="ngx_mail_ssl_module" +MAIL_SSL_DEPS="src/mail/ngx_mail_ssl_module.h" +MAIL_SSL_SRCS="src/mail/ngx_mail_ssl_module.c" -IMAP_AUTH_HTTP_MODULE="ngx_imap_auth_http_module" -IMAP_AUTH_HTTP_SRCS="src/imap/ngx_imap_auth_http_module.c" +MAIL_AUTH_HTTP_MODULE="ngx_mail_auth_http_module" +MAIL_AUTH_HTTP_SRCS="src/mail/ngx_mail_auth_http_module.c" -IMAP_PROXY_MODULE="ngx_imap_proxy_module" -IMAP_PROXY_SRCS="src/imap/ngx_imap_proxy_module.c" +MAIL_PROXY_MODULE="ngx_mail_proxy_module" +MAIL_PROXY_SRCS="src/mail/ngx_mail_proxy_module.c" diff --git a/src/core/nginx.h b/src/core/nginx.h index 8c8ce80e2..a57de09c7 100644 --- a/src/core/nginx.h +++ b/src/core/nginx.h @@ -8,7 +8,7 @@ #define _NGINX_H_INCLUDED_ -#define NGINX_VERSION "0.5.14" +#define NGINX_VERSION "0.5.15" #define NGINX_VER "nginx/" NGINX_VERSION #define NGINX_VAR "NGINX" diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h index 1694dd451..a2ae690f5 100644 --- a/src/core/ngx_connection.h +++ b/src/core/ngx_connection.h @@ -143,6 +143,9 @@ struct ngx_connection_s { unsigned error:1; unsigned destroyed:1; + unsigned idle:1; + unsigned close:1; + unsigned sendfile:1; unsigned sndlowat:1; unsigned tcp_nodelay:2; /* ngx_connection_tcp_nodelay_e */ diff --git a/src/core/ngx_log.c b/src/core/ngx_log.c index 73a305f59..349ae7681 100644 --- a/src/core/ngx_log.c +++ b/src/core/ngx_log.c @@ -58,7 +58,7 @@ static const char *err_levels[] = { static const char *debug_levels[] = { "debug_core", "debug_alloc", "debug_mutex", "debug_event", - "debug_http", "debug_imap" + "debug_http", "debug_mail", "debug_mysql" }; diff --git a/src/core/ngx_log.h b/src/core/ngx_log.h index 2f70950cf..e58834d5f 100644 --- a/src/core/ngx_log.h +++ b/src/core/ngx_log.h @@ -27,7 +27,7 @@ #define NGX_LOG_DEBUG_MUTEX 0x040 #define NGX_LOG_DEBUG_EVENT 0x080 #define NGX_LOG_DEBUG_HTTP 0x100 -#define NGX_LOG_DEBUG_IMAP 0x200 +#define NGX_LOG_DEBUG_MAIL 0x200 #define NGX_LOG_DEBUG_MYSQL 0x400 /* @@ -36,7 +36,7 @@ */ #define NGX_LOG_DEBUG_FIRST NGX_LOG_DEBUG_CORE -#define NGX_LOG_DEBUG_LAST NGX_LOG_DEBUG_IMAP +#define NGX_LOG_DEBUG_LAST NGX_LOG_DEBUG_MYSQL #define NGX_LOG_DEBUG_CONNECTION 0x80000000 #define NGX_LOG_DEBUG_ALL 0x7ffffff0 diff --git a/src/core/ngx_radix_tree.c b/src/core/ngx_radix_tree.c index 957ec3099..b94b4b74f 100644 --- a/src/core/ngx_radix_tree.c +++ b/src/core/ngx_radix_tree.c @@ -88,7 +88,7 @@ ngx_radix_tree_create(ngx_pool_t *pool, ngx_int_t preallocate) do { if (ngx_radix32tree_insert(tree, key, mask, NGX_RADIX_NO_VALUE) - != NGX_OK) + != NGX_OK) { return NULL; } diff --git a/src/event/modules/ngx_devpoll_module.c b/src/event/modules/ngx_devpoll_module.c index 1ea51f96b..e8135b951 100644 --- a/src/event/modules/ngx_devpoll_module.c +++ b/src/event/modules/ngx_devpoll_module.c @@ -416,7 +416,7 @@ ngx_devpoll_process_events(ngx_cycle_t *cycle, ngx_msec_t timer, event_list[i].fd, event_list[i].events, revents); if (revents & (POLLERR|POLLHUP|POLLNVAL)) { - ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "ioctl(DP_POLL) error fd:%d ev:%04Xd rev:%04Xd", event_list[i].fd, event_list[i].events, revents); } diff --git a/src/event/modules/ngx_eventport_module.c b/src/event/modules/ngx_eventport_module.c index ebfd9a56b..bd046edbb 100644 --- a/src/event/modules/ngx_eventport_module.c +++ b/src/event/modules/ngx_eventport_module.c @@ -467,9 +467,9 @@ ngx_eventport_process_events(ngx_cycle_t *cycle, ngx_msec_t timer, event_list[i].portev_object, revents); if (revents & (POLLERR|POLLHUP|POLLNVAL)) { - ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, - "port_getn() error fd:%d ev:%04Xd", - event_list[i].portev_object, revents); + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, cycle->log, 0, + "port_getn() error fd:%d ev:%04Xd", + event_list[i].portev_object, revents); } if (revents & ~(POLLIN|POLLOUT|POLLERR|POLLHUP|POLLNVAL)) { diff --git a/src/http/modules/ngx_http_upstream_ip_hash_module.c b/src/http/modules/ngx_http_upstream_ip_hash_module.c index e0cf8afc1..87e5ac4d2 100644 --- a/src/http/modules/ngx_http_upstream_ip_hash_module.c +++ b/src/http/modules/ngx_http_upstream_ip_hash_module.c @@ -179,11 +179,10 @@ ngx_http_upstream_get_ip_hash_peer(ngx_peer_connection_t *pc, void *data) peer->fails = 0; break; } - - } else { - iphp->rrp.tried[n] |= m; } + iphp->rrp.tried[n] |= m; + /* ngx_unlock_mutex(iphp->rrp.peers->mutex); */ pc->tries--; diff --git a/src/http/modules/perl/nginx.pm b/src/http/modules/perl/nginx.pm index aa50bafe1..eea114ce9 100644 --- a/src/http/modules/perl/nginx.pm +++ b/src/http/modules/perl/nginx.pm @@ -47,7 +47,7 @@ our @EXPORT = qw( HTTP_INSUFFICIENT_STORAGE ); -our $VERSION = '0.5.14'; +our $VERSION = '0.5.15'; require XSLoader; XSLoader::load('nginx', $VERSION); diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 96286597b..afc1d644d 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -2032,6 +2032,8 @@ ngx_http_set_keepalive(ngx_http_request_t *r) r->http_state = NGX_HTTP_KEEPALIVE_STATE; #endif + c->idle = 1; + if (rev->ready) { ngx_http_keepalive_handler(rev); } @@ -2050,7 +2052,7 @@ ngx_http_keepalive_handler(ngx_event_t *rev) ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http keepalive handler"); - if (rev->timedout) { + if (rev->timedout || c->close) { ngx_http_close_connection(c); return; } @@ -2139,6 +2141,8 @@ ngx_http_keepalive_handler(ngx_event_t *rev) c->log->handler = ngx_http_log_error; c->log->action = "reading client request line"; + c->idle = 0; + ngx_http_init_request(rev); } diff --git a/src/imap/ngx_imap_handler.c b/src/imap/ngx_imap_handler.c deleted file mode 100644 index a32b10782..000000000 --- a/src/imap/ngx_imap_handler.c +++ /dev/null @@ -1,1357 +0,0 @@ - -/* - * Copyright (C) Igor Sysoev - */ - - -#include <ngx_config.h> -#include <ngx_core.h> -#include <ngx_event.h> -#include <ngx_imap.h> - - -static void ngx_imap_init_session(ngx_connection_t *c); -static void ngx_imap_init_protocol(ngx_event_t *rev); -static ngx_int_t ngx_imap_decode_auth_plain(ngx_imap_session_t *s, - ngx_str_t *encoded); -static void ngx_imap_do_auth(ngx_imap_session_t *s); -static ngx_int_t ngx_imap_read_command(ngx_imap_session_t *s); -static u_char *ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len); - -#if (NGX_IMAP_SSL) -static void ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c); -static void ngx_imap_ssl_handshake_handler(ngx_connection_t *c); -#endif - - -static ngx_str_t greetings[] = { - ngx_string("+OK POP3 ready" CRLF), - ngx_string("* OK IMAP4 ready" CRLF) -}; - -static ngx_str_t internal_server_errors[] = { - ngx_string("-ERR internal server error" CRLF), - ngx_string("* BAD internal server error" CRLF), -}; - -static u_char pop3_ok[] = "+OK" CRLF; -static u_char pop3_next[] = "+ " CRLF; -static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF; -static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF; -static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF; - -static u_char imap_star[] = "* "; -static u_char imap_ok[] = "OK completed" CRLF; -static u_char imap_next[] = "+ OK" CRLF; -static u_char imap_bye[] = "* BYE" CRLF; -static u_char imap_invalid_command[] = "BAD invalid command" CRLF; - - -void -ngx_imap_init_connection(ngx_connection_t *c) -{ - in_addr_t in_addr; - socklen_t len; - ngx_uint_t i; - struct sockaddr_in sin; - ngx_imap_log_ctx_t *ctx; - ngx_imap_in_port_t *imip; - ngx_imap_in_addr_t *imia; - ngx_imap_session_t *s; -#if (NGX_IMAP_SSL) - ngx_imap_ssl_conf_t *sslcf; -#endif - - - /* find the server configuration for the address:port */ - - /* AF_INET only */ - - imip = c->listening->servers; - imia = imip->addrs; - - i = 0; - - if (imip->naddrs > 1) { - - /* - * There are several addresses on this port and one of them - * is the "*:port" wildcard so getsockname() is needed to determine - * the server address. - * - * AcceptEx() already gave this address. - */ - -#if (NGX_WIN32) - if (c->local_sockaddr) { - in_addr = - ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr; - - } else -#endif - { - len = sizeof(struct sockaddr_in); - if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) { - ngx_connection_error(c, ngx_socket_errno, - "getsockname() failed"); - ngx_imap_close_connection(c); - return; - } - - in_addr = sin.sin_addr.s_addr; - } - - /* the last address is "*" */ - - for ( /* void */ ; i < imip->naddrs - 1; i++) { - if (in_addr == imia[i].addr) { - break; - } - } - } - - - s = ngx_pcalloc(c->pool, sizeof(ngx_imap_session_t)); - if (s == NULL) { - ngx_imap_close_connection(c); - return; - } - - s->main_conf = imia[i].ctx->main_conf; - s->srv_conf = imia[i].ctx->srv_conf; - - s->addr_text = &imia[i].addr_text; - - c->data = s; - s->connection = c; - - ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V", - c->number, &c->addr_text, s->addr_text); - - ctx = ngx_palloc(c->pool, sizeof(ngx_imap_log_ctx_t)); - if (ctx == NULL) { - ngx_imap_close_connection(c); - return; - } - - ctx->client = &c->addr_text; - ctx->session = s; - - c->log->connection = c->number; - c->log->handler = ngx_imap_log_error; - c->log->data = ctx; - c->log->action = "sending client greeting line"; - - c->log_error = NGX_ERROR_INFO; - -#if (NGX_IMAP_SSL) - - sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module); - - if (sslcf->enable) { - ngx_imap_ssl_init_connection(&sslcf->ssl, c); - return; - } - -#endif - - ngx_imap_init_session(c); -} - - -#if (NGX_IMAP_SSL) - -static void -ngx_imap_starttls_handler(ngx_event_t *rev) -{ - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_ssl_conf_t *sslcf; - - c = rev->data; - s = c->data; - s->starttls = 1; - - c->log->action = "in starttls state"; - - sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module); - - ngx_imap_ssl_init_connection(&sslcf->ssl, c); -} - - -static void -ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) -{ - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; - - if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { - ngx_imap_close_connection(c); - return; - } - - if (ngx_ssl_handshake(c) == NGX_AGAIN) { - - s = c->data; - - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - - ngx_add_timer(c->read, cscf->timeout); - - c->ssl->handler = ngx_imap_ssl_handshake_handler; - - return; - } - - ngx_imap_ssl_handshake_handler(c); -} - - -static void -ngx_imap_ssl_handshake_handler(ngx_connection_t *c) -{ - ngx_imap_session_t *s; - - if (c->ssl->handshaked) { - - s = c->data; - - if (s->starttls) { - c->read->handler = ngx_imap_init_protocol; - c->write->handler = ngx_imap_send; - - ngx_imap_init_protocol(c->read); - - return; - } - - ngx_imap_init_session(c); - return; - } - - ngx_imap_close_connection(c); -} - -#endif - - -static void -ngx_imap_init_session(ngx_connection_t *c) -{ - u_char *p; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; - - c->read->handler = ngx_imap_init_protocol; - c->write->handler = ngx_imap_send; - - s = c->data; - - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - - s->protocol = cscf->protocol; - - s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_imap_max_module); - if (s->ctx == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - s->out = greetings[s->protocol]; - - if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED) - && s->protocol == NGX_IMAP_POP3_PROTOCOL) - { - s->salt.data = ngx_palloc(c->pool, - sizeof(" <18446744073709551616.@>" CRLF) - 1 - + NGX_TIME_T_LEN - + cscf->server_name.len); - if (s->salt.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF, - ngx_random(), ngx_time(), &cscf->server_name) - - s->salt.data; - - s->out.data = ngx_palloc(c->pool, greetings[0].len + 1 + s->salt.len); - if (s->out.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - p = ngx_cpymem(s->out.data, greetings[0].data, greetings[0].len - 2); - *p++ = ' '; - p = ngx_cpymem(p, s->salt.data, s->salt.len); - - s->out.len = p - s->out.data; - } - - ngx_add_timer(c->read, cscf->timeout); - - if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { - ngx_imap_close_connection(c); - } - - ngx_imap_send(c->write); -} - - -void -ngx_imap_send(ngx_event_t *wev) -{ - ngx_int_t n; - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; - - c = wev->data; - s = c->data; - - if (wev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); - c->timedout = 1; - ngx_imap_close_connection(c); - return; - } - - if (s->out.len == 0) { - if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { - ngx_imap_close_connection(c); - } - - return; - } - - n = c->send(c, s->out.data, s->out.len); - - if (n > 0) { - s->out.len -= n; - - if (wev->timer_set) { - ngx_del_timer(wev); - } - - if (s->quit) { - ngx_imap_close_connection(c); - return; - } - - if (s->blocked) { - c->read->handler(c->read); - } - - return; - } - - if (n == NGX_ERROR) { - ngx_imap_close_connection(c); - return; - } - - /* n == NGX_AGAIN */ - - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - - ngx_add_timer(c->write, cscf->timeout); - - if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { - ngx_imap_close_connection(c); - return; - } -} - - -static void -ngx_imap_init_protocol(ngx_event_t *rev) -{ - size_t size; - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; - - c = rev->data; - - c->log->action = "in auth state"; - - if (rev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); - c->timedout = 1; - ngx_imap_close_connection(c); - return; - } - - s = c->data; - - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { - size = 128; - s->imap_state = ngx_pop3_start; - c->read->handler = ngx_pop3_auth_state; - - } else { - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - size = cscf->imap_client_buffer_size; - s->imap_state = ngx_imap_start; - c->read->handler = ngx_imap_auth_state; - } - - if (s->buffer == NULL) { - if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t)) - == NGX_ERROR) - { - ngx_imap_session_internal_server_error(s); - return; - } - - s->buffer = ngx_create_temp_buf(c->pool, size); - if (s->buffer == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - } - - c->read->handler(rev); -} - - -void -ngx_imap_auth_state(ngx_event_t *rev) -{ - u_char *text, *last, *p, *dst, *src, *end; - ssize_t text_len, last_len; - ngx_str_t *arg; - ngx_int_t rc; - ngx_uint_t tag, i; - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; -#if (NGX_IMAP_SSL) - ngx_imap_ssl_conf_t *sslcf; -#endif - - c = rev->data; - s = c->data; - - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth state"); - - if (rev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); - c->timedout = 1; - ngx_imap_close_connection(c); - return; - } - - if (s->out.len) { - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy"); - s->blocked = 1; - return; - } - - s->blocked = 0; - - rc = ngx_imap_read_command(s); - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth: %i", rc); - - if (rc == NGX_AGAIN || rc == NGX_ERROR) { - return; - } - - tag = 1; - - text = NULL; - text_len = 0; - - last = imap_ok; - last_len = sizeof(imap_ok) - 1; - - if (rc == NGX_OK) { - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth command: %i", - s->command); - - if (s->backslash) { - - arg = s->args.elts; - - for (i = 0; i < s->args.nelts; i++) { - dst = arg[i].data; - end = dst + arg[i].len; - - for (src = dst; src < end; dst++) { - *dst = *src; - if (*src++ == '\\') { - *dst = *src++; - } - } - - arg[i].len = dst - arg[i].data; - } - - s->backslash = 0; - } - - switch (s->command) { - - case NGX_IMAP_LOGIN: - -#if (NGX_IMAP_SSL) - - if (c->ssl == NULL) { - sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module); - - if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) { - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - } -#endif - - arg = s->args.elts; - - if (s->args.nelts == 2 && arg[0].len) { - - s->login.len = arg[0].len; - s->login.data = ngx_palloc(c->pool, s->login.len); - if (s->login.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->login.data, arg[0].data, s->login.len); - - s->passwd.len = arg[1].len; - s->passwd.data = ngx_palloc(c->pool, s->passwd.len); - if (s->passwd.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len); - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0, - "imap login:\"%V\" passwd:\"%V\"", - &s->login, &s->passwd); -#else - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "imap login:\"%V\"", &s->login); -#endif - - ngx_imap_do_auth(s); - return; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - - case NGX_IMAP_CAPABILITY: - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - -#if (NGX_IMAP_SSL) - - if (c->ssl == NULL) { - sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module); - - if (sslcf->starttls == NGX_IMAP_STARTTLS_ON) { - text_len = cscf->imap_starttls_capability.len; - text = cscf->imap_starttls_capability.data; - break; - } - - if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) { - text_len = cscf->imap_starttls_only_capability.len; - text = cscf->imap_starttls_only_capability.data; - break; - } - } -#endif - - text_len = cscf->imap_capability.len; - text = cscf->imap_capability.data; - break; - - case NGX_IMAP_LOGOUT: - s->quit = 1; - text = imap_bye; - text_len = sizeof(imap_bye) - 1; - break; - - case NGX_IMAP_NOOP: - break; - -#if (NGX_IMAP_SSL) - - case NGX_IMAP_STARTTLS: - if (c->ssl == NULL) { - sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module); - if (sslcf->starttls) { - c->read->handler = ngx_imap_starttls_handler; - break; - } - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; -#endif - - default: - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - } else if (rc == NGX_IMAP_NEXT) { - last = imap_next; - last_len = sizeof(imap_next) - 1; - tag = 0; - } - - if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) { - last = imap_invalid_command; - last_len = sizeof(imap_invalid_command) - 1; - } - - if (tag) { - if (s->tag.len == 0) { - s->tag.len = sizeof(imap_star) - 1; - s->tag.data = (u_char *) imap_star; - } - - if (s->tagged_line.len < s->tag.len + text_len + last_len) { - s->tagged_line.len = s->tag.len + text_len + last_len; - s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len); - if (s->tagged_line.data == NULL) { - ngx_imap_close_connection(c); - return; - } - } - - s->out.data = s->tagged_line.data; - s->out.len = s->tag.len + text_len + last_len; - - p = s->out.data; - - if (text) { - p = ngx_cpymem(p, text, text_len); - } - p = ngx_cpymem(p, s->tag.data, s->tag.len); - ngx_memcpy(p, last, last_len); - - - } else { - s->out.data = last; - s->out.len = last_len; - } - - if (rc != NGX_IMAP_NEXT) { - s->args.nelts = 0; - s->buffer->pos = s->buffer->start; - s->buffer->last = s->buffer->start; - s->tag.len = 0; - } - - ngx_imap_send(c->write); -} - - -void -ngx_pop3_auth_state(ngx_event_t *rev) -{ - u_char *text, *p, *last; - ssize_t size; - ngx_int_t rc; - ngx_str_t *arg, salt; - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; -#if (NGX_IMAP_SSL) - ngx_imap_ssl_conf_t *sslcf; -#endif - - c = rev->data; - s = c->data; - - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth state"); - - if (rev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); - c->timedout = 1; - ngx_imap_close_connection(c); - return; - } - - if (s->out.len) { - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy"); - s->blocked = 1; - return; - } - - s->blocked = 0; - - rc = ngx_imap_read_command(s); - - if (rc == NGX_AGAIN || rc == NGX_ERROR) { - return; - } - - text = pop3_ok; - size = sizeof(pop3_ok) - 1; - - if (rc == NGX_OK) { - switch (s->imap_state) { - - case ngx_pop3_start: - - switch (s->command) { - - case NGX_POP3_USER: - if (s->args.nelts == 1) { - s->imap_state = ngx_pop3_user; - - arg = s->args.elts; - s->login.len = arg[0].len; - s->login.data = ngx_palloc(c->pool, s->login.len); - if (s->login.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->login.data, arg[0].data, s->login.len); - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 login: \"%V\"", &s->login); - - break; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - - case NGX_POP3_CAPA: - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - -#if (NGX_IMAP_SSL) - - if (c->ssl == NULL) { - sslcf = ngx_imap_get_module_srv_conf(s, - ngx_imap_ssl_module); - if (sslcf->starttls) { - size = cscf->pop3_starttls_capability.len; - text = cscf->pop3_starttls_capability.data; - break; - } - } -#endif - - size = cscf->pop3_capability.len; - text = cscf->pop3_capability.data; - break; - - case NGX_POP3_APOP: - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - - if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED) - && s->args.nelts == 2) - { - arg = s->args.elts; - - s->login.len = arg[0].len; - s->login.data = ngx_palloc(c->pool, s->login.len); - if (s->login.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->login.data, arg[0].data, s->login.len); - - s->passwd.len = arg[1].len; - s->passwd.data = ngx_palloc(c->pool, s->passwd.len); - if (s->passwd.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len); - - ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 apop: \"%V\" \"%V\"", - &s->login, &s->passwd); - - s->auth_method = NGX_IMAP_AUTH_APOP; - - ngx_imap_do_auth(s); - return; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - - case NGX_POP3_AUTH: - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - - if (s->args.nelts == 0) { - size = cscf->pop3_auth_capability.len; - text = cscf->pop3_auth_capability.data; - s->state = 0; - break; - } - - arg = s->args.elts; - - if (arg[0].len == 5) { - - if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) - == 0) - { - - if (s->args.nelts != 1) { - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - s->imap_state = ngx_pop3_auth_login_username; - - size = sizeof(pop3_username) - 1; - text = pop3_username; - - break; - - } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", - 5) - == 0) - { - - if (s->args.nelts == 1) { - s->imap_state = ngx_pop3_auth_plain; - - size = sizeof(pop3_next) - 1; - text = pop3_next; - - break; - } - - if (s->args.nelts == 2) { - - /* - * workaround for Eudora for Mac: it sends - * AUTH PLAIN [base64 encoded] - */ - - rc = ngx_imap_decode_auth_plain(s, &arg[1]); - - if (rc == NGX_OK) { - ngx_imap_do_auth(s); - return; - } - - if (rc == NGX_ERROR) { - ngx_imap_session_internal_server_error(s); - return; - } - - /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */ - - break; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - } else if (arg[0].len == 8 - && ngx_strncasecmp(arg[0].data, - (u_char *) "CRAM-MD5", 8) - == 0) - { - s->imap_state = ngx_pop3_auth_cram_md5; - - text = ngx_palloc(c->pool, - sizeof("+ " CRLF) - 1 - + ngx_base64_encoded_length(s->salt.len)); - if (text == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - text[0] = '+'; text[1]= ' '; - salt.data = &text[2]; - s->salt.len -= 2; - - ngx_encode_base64(&salt, &s->salt); - - s->salt.len += 2; - size = 2 + salt.len; - text[size++] = CR; text[size++] = LF; - - break; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - - case NGX_POP3_QUIT: - s->quit = 1; - break; - - case NGX_POP3_NOOP: - break; - -#if (NGX_IMAP_SSL) - - case NGX_POP3_STLS: - if (c->ssl == NULL) { - sslcf = ngx_imap_get_module_srv_conf(s, - ngx_imap_ssl_module); - if (sslcf->starttls) { - c->read->handler = ngx_imap_starttls_handler; - break; - } - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; -#endif - - default: - s->imap_state = ngx_pop3_start; - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - break; - - case ngx_pop3_user: - - switch (s->command) { - - case NGX_POP3_PASS: - if (s->args.nelts == 1) { - arg = s->args.elts; - s->passwd.len = arg[0].len; - s->passwd.data = ngx_palloc(c->pool, s->passwd.len); - if (s->passwd.data == NULL) { - ngx_imap_session_internal_server_error(s); - return; - } - - ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len); - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 passwd: \"%V\"", &s->passwd); -#endif - - ngx_imap_do_auth(s); - return; - } - - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - - case NGX_POP3_CAPA: - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); - size = cscf->pop3_capability.len; - text = cscf->pop3_capability.data; - break; - - case NGX_POP3_QUIT: - s->quit = 1; - break; - - case NGX_POP3_NOOP: - break; - - default: - s->imap_state = ngx_pop3_start; - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - break; - - /* suppress warinings */ - case ngx_pop3_passwd: - break; - - case ngx_pop3_auth_login_username: - arg = s->args.elts; - s->imap_state = ngx_pop3_auth_login_password; - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth login username: \"%V\"", &arg[0]); - - s->login.data = ngx_palloc(c->pool, - ngx_base64_decoded_length(arg[0].len)); - if (s->login.data == NULL){ - ngx_imap_session_internal_server_error(s); - return; - } - - if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "client sent invalid base64 encoding " - "in AUTH LOGIN command"); - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth login username: \"%V\"", &s->login); - - size = sizeof(pop3_password) - 1; - text = pop3_password; - - break; - - case ngx_pop3_auth_login_password: - arg = s->args.elts; - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth login password: \"%V\"", &arg[0]); -#endif - - s->passwd.data = ngx_palloc(c->pool, - ngx_base64_decoded_length(arg[0].len)); - if (s->passwd.data == NULL){ - ngx_imap_session_internal_server_error(s); - return; - } - - if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "client sent invalid base64 encoding " - "in AUTH LOGIN command"); - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth login password: \"%V\"", &s->passwd); -#endif - - ngx_imap_do_auth(s); - return; - - case ngx_pop3_auth_plain: - arg = s->args.elts; - - rc = ngx_imap_decode_auth_plain(s, &arg[0]); - - if (rc == NGX_OK) { - ngx_imap_do_auth(s); - return; - } - - if (rc == NGX_ERROR) { - ngx_imap_session_internal_server_error(s); - return; - } - - /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */ - - break; - - case ngx_pop3_auth_cram_md5: - arg = s->args.elts; - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth cram-md5: \"%V\"", &arg[0]); - - s->login.data = ngx_palloc(c->pool, - ngx_base64_decoded_length(arg[0].len)); - if (s->login.data == NULL){ - ngx_imap_session_internal_server_error(s); - return; - } - - if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "client sent invalid base64 encoding " - "in AUTH CRAM-MD5 command"); - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - p = s->login.data; - last = p + s->login.len; - - while (p < last) { - if (*p++ == ' ') { - s->login.len = p - s->login.data - 1; - s->passwd.len = last - p; - s->passwd.data = p; - break; - } - } - - if (s->passwd.len != 32) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "client sent invalid CRAM-MD5 hash " - "in AUTH CRAM-MD5 command"); - rc = NGX_IMAP_PARSE_INVALID_COMMAND; - break; - } - - ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0, - "pop3 auth cram-md5: \"%V\" \"%V\"", - &s->login, &s->passwd); - - s->auth_method = NGX_IMAP_AUTH_CRAM_MD5; - - ngx_imap_do_auth(s); - return; - } - } - - if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) { - s->imap_state = ngx_pop3_start; - s->state = 0; - text = pop3_invalid_command; - size = sizeof(pop3_invalid_command) - 1; - } - - s->args.nelts = 0; - s->buffer->pos = s->buffer->start; - s->buffer->last = s->buffer->start; - - if (s->state) { - s->arg_start = s->buffer->start; - } - - s->out.data = text; - s->out.len = size; - - ngx_imap_send(c->write); -} - - -static ngx_int_t -ngx_imap_decode_auth_plain(ngx_imap_session_t *s, ngx_str_t *encoded) -{ - u_char *p, *last; - ngx_str_t plain; - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "pop3 auth plain: \"%V\"", encoded); -#endif - - plain.data = ngx_palloc(s->connection->pool, - ngx_base64_decoded_length(encoded->len)); - if (plain.data == NULL){ - return NGX_ERROR; - } - - if (ngx_decode_base64(&plain, encoded) != NGX_OK) { - ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, - "client sent invalid base64 encoding " - "in AUTH PLAIN command"); - return NGX_IMAP_PARSE_INVALID_COMMAND; - } - - p = plain.data; - last = p + plain.len; - - while (p < last && *p++) { /* void */ } - - if (p == last) { - ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, - "client sent invalid login in AUTH PLAIN command"); - return NGX_IMAP_PARSE_INVALID_COMMAND; - } - - s->login.data = p; - - while (p < last && *p) { p++; } - - if (p == last) { - ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, - "client sent invalid password in AUTH PLAIN command"); - return NGX_IMAP_PARSE_INVALID_COMMAND; - } - - s->login.len = p++ - s->login.data; - - s->passwd.len = last - p; - s->passwd.data = p; - -#if (NGX_DEBUG_IMAP_PASSWD) - ngx_log_debug2(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "pop3 auth plain: \"%V\" \"%V\"", - &s->login, &s->passwd); -#endif - - return NGX_OK; -} - - -static void -ngx_imap_do_auth(ngx_imap_session_t *s) -{ - s->args.nelts = 0; - s->buffer->pos = s->buffer->start; - s->buffer->last = s->buffer->start; - s->state = 0; - - if (s->connection->read->timer_set) { - ngx_del_timer(s->connection->read); - } - - s->login_attempt++; - - ngx_imap_auth_http_init(s); -} - - -static ngx_int_t -ngx_imap_read_command(ngx_imap_session_t *s) -{ - ssize_t n; - ngx_int_t rc; - ngx_str_t l; - - n = s->connection->recv(s->connection, s->buffer->last, - s->buffer->end - s->buffer->last); - - if (n == NGX_ERROR || n == 0) { - ngx_imap_close_connection(s->connection); - return NGX_ERROR; - } - - if (n > 0) { - s->buffer->last += n; - } - - if (n == NGX_AGAIN) { - if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) { - ngx_imap_session_internal_server_error(s); - return NGX_ERROR; - } - - return NGX_AGAIN; - } - - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { - rc = ngx_pop3_parse_command(s); - } else { - rc = ngx_imap_parse_command(s); - } - - if (rc == NGX_AGAIN) { - - if (s->buffer->last < s->buffer->end) { - return rc; - } - - l.len = s->buffer->last - s->buffer->start; - l.data = s->buffer->start; - - ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, - "client sent too long command \"%V\"", &l); - - s->quit = 1; - - return NGX_IMAP_PARSE_INVALID_COMMAND; - } - - if (rc == NGX_IMAP_NEXT || rc == NGX_IMAP_PARSE_INVALID_COMMAND) { - return rc; - } - - if (rc == NGX_ERROR) { - ngx_imap_close_connection(s->connection); - return NGX_ERROR; - } - - return NGX_OK; -} - - -void -ngx_imap_session_internal_server_error(ngx_imap_session_t *s) -{ - s->out = internal_server_errors[s->protocol]; - s->quit = 1; - - ngx_imap_send(s->connection->write); -} - - -void -ngx_imap_close_connection(ngx_connection_t *c) -{ - ngx_pool_t *pool; - - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, - "close imap connection: %d", c->fd); - -#if (NGX_IMAP_SSL) - - if (c->ssl) { - if (ngx_ssl_shutdown(c) == NGX_AGAIN) { - c->ssl->handler = ngx_imap_close_connection; - return; - } - } - -#endif - - c->destroyed = 1; - - pool = c->pool; - - ngx_close_connection(c); - - ngx_destroy_pool(pool); -} - - -static u_char * -ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len) -{ - u_char *p; - ngx_imap_session_t *s; - ngx_imap_log_ctx_t *ctx; - - if (log->action) { - p = ngx_snprintf(buf, len, " while %s", log->action); - len -= p - buf; - buf = p; - } - - ctx = log->data; - - p = ngx_snprintf(buf, len, ", client: %V", ctx->client); - len -= p - buf; - buf = p; - - s = ctx->session; - - if (s == NULL) { - return p; - } - - p = ngx_snprintf(buf, len, ", server: %V", s->addr_text); - len -= p - buf; - buf = p; - - if (s->login.len == 0) { - return p; - } - - p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login); - len -= p - buf; - buf = p; - - if (s->proxy == NULL) { - return p; - } - - p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name); - - return p; -} diff --git a/src/imap/ngx_imap.c b/src/mail/ngx_mail.c index 77b605620..56e9b04c1 100644 --- a/src/imap/ngx_imap.c +++ b/src/mail/ngx_mail.c @@ -7,22 +7,29 @@ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> -#include <ngx_imap.h> +#include <ngx_mail.h> -static char *ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static int ngx_libc_cdecl ngx_imap_cmp_conf_in_addrs(const void *one, +static char *ngx_mail_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +static int ngx_libc_cdecl ngx_mail_cmp_conf_in_addrs(const void *one, const void *two); -ngx_uint_t ngx_imap_max_module; +ngx_uint_t ngx_mail_max_module; -static ngx_command_t ngx_imap_commands[] = { +static ngx_command_t ngx_mail_commands[] = { + + { ngx_string("mail"), + NGX_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, + ngx_mail_block, + 0, + 0, + NULL }, { ngx_string("imap"), NGX_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, - ngx_imap_block, + ngx_mail_block, 0, 0, NULL }, @@ -31,17 +38,17 @@ static ngx_command_t ngx_imap_commands[] = { }; -static ngx_core_module_t ngx_imap_module_ctx = { - ngx_string("imap"), +static ngx_core_module_t ngx_mail_module_ctx = { + ngx_string("mail"), NULL, NULL }; -ngx_module_t ngx_imap_module = { +ngx_module_t ngx_mail_module = { NGX_MODULE_V1, - &ngx_imap_module_ctx, /* module context */ - ngx_imap_commands, /* module directives */ + &ngx_mail_module_ctx, /* module context */ + ngx_mail_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ @@ -55,7 +62,7 @@ ngx_module_t ngx_imap_module = { static char * -ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { char *rv; u_char *text; @@ -64,51 +71,57 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ngx_conf_t pcf; ngx_array_t in_ports; ngx_listening_t *ls; - ngx_imap_listen_t *imls; - ngx_imap_module_t *module; - ngx_imap_in_port_t *imip; - ngx_imap_conf_ctx_t *ctx; - ngx_imap_conf_in_port_t *in_port; - ngx_imap_conf_in_addr_t *in_addr; - ngx_imap_core_srv_conf_t **cscfp; - ngx_imap_core_main_conf_t *cmcf; - - /* the main imap context */ - - ctx = ngx_pcalloc(cf->pool, sizeof(ngx_imap_conf_ctx_t)); + ngx_mail_listen_t *imls; + ngx_mail_module_t *module; + ngx_mail_in_port_t *imip; + ngx_mail_conf_ctx_t *ctx; + ngx_mail_conf_in_port_t *in_port; + ngx_mail_conf_in_addr_t *in_addr; + ngx_mail_core_srv_conf_t **cscfp; + ngx_mail_core_main_conf_t *cmcf; + + if (cmd->name.data[0] == 'i') { + ngx_conf_log_error(NGX_LOG_WARN, cf, 0, + "the \"imap\" directive is deprecated, " + "use the \"mail\" directive instead"); + } + + /* the main mail context */ + + ctx = ngx_pcalloc(cf->pool, sizeof(ngx_mail_conf_ctx_t)); if (ctx == NULL) { return NGX_CONF_ERROR; } - *(ngx_imap_conf_ctx_t **) conf = ctx; + *(ngx_mail_conf_ctx_t **) conf = ctx; /* count the number of the http modules and set up their indices */ - ngx_imap_max_module = 0; + ngx_mail_max_module = 0; for (m = 0; ngx_modules[m]; m++) { - if (ngx_modules[m]->type != NGX_IMAP_MODULE) { + if (ngx_modules[m]->type != NGX_MAIL_MODULE) { continue; } - ngx_modules[m]->ctx_index = ngx_imap_max_module++; + ngx_modules[m]->ctx_index = ngx_mail_max_module++; } - /* the imap main_conf context, it is the same in the all imap contexts */ + /* the mail main_conf context, it is the same in the all mail contexts */ ctx->main_conf = ngx_pcalloc(cf->pool, - sizeof(void *) * ngx_imap_max_module); + sizeof(void *) * ngx_mail_max_module); if (ctx->main_conf == NULL) { return NGX_CONF_ERROR; } /* - * the imap null srv_conf context, it is used to merge + * the mail null srv_conf context, it is used to merge * the server{}s' srv_conf's */ - ctx->srv_conf = ngx_pcalloc(cf->pool, sizeof(void *) * ngx_imap_max_module); + ctx->srv_conf = ngx_pcalloc(cf->pool, sizeof(void *) * ngx_mail_max_module); if (ctx->srv_conf == NULL) { return NGX_CONF_ERROR; } @@ -116,11 +129,11 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) /* * create the main_conf's, the null srv_conf's, and the null loc_conf's - * of the all imap modules + * of the all mail modules */ for (m = 0; ngx_modules[m]; m++) { - if (ngx_modules[m]->type != NGX_IMAP_MODULE) { + if (ngx_modules[m]->type != NGX_MAIL_MODULE) { continue; } @@ -143,13 +156,13 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } - /* parse inside the imap{} block */ + /* parse inside the mail{} block */ pcf = *cf; cf->ctx = ctx; - cf->module_type = NGX_IMAP_MODULE; - cf->cmd_type = NGX_IMAP_MAIN_CONF; + cf->module_type = NGX_MAIL_MODULE; + cf->cmd_type = NGX_MAIL_MAIN_CONF; rv = ngx_conf_parse(cf, NULL); if (rv != NGX_CONF_OK) { @@ -158,20 +171,20 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } - /* init imap{} main_conf's, merge the server{}s' srv_conf's */ + /* init mail{} main_conf's, merge the server{}s' srv_conf's */ - cmcf = ctx->main_conf[ngx_imap_core_module.ctx_index]; + cmcf = ctx->main_conf[ngx_mail_core_module.ctx_index]; cscfp = cmcf->servers.elts; for (m = 0; ngx_modules[m]; m++) { - if (ngx_modules[m]->type != NGX_IMAP_MODULE) { + if (ngx_modules[m]->type != NGX_MAIL_MODULE) { continue; } module = ngx_modules[m]->ctx; mi = ngx_modules[m]->ctx_index; - /* init imap{} main_conf's */ + /* init mail{} main_conf's */ if (module->init_main_conf) { rv = module->init_main_conf(cf, ctx->main_conf[mi]); @@ -197,13 +210,13 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } } - /* imap{}'s cf->ctx was needed while the configuration merging */ + /* mail{}'s cf->ctx was needed while the configuration merging */ *cf = pcf; if (ngx_array_init(&in_ports, cf->temp_pool, 4, - sizeof(ngx_imap_conf_in_port_t)) + sizeof(ngx_mail_conf_in_port_t)) != NGX_OK) { return NGX_CONF_ERROR; @@ -231,7 +244,7 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) in_port->port = imls[l].port; if (ngx_array_init(&in_port->addrs, cf->temp_pool, 2, - sizeof(ngx_imap_conf_in_addr_t)) + sizeof(ngx_mail_conf_in_addr_t)) != NGX_OK) { return NGX_CONF_ERROR; @@ -257,7 +270,7 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) for (p = 0; p < in_ports.nelts; p++) { ngx_qsort(in_port[p].addrs.elts, (size_t) in_port[p].addrs.nelts, - sizeof(ngx_imap_conf_in_addr_t), ngx_imap_cmp_conf_in_addrs); + sizeof(ngx_mail_conf_in_addr_t), ngx_mail_cmp_conf_in_addrs); in_addr = in_port[p].addrs.elts; last = in_port[p].addrs.nelts; @@ -293,7 +306,7 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ls->sndbuf = -1; ls->addr_ntop = 1; - ls->handler = ngx_imap_init_connection; + ls->handler = ngx_mail_init_connection; ls->pool_size = 256; /* STUB */ @@ -302,7 +315,7 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ls->log.handler = ngx_accept_log_error; /**/ - imip = ngx_palloc(cf->pool, sizeof(ngx_imap_in_port_t)); + imip = ngx_palloc(cf->pool, sizeof(ngx_mail_in_port_t)); if (imip == NULL) { return NGX_CONF_ERROR; } @@ -334,7 +347,7 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) #endif imip->addrs = ngx_pcalloc(cf->pool, - imip->naddrs * sizeof(ngx_imap_in_addr_t)); + imip->naddrs * sizeof(ngx_mail_in_addr_t)); if (imip->addrs == NULL) { return NGX_CONF_ERROR; } @@ -375,12 +388,12 @@ ngx_imap_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) static int ngx_libc_cdecl -ngx_imap_cmp_conf_in_addrs(const void *one, const void *two) +ngx_mail_cmp_conf_in_addrs(const void *one, const void *two) { - ngx_imap_conf_in_addr_t *first, *second; + ngx_mail_conf_in_addr_t *first, *second; - first = (ngx_imap_conf_in_addr_t *) one; - second = (ngx_imap_conf_in_addr_t *) two; + first = (ngx_mail_conf_in_addr_t *) one; + second = (ngx_mail_conf_in_addr_t *) two; if (first->addr == INADDR_ANY) { /* the INADDR_ANY must be the last resort, shift it to the end */ diff --git a/src/imap/ngx_imap.h b/src/mail/ngx_mail.h index 00ebd3416..478662a04 100644 --- a/src/imap/ngx_imap.h +++ b/src/mail/ngx_mail.h @@ -4,8 +4,8 @@ */ -#ifndef _NGX_IMAP_H_INCLUDED_ -#define _NGX_IMAP_H_INCLUDED_ +#ifndef _NGX_MAIL_H_INCLUDED_ +#define _NGX_MAIL_H_INCLUDED_ #include <ngx_config.h> @@ -13,8 +13,8 @@ #include <ngx_event.h> #include <ngx_event_connect.h> -#if (NGX_IMAP_SSL) -#include <ngx_imap_ssl_module.h> +#if (NGX_MAIL_SSL) +#include <ngx_mail_ssl_module.h> #endif @@ -22,7 +22,7 @@ typedef struct { void **main_conf; void **srv_conf; -} ngx_imap_conf_ctx_t; +} ngx_mail_conf_ctx_t; typedef struct { @@ -31,46 +31,47 @@ typedef struct { int family; /* server ctx */ - ngx_imap_conf_ctx_t *ctx; + ngx_mail_conf_ctx_t *ctx; unsigned bind:1; -} ngx_imap_listen_t; +} ngx_mail_listen_t; typedef struct { in_addr_t addr; - ngx_imap_conf_ctx_t *ctx; + ngx_mail_conf_ctx_t *ctx; ngx_str_t addr_text; -} ngx_imap_in_addr_t; +} ngx_mail_in_addr_t; typedef struct { - ngx_imap_in_addr_t *addrs; /* array of ngx_imap_in_addr_t */ + ngx_mail_in_addr_t *addrs; /* array of ngx_mail_in_addr_t */ ngx_uint_t naddrs; -} ngx_imap_in_port_t; +} ngx_mail_in_port_t; typedef struct { in_port_t port; - ngx_array_t addrs; /* array of ngx_imap_conf_in_addr_t */ -} ngx_imap_conf_in_port_t; + ngx_array_t addrs; /* array of ngx_mail_conf_in_addr_t */ +} ngx_mail_conf_in_port_t; typedef struct { in_addr_t addr; - ngx_imap_conf_ctx_t *ctx; + ngx_mail_conf_ctx_t *ctx; unsigned bind:1; -} ngx_imap_conf_in_addr_t; +} ngx_mail_conf_in_addr_t; typedef struct { - ngx_array_t servers; /* ngx_imap_core_srv_conf_t */ - ngx_array_t listen; /* ngx_imap_listen_t */ -} ngx_imap_core_main_conf_t; + ngx_array_t servers; /* ngx_mail_core_srv_conf_t */ + ngx_array_t listen; /* ngx_mail_listen_t */ +} ngx_mail_core_main_conf_t; -#define NGX_IMAP_POP3_PROTOCOL 0 -#define NGX_IMAP_IMAP_PROTOCOL 1 +#define NGX_MAIL_POP3_PROTOCOL 0 +#define NGX_MAIL_IMAP_PROTOCOL 1 +#define NGX_MAIL_SMTP_PROTOCOL 2 typedef struct { ngx_msec_t timeout; @@ -83,22 +84,29 @@ typedef struct { ngx_str_t pop3_capability; ngx_str_t pop3_starttls_capability; + ngx_str_t pop3_starttls_only_capability; ngx_str_t pop3_auth_capability; ngx_str_t imap_capability; ngx_str_t imap_starttls_capability; ngx_str_t imap_starttls_only_capability; + ngx_str_t smtp_capability; + ngx_str_t server_name; + ngx_str_t smtp_server_name; + ngx_str_t smtp_greeting; - ngx_uint_t auth_methods; + ngx_uint_t pop3_auth_methods; + ngx_uint_t smtp_auth_methods; ngx_array_t pop3_capabilities; ngx_array_t imap_capabilities; + ngx_array_t smtp_capabilities; /* server ctx */ - ngx_imap_conf_ctx_t *ctx; -} ngx_imap_core_srv_conf_t; + ngx_mail_conf_ctx_t *ctx; +} ngx_mail_core_srv_conf_t; typedef struct { @@ -108,15 +116,7 @@ typedef struct { void *(*create_srv_conf)(ngx_conf_t *cf); char *(*merge_srv_conf)(ngx_conf_t *cf, void *prev, void *conf); -} ngx_imap_module_t; - - -typedef enum { - ngx_imap_start = 0, - ngx_imap_login, - ngx_imap_user, - ngx_imap_passwd -} ngx_imap_state_e; +} ngx_mail_module_t; typedef enum { @@ -130,14 +130,34 @@ typedef enum { } ngx_po3_state_e; +typedef enum { + ngx_imap_start = 0, + ngx_imap_login, + ngx_imap_user, + ngx_imap_passwd +} ngx_imap_state_e; + + +typedef enum { + ngx_smtp_start = 0, + ngx_smtp_auth_login_username, + ngx_smtp_auth_login_password, + ngx_smtp_auth_plain, + ngx_smtp_auth_cram_md5, + ngx_smtp_helo, + ngx_smtp_noxclient, + ngx_smtp_xclient +} ngx_smtp_state_e; + + typedef struct { ngx_peer_connection_t upstream; ngx_buf_t *buffer; -} ngx_imap_proxy_ctx_t; +} ngx_mail_proxy_ctx_t; typedef struct { - uint32_t signature; /* "IMAP" */ + uint32_t signature; /* "MAIL" */ ngx_connection_t *connection; @@ -148,17 +168,18 @@ typedef struct { void **main_conf; void **srv_conf; - ngx_imap_proxy_ctx_t *proxy; + ngx_mail_proxy_ctx_t *proxy; - ngx_uint_t imap_state; + ngx_uint_t mail_state; unsigned blocked:1; unsigned quit:1; - unsigned protocol:1; + unsigned protocol:2; unsigned quoted:1; unsigned backslash:1; unsigned no_sync_literal:1; unsigned starttls:1; + unsigned esmtp:1; unsigned auth_method:2; unsigned auth_wait:1; @@ -170,26 +191,27 @@ typedef struct { ngx_str_t tagged_line; ngx_str_t *addr_text; + ngx_str_t smtp_helo; ngx_uint_t command; ngx_array_t args; ngx_uint_t login_attempt; - /* used to parse IMAP/POP3 command */ + /* used to parse IMAP/POP3/SMTP command */ ngx_uint_t state; u_char *cmd_start; u_char *arg_start; u_char *arg_end; ngx_uint_t literal_len; -} ngx_imap_session_t; +} ngx_mail_session_t; typedef struct { ngx_str_t *client; - ngx_imap_session_t *session; -} ngx_imap_log_ctx_t; + ngx_mail_session_t *session; +} ngx_mail_log_ctx_t; #define NGX_POP3_USER 1 @@ -218,61 +240,74 @@ typedef struct { #define NGX_IMAP_NEXT 6 -#define NGX_IMAP_AUTH_PLAIN 0 -#define NGX_IMAP_AUTH_APOP 1 -#define NGX_IMAP_AUTH_CRAM_MD5 2 +#define NGX_SMTP_HELO 1 +#define NGX_SMTP_EHLO 2 +#define NGX_SMTP_AUTH 3 +#define NGX_SMTP_QUIT 4 +#define NGX_SMTP_NOOP 5 +#define NGX_SMTP_MAIL 6 +#define NGX_SMTP_RSET 7 + +#define NGX_MAIL_AUTH_PLAIN 0 +#define NGX_MAIL_AUTH_LOGIN 1 +#define NGX_MAIL_AUTH_APOP 2 +#define NGX_MAIL_AUTH_CRAM_MD5 3 -#define NGX_IMAP_AUTH_PLAIN_ENABLED 0x0002 -#define NGX_IMAP_AUTH_APOP_ENABLED 0x0004 -#define NGX_IMAP_AUTH_CRAM_MD5_ENABLED 0x0008 +#define NGX_MAIL_AUTH_PLAIN_ENABLED 0x0002 +#define NGX_MAIL_AUTH_LOGIN_ENABLED 0x0004 +#define NGX_MAIL_AUTH_APOP_ENABLED 0x0008 +#define NGX_MAIL_AUTH_CRAM_MD5_ENABLED 0x0010 -#define NGX_IMAP_PARSE_INVALID_COMMAND 20 +#define NGX_MAIL_PARSE_INVALID_COMMAND 20 -#define NGX_IMAP_MODULE 0x50414D49 /* "IMAP" */ -#define NGX_IMAP_MAIN_CONF 0x02000000 -#define NGX_IMAP_SRV_CONF 0x04000000 +#define NGX_MAIL_MODULE 0x4C49414D /* "MAIL" */ +#define NGX_MAIL_MAIN_CONF 0x02000000 +#define NGX_MAIL_SRV_CONF 0x04000000 -#define NGX_IMAP_MAIN_CONF_OFFSET offsetof(ngx_imap_conf_ctx_t, main_conf) -#define NGX_IMAP_SRV_CONF_OFFSET offsetof(ngx_imap_conf_ctx_t, srv_conf) +#define NGX_MAIL_MAIN_CONF_OFFSET offsetof(ngx_mail_conf_ctx_t, main_conf) +#define NGX_MAIL_SRV_CONF_OFFSET offsetof(ngx_mail_conf_ctx_t, srv_conf) -#define ngx_imap_get_module_ctx(s, module) (s)->ctx[module.ctx_index] -#define ngx_imap_set_ctx(s, c, module) s->ctx[module.ctx_index] = c; -#define ngx_imap_delete_ctx(s, module) s->ctx[module.ctx_index] = NULL; +#define ngx_mail_get_module_ctx(s, module) (s)->ctx[module.ctx_index] +#define ngx_mail_set_ctx(s, c, module) s->ctx[module.ctx_index] = c; +#define ngx_mail_delete_ctx(s, module) s->ctx[module.ctx_index] = NULL; -#define ngx_imap_get_module_main_conf(s, module) \ + +#define ngx_mail_get_module_main_conf(s, module) \ (s)->main_conf[module.ctx_index] -#define ngx_imap_get_module_srv_conf(s, module) (s)->srv_conf[module.ctx_index] +#define ngx_mail_get_module_srv_conf(s, module) (s)->srv_conf[module.ctx_index] -#define ngx_imap_conf_get_module_main_conf(cf, module) \ - ((ngx_imap_conf_ctx_t *) cf->ctx)->main_conf[module.ctx_index] +#define ngx_mail_conf_get_module_main_conf(cf, module) \ + ((ngx_mail_conf_ctx_t *) cf->ctx)->main_conf[module.ctx_index] -void ngx_imap_init_connection(ngx_connection_t *c); -void ngx_imap_send(ngx_event_t *wev); -void ngx_imap_auth_state(ngx_event_t *rev); +void ngx_mail_init_connection(ngx_connection_t *c); +void ngx_mail_send(ngx_event_t *wev); void ngx_pop3_auth_state(ngx_event_t *rev); -void ngx_imap_close_connection(ngx_connection_t *c); -void ngx_imap_session_internal_server_error(ngx_imap_session_t *s); +void ngx_imap_auth_state(ngx_event_t *rev); +void ngx_smtp_auth_state(ngx_event_t *rev); +void ngx_mail_close_connection(ngx_connection_t *c); +void ngx_mail_session_internal_server_error(ngx_mail_session_t *s); -ngx_int_t ngx_imap_parse_command(ngx_imap_session_t *s); -ngx_int_t ngx_pop3_parse_command(ngx_imap_session_t *s); +ngx_int_t ngx_pop3_parse_command(ngx_mail_session_t *s); +ngx_int_t ngx_imap_parse_command(ngx_mail_session_t *s); +ngx_int_t ngx_smtp_parse_command(ngx_mail_session_t *s); /* STUB */ -void ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peer_addr_t *peer); -void ngx_imap_auth_http_init(ngx_imap_session_t *s); +void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_peer_addr_t *peer); +void ngx_mail_auth_http_init(ngx_mail_session_t *s); /**/ -extern ngx_uint_t ngx_imap_max_module; -extern ngx_module_t ngx_imap_core_module; +extern ngx_uint_t ngx_mail_max_module; +extern ngx_module_t ngx_mail_core_module; -#endif /* _NGX_IMAP_H_INCLUDED_ */ +#endif /* _NGX_MAIL_H_INCLUDED_ */ diff --git a/src/imap/ngx_imap_auth_http_module.c b/src/mail/ngx_mail_auth_http_module.c index f3e11e86b..febeb55ff 100644 --- a/src/imap/ngx_imap_auth_http_module.c +++ b/src/mail/ngx_mail_auth_http_module.c @@ -8,7 +8,7 @@ #include <ngx_core.h> #include <ngx_event.h> #include <ngx_event_connect.h> -#include <ngx_imap.h> +#include <ngx_mail.h> typedef struct { @@ -21,20 +21,20 @@ typedef struct { ngx_str_t header; ngx_array_t *headers; -} ngx_imap_auth_http_conf_t; +} ngx_mail_auth_http_conf_t; -typedef struct ngx_imap_auth_http_ctx_s ngx_imap_auth_http_ctx_t; +typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; -typedef void (*ngx_imap_auth_http_handler_pt)(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx); +typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx); -struct ngx_imap_auth_http_ctx_s { +struct ngx_mail_auth_http_ctx_s { ngx_buf_t *request; ngx_buf_t *response; ngx_peer_connection_t peer; - ngx_imap_auth_http_handler_pt handler; + ngx_mail_auth_http_handler_pt handler; ngx_uint_t state; ngx_uint_t hash; /* no needed ? */ @@ -48,6 +48,7 @@ struct ngx_imap_auth_http_ctx_s { ngx_str_t port; ngx_str_t err; ngx_str_t errmsg; + ngx_str_t errcode; time_t sleep; @@ -55,50 +56,50 @@ struct ngx_imap_auth_http_ctx_s { }; -static void ngx_imap_auth_http_write_handler(ngx_event_t *wev); -static void ngx_imap_auth_http_read_handler(ngx_event_t *rev); -static void ngx_imap_auth_http_ignore_status_line(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx); -static void ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx); -static void ngx_imap_auth_sleep_handler(ngx_event_t *rev); -static ngx_int_t ngx_imap_auth_http_parse_header_line(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx); -static void ngx_imap_auth_http_block_read(ngx_event_t *rev); -static void ngx_imap_auth_http_dummy_handler(ngx_event_t *ev); -static ngx_buf_t *ngx_imap_auth_http_create_request(ngx_imap_session_t *s, - ngx_pool_t *pool, ngx_imap_auth_http_conf_t *ahcf); -static ngx_int_t ngx_imap_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, +static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); +static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); +static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx); +static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx); +static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); +static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx); +static void ngx_mail_auth_http_block_read(ngx_event_t *rev); +static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); +static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, + ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); +static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped); -static void *ngx_imap_auth_http_create_conf(ngx_conf_t *cf); -static char *ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, +static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); +static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child); -static char *ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static char *ngx_imap_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static ngx_command_t ngx_imap_auth_http_commands[] = { +static ngx_command_t ngx_mail_auth_http_commands[] = { { ngx_string("auth_http"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, - ngx_imap_auth_http, - NGX_IMAP_SRV_CONF_OFFSET, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, + ngx_mail_auth_http, + NGX_MAIL_SRV_CONF_OFFSET, 0, NULL }, { ngx_string("auth_http_timeout"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_auth_http_conf_t, timeout), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_auth_http_conf_t, timeout), NULL }, { ngx_string("auth_http_header"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE2, - ngx_imap_auth_http_header, - NGX_IMAP_SRV_CONF_OFFSET, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, + ngx_mail_auth_http_header, + NGX_MAIL_SRV_CONF_OFFSET, 0, NULL }, @@ -106,20 +107,20 @@ static ngx_command_t ngx_imap_auth_http_commands[] = { }; -static ngx_imap_module_t ngx_imap_auth_http_module_ctx = { +static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { NULL, /* create main configuration */ NULL, /* init main configuration */ - ngx_imap_auth_http_create_conf, /* create server configuration */ - ngx_imap_auth_http_merge_conf /* merge server configuration */ + ngx_mail_auth_http_create_conf, /* create server configuration */ + ngx_mail_auth_http_merge_conf /* merge server configuration */ }; -ngx_module_t ngx_imap_auth_http_module = { +ngx_module_t ngx_mail_auth_http_module = { NGX_MODULE_V1, - &ngx_imap_auth_http_module_ctx, /* module context */ - ngx_imap_auth_http_commands, /* module directives */ - NGX_IMAP_MODULE, /* module type */ + &ngx_mail_auth_http_module_ctx, /* module context */ + ngx_mail_auth_http_commands, /* module directives */ + NGX_MAIL_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ NULL, /* init process */ @@ -131,49 +132,51 @@ ngx_module_t ngx_imap_auth_http_module = { }; -static char *ngx_imap_auth_http_protocol[] = { "pop3", "imap" }; -static ngx_str_t ngx_imap_auth_http_method[] = { +static char *ngx_mail_auth_http_protocol[] = { "pop3", "imap", "smtp" }; +static ngx_str_t ngx_mail_auth_http_method[] = { + ngx_string("plain"), ngx_string("plain"), ngx_string("apop"), ngx_string("cram-md5") }; +static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); void -ngx_imap_auth_http_init(ngx_imap_session_t *s) +ngx_mail_auth_http_init(ngx_mail_session_t *s) { ngx_int_t rc; ngx_pool_t *pool; - ngx_imap_auth_http_ctx_t *ctx; - ngx_imap_auth_http_conf_t *ahcf; + ngx_mail_auth_http_ctx_t *ctx; + ngx_mail_auth_http_conf_t *ahcf; s->connection->log->action = "in http auth state"; pool = ngx_create_pool(2048, s->connection->log); if (pool == NULL) { - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } - ctx = ngx_pcalloc(pool, sizeof(ngx_imap_auth_http_ctx_t)); + ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); if (ctx == NULL) { ngx_destroy_pool(pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } ctx->pool = pool; - ahcf = ngx_imap_get_module_srv_conf(s, ngx_imap_auth_http_module); + ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); - ctx->request = ngx_imap_auth_http_create_request(s, pool, ahcf); + ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); if (ctx->request == NULL) { ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } - ngx_imap_set_ctx(s, ctx, ngx_imap_auth_http_module); + ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); ctx->peer.sockaddr = ahcf->peer->sockaddr; ctx->peer.socklen = ahcf->peer->socklen; @@ -190,52 +193,52 @@ ngx_imap_auth_http_init(ngx_imap_session_t *s) } ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } ctx->peer.connection->data = s; ctx->peer.connection->pool = s->connection->pool; - s->connection->read->handler = ngx_imap_auth_http_block_read; - ctx->peer.connection->read->handler = ngx_imap_auth_http_read_handler; - ctx->peer.connection->write->handler = ngx_imap_auth_http_write_handler; + s->connection->read->handler = ngx_mail_auth_http_block_read; + ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; + ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; - ctx->handler = ngx_imap_auth_http_ignore_status_line; + ctx->handler = ngx_mail_auth_http_ignore_status_line; ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); if (rc == NGX_OK) { - ngx_imap_auth_http_write_handler(ctx->peer.connection->write); + ngx_mail_auth_http_write_handler(ctx->peer.connection->write); return; } } static void -ngx_imap_auth_http_write_handler(ngx_event_t *wev) +ngx_mail_auth_http_write_handler(ngx_event_t *wev) { ssize_t n, size; ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_auth_http_ctx_t *ctx; - ngx_imap_auth_http_conf_t *ahcf; + ngx_mail_session_t *s; + ngx_mail_auth_http_ctx_t *ctx; + ngx_mail_auth_http_conf_t *ahcf; c = wev->data; s = c->data; - ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module); + ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, wev->log, 0, - "imap auth http write handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, + "mail auth http write handler"); if (wev->timedout) { ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, "auth http server %V timed out", ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -246,7 +249,7 @@ ngx_imap_auth_http_write_handler(ngx_event_t *wev) if (n == NGX_ERROR) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -254,7 +257,7 @@ ngx_imap_auth_http_write_handler(ngx_event_t *wev) ctx->request->pos += n; if (n == size) { - wev->handler = ngx_imap_auth_http_dummy_handler; + wev->handler = ngx_mail_auth_http_dummy_handler; if (wev->timer_set) { ngx_del_timer(wev); @@ -263,7 +266,7 @@ ngx_imap_auth_http_write_handler(ngx_event_t *wev) if (ngx_handle_write_event(wev, 0) == NGX_ERROR) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); } return; @@ -271,34 +274,34 @@ ngx_imap_auth_http_write_handler(ngx_event_t *wev) } if (!wev->timer_set) { - ahcf = ngx_imap_get_module_srv_conf(s, ngx_imap_auth_http_module); + ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); ngx_add_timer(wev, ahcf->timeout); } } static void -ngx_imap_auth_http_read_handler(ngx_event_t *rev) +ngx_mail_auth_http_read_handler(ngx_event_t *rev) { ssize_t n, size; ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_auth_http_ctx_t *ctx; + ngx_mail_session_t *s; + ngx_mail_auth_http_ctx_t *ctx; c = rev->data; s = c->data; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap auth http read handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail auth http read handler"); - ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module); + ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); if (rev->timedout) { ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, "auth http server %V timed out", ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -307,7 +310,7 @@ ngx_imap_auth_http_read_handler(ngx_event_t *rev) if (ctx->response == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } } @@ -329,13 +332,13 @@ ngx_imap_auth_http_read_handler(ngx_event_t *rev) ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); } static void -ngx_imap_auth_http_ignore_status_line(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx) +ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx) { u_char *p, ch; enum { @@ -348,8 +351,8 @@ ngx_imap_auth_http_ignore_status_line(ngx_imap_session_t *s, sw_almost_done } state; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "imap auth http process status line"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth http process status line"); state = ctx->state; @@ -417,7 +420,7 @@ ngx_imap_auth_http_ignore_status_line(ngx_imap_session_t *s, ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } } @@ -435,14 +438,14 @@ done: ctx->response->pos = p + 1; ctx->state = 0; - ctx->handler = ngx_imap_auth_http_process_headers; + ctx->handler = ngx_mail_auth_http_process_headers; ctx->handler(s, ctx); } static void -ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx) +ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx) { u_char *p; time_t timer; @@ -451,11 +454,11 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, ngx_peer_addr_t *peer; struct sockaddr_in *sin; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "imap auth http process headers"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth http process headers"); for ( ;; ) { - rc = ngx_imap_auth_http_parse_header_line(s, ctx); + rc = ngx_mail_auth_http_parse_header_line(s, ctx); if (rc == NGX_OK) { @@ -468,8 +471,8 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, value.len = ctx->header_end - ctx->header_start; value.data = ctx->header_start; - ngx_log_debug2(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "auth http header: \"%V: %V\"", + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth http header: \"%V: %V\"", &key, &value); } #endif @@ -504,33 +507,46 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, ctx->errmsg.len = len; ctx->errmsg.data = ctx->header_start; - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; + break; - } else { + case NGX_MAIL_IMAP_PROTOCOL: size = s->tag.len + sizeof("NO ") - 1 + len + sizeof(CRLF) - 1; + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + ctx->err = ctx->errmsg; + continue; } p = ngx_pcalloc(s->connection->pool, size); if (p == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } ctx->err.data = p; - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { - *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: + *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; + break; - } else { + case NGX_MAIL_IMAP_PROTOCOL: p = ngx_cpymem(p, s->tag.data, s->tag.len); - *p++ = 'N'; *p++ = 'O'; - } + *p++ = 'N'; *p++ = 'O'; *p++ = ' '; + break; - *p++ = ' '; + default: /* NGX_MAIL_SMTP_PROTOCOL */ + break; + } p = ngx_cpymem(p, ctx->header_start, len); *p++ = CR; *p++ = LF; @@ -576,7 +592,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, if (s->login.data == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -597,7 +613,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, if (s->passwd.data == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -622,21 +638,70 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, continue; } + if (len == sizeof("Auth-Error-Code") - 1 + && ngx_strncasecmp(ctx->header_name_start, + (u_char *) "Auth-Error-Code", + sizeof("Auth-Error-Code") - 1) + == 0) + { + ctx->errcode.len = ctx->header_end - ctx->header_start; + + ctx->errcode.data = ngx_palloc(s->connection->pool, + ctx->errcode.len); + if (ctx->errcode.data == NULL) { + ngx_close_connection(ctx->peer.connection); + ngx_destroy_pool(ctx->pool); + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(ctx->errcode.data, ctx->header_start, + ctx->errcode.len); + + continue; + } + /* ignore other headers */ continue; } if (rc == NGX_DONE) { - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "auth http header done"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth http header done"); ngx_close_connection(ctx->peer.connection); if (ctx->err.len) { + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, "client login failed: \"%V\"", &ctx->errmsg); + if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { + + if (ctx->errcode.len == 0) { + ctx->errcode = ngx_mail_smtp_errcode; + } + + ctx->err.len = ctx->errcode.len + ctx->errmsg.len + + sizeof(" " CRLF) - 1; + + p = ngx_palloc(s->connection->pool, ctx->err.len); + if (p == NULL) { + ngx_close_connection(ctx->peer.connection); + ngx_destroy_pool(ctx->pool); + ngx_mail_session_internal_server_error(s); + return; + } + + ctx->err.data = p; + + p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); + *p++ = ' '; + p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); + *p++ = CR; *p = LF; + } + s->out = ctx->err; timer = ctx->sleep; @@ -644,13 +709,13 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, if (timer == 0) { s->quit = 1; - ngx_imap_send(s->connection->write); + ngx_mail_send(s->connection->write); return; } ngx_add_timer(s->connection->read, timer * 1000); - s->connection->read->handler = ngx_imap_auth_sleep_handler; + s->connection->read->handler = ngx_mail_auth_sleep_handler; return; } @@ -661,13 +726,13 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, ngx_destroy_pool(ctx->pool); if (timer == 0) { - ngx_imap_auth_http_init(s); + ngx_mail_auth_http_init(s); return; } ngx_add_timer(s->connection->read, timer * 1000); - s->connection->read->handler = ngx_imap_auth_sleep_handler; + s->connection->read->handler = ngx_mail_auth_sleep_handler; return; } @@ -677,30 +742,31 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, "auth http server %V did not send server or port", ctx->peer.name); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } - if (s->passwd.data == NULL) { + if (s->passwd.data == NULL && s->protocol != NGX_MAIL_SMTP_PROTOCOL) + { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V did not send password", ctx->peer.name); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_peer_addr_t)); if (peer == NULL) { ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } sin = ngx_pcalloc(s->connection->pool, sizeof(struct sockaddr_in)); if (sin == NULL) { ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -713,7 +779,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, "port:\"%V\"", ctx->peer.name, &ctx->port); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -727,7 +793,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, "address:\"%V\"", ctx->peer.name, &ctx->addr); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -741,7 +807,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, peer->name.data = ngx_palloc(s->connection->pool, len); if (peer->name.data == NULL) { ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -754,7 +820,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); ngx_destroy_pool(ctx->pool); - ngx_imap_proxy_init(s, peer); + ngx_mail_proxy_init(s, peer); return; } @@ -770,7 +836,7 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -778,13 +844,13 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, static void -ngx_imap_auth_sleep_handler(ngx_event_t *rev) +ngx_mail_auth_sleep_handler(ngx_event_t *rev) { ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_core_srv_conf_t *cscf; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, "imap auth sleep handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); c = rev->data; s = c->data; @@ -795,30 +861,39 @@ ngx_imap_auth_sleep_handler(ngx_event_t *rev) if (s->auth_wait) { s->auth_wait = 0; - ngx_imap_auth_http_init(s); + ngx_mail_auth_http_init(s); return; } - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { - s->imap_state = ngx_pop3_start; + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: + s->mail_state = ngx_pop3_start; s->connection->read->handler = ngx_pop3_auth_state; + break; - } else { - s->imap_state = ngx_imap_start; + case NGX_MAIL_IMAP_PROTOCOL: + s->mail_state = ngx_imap_start; s->connection->read->handler = ngx_imap_auth_state; + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + s->mail_state = ngx_smtp_start; + s->connection->read->handler = ngx_smtp_auth_state; + break; } - s->auth_method = NGX_IMAP_AUTH_PLAIN; + s->auth_method = NGX_MAIL_AUTH_PLAIN; c->log->action = "in auth state"; - ngx_imap_send(s->connection->write); + ngx_mail_send(s->connection->write); if (c->destroyed) { return; } - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); ngx_add_timer(rev, cscf->timeout); @@ -828,7 +903,7 @@ ngx_imap_auth_sleep_handler(ngx_event_t *rev) } if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { - ngx_imap_close_connection(s->connection); + ngx_mail_close_connection(s->connection); } return; @@ -836,15 +911,15 @@ ngx_imap_auth_sleep_handler(ngx_event_t *rev) if (rev->active) { if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { - ngx_imap_close_connection(s->connection); + ngx_mail_close_connection(s->connection); } } } static ngx_int_t -ngx_imap_auth_http_parse_header_line(ngx_imap_session_t *s, - ngx_imap_auth_http_ctx_t *ctx) +ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, + ngx_mail_auth_http_ctx_t *ctx) { u_char c, ch, *p; ngx_uint_t hash; @@ -1035,56 +1110,56 @@ header_done: static void -ngx_imap_auth_http_block_read(ngx_event_t *rev) +ngx_mail_auth_http_block_read(ngx_event_t *rev) { ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_auth_http_ctx_t *ctx; + ngx_mail_session_t *s; + ngx_mail_auth_http_ctx_t *ctx; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap auth http block read"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail auth http block read"); if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { c = rev->data; s = c->data; - ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module); + ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); } } static void -ngx_imap_auth_http_dummy_handler(ngx_event_t *ev) +ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) { - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, ev->log, 0, - "imap auth http dummy handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, + "mail auth http dummy handler"); } static ngx_buf_t * -ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, - ngx_imap_auth_http_conf_t *ahcf) +ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, + ngx_mail_auth_http_conf_t *ahcf) { size_t len; ngx_buf_t *b; ngx_str_t login, passwd; - if (ngx_imap_auth_http_escape(pool, &s->login, &login) != NGX_OK) { + if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { return NULL; } - if (ngx_imap_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { + if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { return NULL; } len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 + sizeof("Auth-Method: ") - 1 - + ngx_imap_auth_http_method[s->auth_method].len + + ngx_mail_auth_http_method[s->auth_method].len + sizeof(CRLF) - 1 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 @@ -1114,8 +1189,8 @@ ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, b->last = ngx_cpymem(b->last, "Auth-Method: ", sizeof("Auth-Method: ") - 1); b->last = ngx_cpymem(b->last, - ngx_imap_auth_http_method[s->auth_method].data, - ngx_imap_auth_http_method[s->auth_method].len); + ngx_mail_auth_http_method[s->auth_method].data, + ngx_mail_auth_http_method[s->auth_method].len); *b->last++ = CR; *b->last++ = LF; b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); @@ -1126,7 +1201,7 @@ ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, b->last = ngx_copy(b->last, passwd.data, passwd.len); *b->last++ = CR; *b->last++ = LF; - if (s->auth_method != NGX_IMAP_AUTH_PLAIN && s->salt.len) { + if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); b->last = ngx_copy(b->last, s->salt.data, s->salt.len); @@ -1135,7 +1210,7 @@ ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, b->last = ngx_cpymem(b->last, "Auth-Protocol: ", sizeof("Auth-Protocol: ") - 1); - b->last = ngx_cpymem(b->last, ngx_imap_auth_http_protocol[s->protocol], + b->last = ngx_cpymem(b->last, ngx_mail_auth_http_protocol[s->protocol], sizeof("imap") - 1); *b->last++ = CR; *b->last++ = LF; @@ -1154,14 +1229,14 @@ ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, /* add "\r\n" at the header end */ *b->last++ = CR; *b->last++ = LF; -#if (NGX_DEBUG_IMAP_PASSWD) +#if (NGX_DEBUG_MAIL_PASSWD) { ngx_str_t l; l.len = b->last - b->pos; l.data = b->pos; - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "imap auth http header:\n\"%V\"", &l); + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth http header:\n\"%V\"", &l); } #endif @@ -1170,7 +1245,7 @@ ngx_imap_auth_http_create_request(ngx_imap_session_t *s, ngx_pool_t *pool, static ngx_int_t -ngx_imap_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) +ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) { u_char ch, *p; ngx_uint_t i, n; @@ -1224,11 +1299,11 @@ ngx_imap_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) static void * -ngx_imap_auth_http_create_conf(ngx_conf_t *cf) +ngx_mail_auth_http_create_conf(ngx_conf_t *cf) { - ngx_imap_auth_http_conf_t *ahcf; + ngx_mail_auth_http_conf_t *ahcf; - ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_auth_http_conf_t)); + ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); if (ahcf == NULL) { return NGX_CONF_ERROR; } @@ -1240,10 +1315,10 @@ ngx_imap_auth_http_create_conf(ngx_conf_t *cf) static char * -ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) +ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) { - ngx_imap_auth_http_conf_t *prev = parent; - ngx_imap_auth_http_conf_t *conf = child; + ngx_mail_auth_http_conf_t *prev = parent; + ngx_mail_auth_http_conf_t *conf = child; u_char *p; size_t len; @@ -1291,9 +1366,9 @@ ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) static char * -ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { - ngx_imap_auth_http_conf_t *ahcf = conf; + ngx_mail_auth_http_conf_t *ahcf = conf; ngx_str_t *value; ngx_url_t u; @@ -1329,9 +1404,9 @@ ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) static char * -ngx_imap_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { - ngx_imap_auth_http_conf_t *ahcf = conf; + ngx_mail_auth_http_conf_t *ahcf = conf; ngx_str_t *value; ngx_table_elt_t *header; diff --git a/src/imap/ngx_imap_core_module.c b/src/mail/ngx_mail_core_module.c index 99aa9cc1d..43dcde454 100644 --- a/src/imap/ngx_imap_core_module.c +++ b/src/mail/ngx_mail_core_module.c @@ -7,24 +7,25 @@ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> -#include <ngx_imap.h> +#include <ngx_mail.h> -static void *ngx_imap_core_create_main_conf(ngx_conf_t *cf); -static void *ngx_imap_core_create_srv_conf(ngx_conf_t *cf); -static char *ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, +static void *ngx_mail_core_create_main_conf(ngx_conf_t *cf); +static void *ngx_mail_core_create_srv_conf(ngx_conf_t *cf); +static char *ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child); -static char *ngx_imap_core_server(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_mail_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static char *ngx_imap_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static char *ngx_imap_core_capability(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_mail_core_capability(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static ngx_conf_enum_t ngx_imap_core_procotol[] = { - { ngx_string("pop3"), NGX_IMAP_POP3_PROTOCOL }, - { ngx_string("imap"), NGX_IMAP_IMAP_PROTOCOL }, +static ngx_conf_enum_t ngx_mail_core_procotol[] = { + { ngx_string("pop3"), NGX_MAIL_POP3_PROTOCOL }, + { ngx_string("imap"), NGX_MAIL_IMAP_PROTOCOL }, + { ngx_string("smtp"), NGX_MAIL_SMTP_PROTOCOL }, { ngx_null_string, 0 } }; @@ -45,14 +46,30 @@ static ngx_str_t ngx_imap_default_capabilities[] = { }; -static ngx_conf_bitmask_t ngx_imap_auth_methods[] = { - { ngx_string("plain"), NGX_IMAP_AUTH_PLAIN_ENABLED }, - { ngx_string("apop"), NGX_IMAP_AUTH_APOP_ENABLED }, - { ngx_string("cram-md5"), NGX_IMAP_AUTH_CRAM_MD5_ENABLED }, +static ngx_conf_bitmask_t ngx_pop3_auth_methods[] = { + { ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED }, + { ngx_string("apop"), NGX_MAIL_AUTH_APOP_ENABLED }, + { ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED }, { ngx_null_string, 0 } }; +static ngx_conf_bitmask_t ngx_smtp_auth_methods[] = { + { ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED }, + { ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED }, + { ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED }, + { ngx_null_string, 0 } +}; + + +static ngx_str_t ngx_smtp_auth_methods_names[] = { + ngx_string("PLAIN"), + ngx_string("LOGIN"), + ngx_null_string, /* APOP */ + ngx_string("CRAM-MD5") +}; + + static ngx_str_t ngx_pop3_auth_plain_capability = ngx_string("+OK methods supported:" CRLF "LOGIN" CRLF @@ -69,96 +86,117 @@ static ngx_str_t ngx_pop3_auth_cram_md5_capability = -static ngx_command_t ngx_imap_core_commands[] = { +static ngx_command_t ngx_mail_core_commands[] = { { ngx_string("server"), - NGX_IMAP_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, - ngx_imap_core_server, + NGX_MAIL_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, + ngx_mail_core_server, 0, 0, NULL }, { ngx_string("listen"), - NGX_IMAP_SRV_CONF|NGX_CONF_TAKE12, - ngx_imap_core_listen, + NGX_MAIL_SRV_CONF|NGX_CONF_TAKE12, + ngx_mail_core_listen, 0, 0, NULL }, { ngx_string("protocol"), - NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_enum_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, protocol), - &ngx_imap_core_procotol }, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, protocol), + &ngx_mail_core_procotol }, { ngx_string("imap_client_buffer"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_size_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, imap_client_buffer_size), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, imap_client_buffer_size), NULL }, { ngx_string("so_keepalive"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_FLAG, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, so_keepalive), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, so_keepalive), NULL }, { ngx_string("timeout"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, timeout), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, timeout), NULL }, { ngx_string("pop3_capabilities"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_1MORE, - ngx_imap_core_capability, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, pop3_capabilities), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_mail_core_capability, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, pop3_capabilities), NULL }, { ngx_string("imap_capabilities"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_1MORE, - ngx_imap_core_capability, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, imap_capabilities), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_mail_core_capability, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, imap_capabilities), + NULL }, + + { ngx_string("smtp_capabilities"), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_mail_core_capability, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, smtp_capabilities), NULL }, { ngx_string("server_name"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, server_name), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, server_name), NULL }, { ngx_string("auth"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_1MORE, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, ngx_conf_set_bitmask_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_core_srv_conf_t, auth_methods), - &ngx_imap_auth_methods }, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, pop3_auth_methods), + &ngx_pop3_auth_methods }, + + { ngx_string("pop3_auth"), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_conf_set_bitmask_slot, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, pop3_auth_methods), + &ngx_pop3_auth_methods }, + + { ngx_string("smtp_auth"), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_conf_set_bitmask_slot, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, smtp_auth_methods), + &ngx_smtp_auth_methods }, ngx_null_command }; -static ngx_imap_module_t ngx_imap_core_module_ctx = { - ngx_imap_core_create_main_conf, /* create main configuration */ +static ngx_mail_module_t ngx_mail_core_module_ctx = { + ngx_mail_core_create_main_conf, /* create main configuration */ NULL, /* init main configuration */ - ngx_imap_core_create_srv_conf, /* create server configuration */ - ngx_imap_core_merge_srv_conf /* merge server configuration */ + ngx_mail_core_create_srv_conf, /* create server configuration */ + ngx_mail_core_merge_srv_conf /* merge server configuration */ }; -ngx_module_t ngx_imap_core_module = { +ngx_module_t ngx_mail_core_module = { NGX_MODULE_V1, - &ngx_imap_core_module_ctx, /* module context */ - ngx_imap_core_commands, /* module directives */ - NGX_IMAP_MODULE, /* module type */ + &ngx_mail_core_module_ctx, /* module context */ + ngx_mail_core_commands, /* module directives */ + NGX_MAIL_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ NULL, /* init process */ @@ -171,23 +209,23 @@ ngx_module_t ngx_imap_core_module = { static void * -ngx_imap_core_create_main_conf(ngx_conf_t *cf) +ngx_mail_core_create_main_conf(ngx_conf_t *cf) { - ngx_imap_core_main_conf_t *cmcf; + ngx_mail_core_main_conf_t *cmcf; - cmcf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_core_main_conf_t)); + cmcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_core_main_conf_t)); if (cmcf == NULL) { return NGX_CONF_ERROR; } if (ngx_array_init(&cmcf->servers, cf->pool, 4, - sizeof(ngx_imap_core_srv_conf_t *)) + sizeof(ngx_mail_core_srv_conf_t *)) != NGX_OK) { return NGX_CONF_ERROR; } - if (ngx_array_init(&cmcf->listen, cf->pool, 4, sizeof(ngx_imap_listen_t)) + if (ngx_array_init(&cmcf->listen, cf->pool, 4, sizeof(ngx_mail_listen_t)) != NGX_OK) { return NGX_CONF_ERROR; @@ -198,11 +236,11 @@ ngx_imap_core_create_main_conf(ngx_conf_t *cf) static void * -ngx_imap_core_create_srv_conf(ngx_conf_t *cf) +ngx_mail_core_create_srv_conf(ngx_conf_t *cf) { - ngx_imap_core_srv_conf_t *cscf; + ngx_mail_core_srv_conf_t *cscf; - cscf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_core_srv_conf_t)); + cscf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_core_srv_conf_t)); if (cscf == NULL) { return NULL; } @@ -224,32 +262,46 @@ ngx_imap_core_create_srv_conf(ngx_conf_t *cf) return NULL; } + if (ngx_array_init(&cscf->smtp_capabilities, cf->pool, 4, sizeof(ngx_str_t)) + != NGX_OK) + { + return NULL; + } + return cscf; } static char * -ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) +ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) { - ngx_imap_core_srv_conf_t *prev = parent; - ngx_imap_core_srv_conf_t *conf = child; + ngx_mail_core_srv_conf_t *prev = parent; + ngx_mail_core_srv_conf_t *conf = child; u_char *p; - size_t size; + size_t size, stls_only_size; ngx_str_t *c, *d; - ngx_uint_t i; + ngx_uint_t i, m; ngx_conf_merge_size_value(conf->imap_client_buffer_size, prev->imap_client_buffer_size, (size_t) ngx_pagesize); ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); ngx_conf_merge_uint_value(conf->protocol, prev->protocol, - NGX_IMAP_IMAP_PROTOCOL); + NGX_MAIL_IMAP_PROTOCOL); ngx_conf_merge_value(conf->so_keepalive, prev->so_keepalive, 0); - ngx_conf_merge_bitmask_value(conf->auth_methods, prev->auth_methods, - (NGX_CONF_BITMASK_SET|NGX_IMAP_AUTH_PLAIN_ENABLED)); + ngx_conf_merge_bitmask_value(conf->pop3_auth_methods, + prev->pop3_auth_methods, + (NGX_CONF_BITMASK_SET + |NGX_MAIL_AUTH_PLAIN_ENABLED)); + + ngx_conf_merge_bitmask_value(conf->smtp_auth_methods, + prev->smtp_auth_methods, + (NGX_CONF_BITMASK_SET + |NGX_MAIL_AUTH_PLAIN_ENABLED + |NGX_MAIL_AUTH_LOGIN_ENABLED)); ngx_conf_merge_str_value(conf->server_name, prev->server_name, ""); @@ -291,12 +343,20 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) size = sizeof("+OK Capability list follows" CRLF) - 1 + sizeof("." CRLF) - 1; + stls_only_size = size + sizeof("STLS" CRLF) - 1; + c = conf->pop3_capabilities.elts; for (i = 0; i < conf->pop3_capabilities.nelts; i++) { size += c[i].len + sizeof(CRLF) - 1; + + if (ngx_strcasecmp(c[i].data, (u_char *) "USER") == 0) { + continue; + } + + stls_only_size += c[i].len + sizeof(CRLF) - 1; } - if (conf->auth_methods & NGX_IMAP_AUTH_CRAM_MD5_ENABLED) { + if (conf->pop3_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED) { size += sizeof("SASL LOGIN PLAIN CRAM-MD5" CRLF) - 1; } else { @@ -319,7 +379,7 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) *p++ = CR; *p++ = LF; } - if (conf->auth_methods & NGX_IMAP_AUTH_CRAM_MD5_ENABLED) { + if (conf->pop3_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED) { p = ngx_cpymem(p, "SASL LOGIN PLAIN CRAM-MD5" CRLF, sizeof("SASL LOGIN PLAIN CRAM-MD5" CRLF) - 1); @@ -348,7 +408,7 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) *p++ = '.'; *p++ = CR; *p = LF; - if (conf->auth_methods & NGX_IMAP_AUTH_CRAM_MD5_ENABLED) { + if (conf->pop3_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED) { conf->pop3_auth_capability = ngx_pop3_auth_cram_md5_capability; } else { @@ -356,6 +416,30 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) } + p = ngx_palloc(cf->pool, stls_only_size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->pop3_starttls_only_capability.len = stls_only_size; + conf->pop3_starttls_only_capability.data = p; + + p = ngx_cpymem(p, "+OK Capability list follows" CRLF, + sizeof("+OK Capability list follows" CRLF) - 1); + + for (i = 0; i < conf->pop3_capabilities.nelts; i++) { + if (ngx_strcasecmp(c[i].data, (u_char *) "USER") == 0) { + continue; + } + + p = ngx_cpymem(p, c[i].data, c[i].len); + *p++ = CR; *p++ = LF; + } + + p = ngx_cpymem(p, "STLS" CRLF, sizeof("STLS" CRLF) - 1); + *p++ = '.'; *p++ = CR; *p = LF; + + if (conf->imap_capabilities.nelts == 0) { conf->imap_capabilities = prev->imap_capabilities; } @@ -372,7 +456,7 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) } } - size = sizeof("* CAPABILITY") - 1 + sizeof(CRLF) - 1; + size = sizeof("* CAPABILITY" CRLF) - 1; c = conf->imap_capabilities.elts; for (i = 0; i < conf->imap_capabilities.nelts; i++) { @@ -429,40 +513,125 @@ ngx_imap_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) *p++ = CR; *p = LF; + size = sizeof("220 ESMTP ready" CRLF) - 1 + conf->server_name.len; + + p = ngx_palloc(cf->pool, size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->smtp_greeting.len = size; + conf->smtp_greeting.data = p; + + *p++ = '2'; *p++ = '2'; *p++ = '0'; *p++ = ' '; + p = ngx_cpymem(p, conf->server_name.data, conf->server_name.len); + ngx_memcpy(p, " ESMTP ready" CRLF, sizeof(" ESMTP ready" CRLF) - 1); + + + size = sizeof("250 " CRLF) - 1 + conf->server_name.len; + + p = ngx_palloc(cf->pool, size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->smtp_server_name.len = size; + conf->smtp_server_name.data = p; + + *p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = ' '; + p = ngx_cpymem(p, conf->server_name.data, conf->server_name.len); + *p++ = CR; *p = LF; + + + if (conf->smtp_capabilities.nelts == 0) { + conf->smtp_capabilities = prev->smtp_capabilities; + } + + size = sizeof("250-") - 1 + conf->server_name.len + sizeof(CRLF) - 1 + + sizeof("250 AUTH") - 1 + sizeof(CRLF) - 1; + + c = conf->smtp_capabilities.elts; + for (i = 0; i < conf->smtp_capabilities.nelts; i++) { + size += sizeof("250 ") - 1 + c[i].len + sizeof(CRLF) - 1; + } + + for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0; + m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED; + m <<= 1, i++) + { + if (m & conf->smtp_auth_methods) { + size += 1 + ngx_smtp_auth_methods_names[i].len; + } + } + + p = ngx_palloc(cf->pool, size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->smtp_capability.len = size; + conf->smtp_capability.data = p; + + *p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = '-'; + p = ngx_cpymem(p, conf->server_name.data, conf->server_name.len); + *p++ = CR; *p++ = LF; + + for (i = 0; i < conf->smtp_capabilities.nelts; i++) { + *p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = '-'; + p = ngx_cpymem(p, c[i].data, c[i].len); + *p++ = CR; *p++ = LF; + } + + *p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = ' '; + *p++ = 'A'; *p++ = 'U'; *p++ = 'T'; *p++ = 'H'; + + for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0; + m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED; + m <<= 1, i++) + { + if (m & conf->smtp_auth_methods) { + *p++ = ' '; + p = ngx_cpymem(p, ngx_smtp_auth_methods_names[i].data, + ngx_smtp_auth_methods_names[i].len); + } + } + + *p++ = CR; *p = LF; + return NGX_CONF_OK; } static char * -ngx_imap_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { char *rv; void *mconf; ngx_uint_t m; ngx_conf_t pcf; - ngx_imap_module_t *module; - ngx_imap_conf_ctx_t *ctx, *imap_ctx; - ngx_imap_core_srv_conf_t *cscf, **cscfp; - ngx_imap_core_main_conf_t *cmcf; + ngx_mail_module_t *module; + ngx_mail_conf_ctx_t *ctx, *mail_ctx; + ngx_mail_core_srv_conf_t *cscf, **cscfp; + ngx_mail_core_main_conf_t *cmcf; - ctx = ngx_pcalloc(cf->pool, sizeof(ngx_imap_conf_ctx_t)); + ctx = ngx_pcalloc(cf->pool, sizeof(ngx_mail_conf_ctx_t)); if (ctx == NULL) { return NGX_CONF_ERROR; } - imap_ctx = cf->ctx; - ctx->main_conf = imap_ctx->main_conf; + mail_ctx = cf->ctx; + ctx->main_conf = mail_ctx->main_conf; /* the server{}'s srv_conf */ - ctx->srv_conf = ngx_pcalloc(cf->pool, sizeof(void *) * ngx_imap_max_module); + ctx->srv_conf = ngx_pcalloc(cf->pool, sizeof(void *) * ngx_mail_max_module); if (ctx->srv_conf == NULL) { return NGX_CONF_ERROR; } for (m = 0; ngx_modules[m]; m++) { - if (ngx_modules[m]->type != NGX_IMAP_MODULE) { + if (ngx_modules[m]->type != NGX_MAIL_MODULE) { continue; } @@ -480,10 +649,10 @@ ngx_imap_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) /* the server configuration context */ - cscf = ctx->srv_conf[ngx_imap_core_module.ctx_index]; + cscf = ctx->srv_conf[ngx_mail_core_module.ctx_index]; cscf->ctx = ctx; - cmcf = ctx->main_conf[ngx_imap_core_module.ctx_index]; + cmcf = ctx->main_conf[ngx_mail_core_module.ctx_index]; cscfp = ngx_array_push(&cmcf->servers); if (cscfp == NULL) { @@ -497,7 +666,7 @@ ngx_imap_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) pcf = *cf; cf->ctx = ctx; - cf->cmd_type = NGX_IMAP_SRV_CONF; + cf->cmd_type = NGX_MAIL_SRV_CONF; rv = ngx_conf_parse(cf, NULL); @@ -510,13 +679,13 @@ ngx_imap_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) /* AF_INET only */ static char * -ngx_imap_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { ngx_str_t *value; ngx_url_t u; ngx_uint_t i; - ngx_imap_listen_t *imls; - ngx_imap_core_main_conf_t *cmcf; + ngx_mail_listen_t *imls; + ngx_mail_core_main_conf_t *cmcf; value = cf->args->elts; @@ -535,7 +704,7 @@ ngx_imap_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) return NGX_CONF_ERROR; } - cmcf = ngx_imap_conf_get_module_main_conf(cf, ngx_imap_core_module); + cmcf = ngx_mail_conf_get_module_main_conf(cf, ngx_mail_core_module); imls = cmcf->listen.elts; @@ -555,7 +724,7 @@ ngx_imap_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) return NGX_CONF_ERROR; } - ngx_memzero(imls, sizeof(ngx_imap_listen_t)); + ngx_memzero(imls, sizeof(ngx_mail_listen_t)); imls->addr = u.addr.in_addr; imls->port = u.port; @@ -578,7 +747,7 @@ ngx_imap_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) static char * -ngx_imap_core_capability(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_core_capability(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { char *p = conf; diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c new file mode 100644 index 000000000..418d1444e --- /dev/null +++ b/src/mail/ngx_mail_handler.c @@ -0,0 +1,1838 @@ + +/* + * Copyright (C) Igor Sysoev + */ + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_event.h> +#include <ngx_mail.h> + + +static void ngx_mail_init_session(ngx_connection_t *c); +static void ngx_mail_init_protocol(ngx_event_t *rev); +static ngx_int_t ngx_mail_decode_auth_plain(ngx_mail_session_t *s, + ngx_str_t *encoded); +static void ngx_mail_do_auth(ngx_mail_session_t *s); +static ngx_int_t ngx_mail_read_command(ngx_mail_session_t *s); +static u_char *ngx_mail_log_error(ngx_log_t *log, u_char *buf, size_t len); + +#if (NGX_MAIL_SSL) +static void ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c); +static void ngx_mail_ssl_handshake_handler(ngx_connection_t *c); +#endif + + +static ngx_str_t greetings[] = { + ngx_string("+OK POP3 ready" CRLF), + ngx_string("* OK IMAP4 ready" CRLF) + /* SMTP greeting */ +}; + +static ngx_str_t internal_server_errors[] = { + ngx_string("-ERR internal server error" CRLF), + ngx_string("* BAD internal server error" CRLF), + ngx_string("451 4.3.2 Internal server error" CRLF), +}; + +static u_char pop3_ok[] = "+OK" CRLF; +static u_char pop3_next[] = "+ " CRLF; +static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF; +static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF; +static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF; + +static u_char imap_star[] = "* "; +static u_char imap_ok[] = "OK completed" CRLF; +static u_char imap_next[] = "+ OK" CRLF; +static u_char imap_bye[] = "* BYE" CRLF; +static u_char imap_invalid_command[] = "BAD invalid command" CRLF; + +static u_char smtp_ok[] = "250 2.0.0 OK" CRLF; +static u_char smtp_bye[] = "221 2.0.0 Bye" CRLF; +static u_char smtp_next[] = "334 " CRLF; +static u_char smtp_username[] = "334 VXNlcm5hbWU6" CRLF; +static u_char smtp_password[] = "334 UGFzc3dvcmQ6" CRLF; +static u_char smtp_invalid_command[] = "500 5.5.1 Invalid command" CRLF; +static u_char smtp_invalid_argument[] = "501 5.5.4 Invalid argument" CRLF; +static u_char smtp_auth_required[] = "530 5.7.1 Authentication required" CRLF; + + +void +ngx_mail_init_connection(ngx_connection_t *c) +{ + in_addr_t in_addr; + socklen_t len; + ngx_uint_t i; + struct sockaddr_in sin; + ngx_mail_log_ctx_t *ctx; + ngx_mail_in_port_t *imip; + ngx_mail_in_addr_t *imia; + ngx_mail_session_t *s; +#if (NGX_MAIL_SSL) + ngx_mail_ssl_conf_t *sslcf; +#endif + + + /* find the server configuration for the address:port */ + + /* AF_INET only */ + + imip = c->listening->servers; + imia = imip->addrs; + + i = 0; + + if (imip->naddrs > 1) { + + /* + * There are several addresses on this port and one of them + * is the "*:port" wildcard so getsockname() is needed to determine + * the server address. + * + * AcceptEx() already gave this address. + */ + +#if (NGX_WIN32) + if (c->local_sockaddr) { + in_addr = + ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr; + + } else +#endif + { + len = sizeof(struct sockaddr_in); + if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) { + ngx_connection_error(c, ngx_socket_errno, + "getsockname() failed"); + ngx_mail_close_connection(c); + return; + } + + in_addr = sin.sin_addr.s_addr; + } + + /* the last address is "*" */ + + for ( /* void */ ; i < imip->naddrs - 1; i++) { + if (in_addr == imia[i].addr) { + break; + } + } + } + + + s = ngx_pcalloc(c->pool, sizeof(ngx_mail_session_t)); + if (s == NULL) { + ngx_mail_close_connection(c); + return; + } + + s->main_conf = imia[i].ctx->main_conf; + s->srv_conf = imia[i].ctx->srv_conf; + + s->addr_text = &imia[i].addr_text; + + c->data = s; + s->connection = c; + + ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V", + c->number, &c->addr_text, s->addr_text); + + ctx = ngx_palloc(c->pool, sizeof(ngx_mail_log_ctx_t)); + if (ctx == NULL) { + ngx_mail_close_connection(c); + return; + } + + ctx->client = &c->addr_text; + ctx->session = s; + + c->log->connection = c->number; + c->log->handler = ngx_mail_log_error; + c->log->data = ctx; + c->log->action = "sending client greeting line"; + + c->log_error = NGX_ERROR_INFO; + +#if (NGX_MAIL_SSL) + + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + if (sslcf->enable) { + ngx_mail_ssl_init_connection(&sslcf->ssl, c); + return; + } + +#endif + + ngx_mail_init_session(c); +} + + +#if (NGX_MAIL_SSL) + +static void +ngx_mail_starttls_handler(ngx_event_t *rev) +{ + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_ssl_conf_t *sslcf; + + c = rev->data; + s = c->data; + s->starttls = 1; + + c->log->action = "in starttls state"; + + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + ngx_mail_ssl_init_connection(&sslcf->ssl, c); +} + + +static void +ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) +{ + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; + + if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { + ngx_mail_close_connection(c); + return; + } + + if (ngx_ssl_handshake(c) == NGX_AGAIN) { + + s = c->data; + + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + ngx_add_timer(c->read, cscf->timeout); + + c->ssl->handler = ngx_mail_ssl_handshake_handler; + + return; + } + + ngx_mail_ssl_handshake_handler(c); +} + + +static void +ngx_mail_ssl_handshake_handler(ngx_connection_t *c) +{ + ngx_mail_session_t *s; + + if (c->ssl->handshaked) { + + s = c->data; + + if (s->starttls) { + c->read->handler = ngx_mail_init_protocol; + c->write->handler = ngx_mail_send; + + ngx_mail_init_protocol(c->read); + + return; + } + + ngx_mail_init_session(c); + return; + } + + ngx_mail_close_connection(c); +} + +#endif + + +static void +ngx_mail_init_session(ngx_connection_t *c) +{ + u_char *p; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; + + c->read->handler = ngx_mail_init_protocol; + c->write->handler = ngx_mail_send; + + s = c->data; + + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + s->protocol = cscf->protocol; + + s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_mail_max_module); + if (s->ctx == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { + s->out = cscf->smtp_greeting; + + } else { + s->out = greetings[s->protocol]; + } + + if ((s->protocol == NGX_MAIL_POP3_PROTOCOL + && (cscf->pop3_auth_methods + & (NGX_MAIL_AUTH_APOP_ENABLED|NGX_MAIL_AUTH_CRAM_MD5_ENABLED))) + + || (s->protocol == NGX_MAIL_SMTP_PROTOCOL + && (cscf->smtp_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED))) + { + s->salt.data = ngx_palloc(c->pool, + sizeof(" <18446744073709551616.@>" CRLF) - 1 + + NGX_TIME_T_LEN + + cscf->server_name.len); + if (s->salt.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF, + ngx_random(), ngx_time(), &cscf->server_name) + - s->salt.data; + + if (s->protocol == NGX_MAIL_POP3_PROTOCOL) { + s->out.data = ngx_palloc(c->pool, + greetings[0].len + 1 + s->salt.len); + if (s->out.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + p = ngx_cpymem(s->out.data, + greetings[0].data, greetings[0].len - 2); + *p++ = ' '; + p = ngx_cpymem(p, s->salt.data, s->salt.len); + + s->out.len = p - s->out.data; + } + } + + ngx_add_timer(c->read, cscf->timeout); + + if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { + ngx_mail_close_connection(c); + } + + ngx_mail_send(c->write); +} + + +void +ngx_mail_send(ngx_event_t *wev) +{ + ngx_int_t n; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; + + c = wev->data; + s = c->data; + + if (wev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + c->timedout = 1; + ngx_mail_close_connection(c); + return; + } + + if (s->out.len == 0) { + if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { + ngx_mail_close_connection(c); + } + + return; + } + + n = c->send(c, s->out.data, s->out.len); + + if (n > 0) { + s->out.len -= n; + + if (wev->timer_set) { + ngx_del_timer(wev); + } + + if (s->quit) { + ngx_mail_close_connection(c); + return; + } + + if (s->blocked) { + c->read->handler(c->read); + } + + return; + } + + if (n == NGX_ERROR) { + ngx_mail_close_connection(c); + return; + } + + /* n == NGX_AGAIN */ + + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + ngx_add_timer(c->write, cscf->timeout); + + if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { + ngx_mail_close_connection(c); + return; + } +} + + +static void +ngx_mail_init_protocol(ngx_event_t *rev) +{ + size_t size; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; + + c = rev->data; + + c->log->action = "in auth state"; + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + c->timedout = 1; + ngx_mail_close_connection(c); + return; + } + + s = c->data; + + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: + size = 128; + s->mail_state = ngx_pop3_start; + c->read->handler = ngx_pop3_auth_state; + break; + + case NGX_MAIL_IMAP_PROTOCOL: + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + size = cscf->imap_client_buffer_size; + s->mail_state = ngx_imap_start; + c->read->handler = ngx_imap_auth_state; + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + size = 512; + s->mail_state = ngx_smtp_start; + c->read->handler = ngx_smtp_auth_state; + break; + } + + if (s->buffer == NULL) { + if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t)) + == NGX_ERROR) + { + ngx_mail_session_internal_server_error(s); + return; + } + + s->buffer = ngx_create_temp_buf(c->pool, size); + if (s->buffer == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + } + + c->read->handler(rev); +} + + +void +ngx_pop3_auth_state(ngx_event_t *rev) +{ + u_char *p, *last, *text; + ssize_t size; + ngx_int_t rc; + ngx_str_t *arg, salt; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; +#if (NGX_MAIL_SSL) + ngx_mail_ssl_conf_t *sslcf; +#endif + + c = rev->data; + s = c->data; + + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 auth state"); + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + c->timedout = 1; + ngx_mail_close_connection(c); + return; + } + + if (s->out.len) { + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 send handler busy"); + s->blocked = 1; + return; + } + + s->blocked = 0; + + rc = ngx_mail_read_command(s); + + if (rc == NGX_AGAIN || rc == NGX_ERROR) { + return; + } + + text = pop3_ok; + size = sizeof(pop3_ok) - 1; + + if (rc == NGX_OK) { + switch (s->mail_state) { + + case ngx_pop3_start: + + switch (s->command) { + + case NGX_POP3_USER: + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + } +#endif + + if (s->args.nelts == 1) { + s->mail_state = ngx_pop3_user; + + arg = s->args.elts; + s->login.len = arg[0].len; + s->login.data = ngx_palloc(c->pool, s->login.len); + if (s->login.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->login.data, arg[0].data, s->login.len); + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 login: \"%V\"", &s->login); + + break; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_POP3_CAPA: + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) { + size = cscf->pop3_starttls_capability.len; + text = cscf->pop3_starttls_capability.data; + break; + } + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + size = cscf->pop3_starttls_only_capability.len; + text = cscf->pop3_starttls_only_capability.data; + break; + } + } +#endif + + size = cscf->pop3_capability.len; + text = cscf->pop3_capability.data; + break; + + case NGX_POP3_APOP: + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + } +#endif + + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + if ((cscf->pop3_auth_methods & NGX_MAIL_AUTH_APOP_ENABLED) + && s->args.nelts == 2) + { + arg = s->args.elts; + + s->login.len = arg[0].len; + s->login.data = ngx_palloc(c->pool, s->login.len); + if (s->login.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->login.data, arg[0].data, s->login.len); + + s->passwd.len = arg[1].len; + s->passwd.data = ngx_palloc(c->pool, s->passwd.len); + if (s->passwd.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len); + + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 apop: \"%V\" \"%V\"", + &s->login, &s->passwd); + + s->auth_method = NGX_MAIL_AUTH_APOP; + + ngx_mail_do_auth(s); + return; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_POP3_AUTH: + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + } +#endif + + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + if (s->args.nelts == 0) { + size = cscf->pop3_auth_capability.len; + text = cscf->pop3_auth_capability.data; + s->state = 0; + break; + } + + arg = s->args.elts; + + if (arg[0].len == 5) { + + if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) + == 0) + { + + if (s->args.nelts != 1) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + s->mail_state = ngx_pop3_auth_login_username; + + size = sizeof(pop3_username) - 1; + text = pop3_username; + + break; + + } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", + 5) + == 0) + { + + if (s->args.nelts == 1) { + s->mail_state = ngx_pop3_auth_plain; + + size = sizeof(pop3_next) - 1; + text = pop3_next; + + break; + } + + if (s->args.nelts == 2) { + + /* + * workaround for Eudora for Mac: it sends + * AUTH PLAIN [base64 encoded] + */ + + rc = ngx_mail_decode_auth_plain(s, &arg[1]); + + if (rc == NGX_OK) { + ngx_mail_do_auth(s); + return; + } + + if (rc == NGX_ERROR) { + ngx_mail_session_internal_server_error(s); + return; + } + + /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */ + + break; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + } else if (arg[0].len == 8 + && ngx_strncasecmp(arg[0].data, + (u_char *) "CRAM-MD5", 8) + == 0) + { + if (s->args.nelts != 1) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + s->mail_state = ngx_pop3_auth_cram_md5; + + text = ngx_palloc(c->pool, + sizeof("+ " CRLF) - 1 + + ngx_base64_encoded_length(s->salt.len)); + if (text == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + text[0] = '+'; text[1]= ' '; + salt.data = &text[2]; + s->salt.len -= 2; + + ngx_encode_base64(&salt, &s->salt); + + s->salt.len += 2; + size = 2 + salt.len; + text[size++] = CR; text[size++] = LF; + + break; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_POP3_QUIT: + s->quit = 1; + break; + + case NGX_POP3_NOOP: + break; + +#if (NGX_MAIL_SSL) + + case NGX_POP3_STLS: + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + if (sslcf->starttls) { + c->read->handler = ngx_mail_starttls_handler; + break; + } + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; +#endif + + default: + s->mail_state = ngx_pop3_start; + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + break; + + case ngx_pop3_user: + + switch (s->command) { + + case NGX_POP3_PASS: + if (s->args.nelts == 1) { + arg = s->args.elts; + s->passwd.len = arg[0].len; + s->passwd.data = ngx_palloc(c->pool, s->passwd.len); + if (s->passwd.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len); + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 passwd: \"%V\"", &s->passwd); +#endif + + ngx_mail_do_auth(s); + return; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_POP3_CAPA: + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + size = cscf->pop3_capability.len; + text = cscf->pop3_capability.data; + break; + + case NGX_POP3_QUIT: + s->quit = 1; + break; + + case NGX_POP3_NOOP: + break; + + default: + s->mail_state = ngx_pop3_start; + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + break; + + /* suppress warinings */ + case ngx_pop3_passwd: + break; + + case ngx_pop3_auth_login_username: + arg = s->args.elts; + s->mail_state = ngx_pop3_auth_login_password; + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth login username: \"%V\"", &arg[0]); + + s->login.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->login.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH LOGIN command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth login username: \"%V\"", &s->login); + + size = sizeof(pop3_password) - 1; + text = pop3_password; + + break; + + case ngx_pop3_auth_login_password: + arg = s->args.elts; + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth login password: \"%V\"", &arg[0]); +#endif + + s->passwd.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->passwd.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH LOGIN command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth login password: \"%V\"", &s->passwd); +#endif + + ngx_mail_do_auth(s); + return; + + case ngx_pop3_auth_plain: + arg = s->args.elts; + + rc = ngx_mail_decode_auth_plain(s, &arg[0]); + + if (rc == NGX_OK) { + ngx_mail_do_auth(s); + return; + } + + if (rc == NGX_ERROR) { + ngx_mail_session_internal_server_error(s); + return; + } + + /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */ + + break; + + case ngx_pop3_auth_cram_md5: + arg = s->args.elts; + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth cram-md5: \"%V\"", &arg[0]); + + s->login.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->login.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH CRAM-MD5 command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + p = s->login.data; + last = p + s->login.len; + + while (p < last) { + if (*p++ == ' ') { + s->login.len = p - s->login.data - 1; + s->passwd.len = last - p; + s->passwd.data = p; + break; + } + } + + if (s->passwd.len != 32) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid CRAM-MD5 hash " + "in AUTH CRAM-MD5 command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0, + "pop3 auth cram-md5: \"%V\" \"%V\"", + &s->login, &s->passwd); + + s->auth_method = NGX_MAIL_AUTH_CRAM_MD5; + + ngx_mail_do_auth(s); + return; + } + } + + if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) { + s->mail_state = ngx_pop3_start; + s->state = 0; + text = pop3_invalid_command; + size = sizeof(pop3_invalid_command) - 1; + } + + s->args.nelts = 0; + s->buffer->pos = s->buffer->start; + s->buffer->last = s->buffer->start; + + if (s->state) { + s->arg_start = s->buffer->start; + } + + s->out.data = text; + s->out.len = size; + + ngx_mail_send(c->write); +} + + +void +ngx_imap_auth_state(ngx_event_t *rev) +{ + u_char *p, *last, *text, *dst, *src, *end; + ssize_t text_len, last_len; + ngx_str_t *arg; + ngx_int_t rc; + ngx_uint_t tag, i; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; +#if (NGX_MAIL_SSL) + ngx_mail_ssl_conf_t *sslcf; +#endif + + c = rev->data; + s = c->data; + + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth state"); + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + c->timedout = 1; + ngx_mail_close_connection(c); + return; + } + + if (s->out.len) { + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap send handler busy"); + s->blocked = 1; + return; + } + + s->blocked = 0; + + rc = ngx_mail_read_command(s); + + if (rc == NGX_AGAIN || rc == NGX_ERROR) { + return; + } + + tag = 1; + + text = NULL; + text_len = 0; + + last = imap_ok; + last_len = sizeof(imap_ok) - 1; + + if (rc == NGX_OK) { + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth command: %i", + s->command); + + if (s->backslash) { + + arg = s->args.elts; + + for (i = 0; i < s->args.nelts; i++) { + dst = arg[i].data; + end = dst + arg[i].len; + + for (src = dst; src < end; dst++) { + *dst = *src; + if (*src++ == '\\') { + *dst = *src++; + } + } + + arg[i].len = dst - arg[i].data; + } + + s->backslash = 0; + } + + switch (s->command) { + + case NGX_IMAP_LOGIN: + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + } +#endif + + arg = s->args.elts; + + if (s->args.nelts == 2 && arg[0].len) { + + s->login.len = arg[0].len; + s->login.data = ngx_palloc(c->pool, s->login.len); + if (s->login.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->login.data, arg[0].data, s->login.len); + + s->passwd.len = arg[1].len; + s->passwd.data = ngx_palloc(c->pool, s->passwd.len); + if (s->passwd.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len); + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0, + "imap login:\"%V\" passwd:\"%V\"", + &s->login, &s->passwd); +#else + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "imap login:\"%V\"", &s->login); +#endif + + ngx_mail_do_auth(s); + return; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_IMAP_CAPABILITY: + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) { + text_len = cscf->imap_starttls_capability.len; + text = cscf->imap_starttls_capability.data; + break; + } + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + text_len = cscf->imap_starttls_only_capability.len; + text = cscf->imap_starttls_only_capability.data; + break; + } + } +#endif + + text_len = cscf->imap_capability.len; + text = cscf->imap_capability.data; + break; + + case NGX_IMAP_LOGOUT: + s->quit = 1; + text = imap_bye; + text_len = sizeof(imap_bye) - 1; + break; + + case NGX_IMAP_NOOP: + break; + +#if (NGX_MAIL_SSL) + + case NGX_IMAP_STARTTLS: + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + if (sslcf->starttls) { + c->read->handler = ngx_mail_starttls_handler; + break; + } + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; +#endif + + default: + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + } else if (rc == NGX_IMAP_NEXT) { + last = imap_next; + last_len = sizeof(imap_next) - 1; + tag = 0; + } + + if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) { + last = imap_invalid_command; + last_len = sizeof(imap_invalid_command) - 1; + } + + if (tag) { + if (s->tag.len == 0) { + s->tag.len = sizeof(imap_star) - 1; + s->tag.data = (u_char *) imap_star; + } + + if (s->tagged_line.len < s->tag.len + text_len + last_len) { + s->tagged_line.len = s->tag.len + text_len + last_len; + s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len); + if (s->tagged_line.data == NULL) { + ngx_mail_close_connection(c); + return; + } + } + + s->out.data = s->tagged_line.data; + s->out.len = s->tag.len + text_len + last_len; + + p = s->out.data; + + if (text) { + p = ngx_cpymem(p, text, text_len); + } + p = ngx_cpymem(p, s->tag.data, s->tag.len); + ngx_memcpy(p, last, last_len); + + + } else { + s->out.data = last; + s->out.len = last_len; + } + + if (rc != NGX_IMAP_NEXT) { + s->args.nelts = 0; + s->buffer->pos = s->buffer->start; + s->buffer->last = s->buffer->start; + s->tag.len = 0; + } + + ngx_mail_send(c->write); +} + + +void +ngx_smtp_auth_state(ngx_event_t *rev) +{ + u_char *p, *last, *text, ch; + ssize_t size; + ngx_int_t rc; + ngx_str_t *arg, salt, l; + ngx_uint_t i; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_core_srv_conf_t *cscf; + + c = rev->data; + s = c->data; + + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp auth state"); + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + c->timedout = 1; + ngx_mail_close_connection(c); + return; + } + + if (s->out.len) { + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp send handler busy"); + s->blocked = 1; + return; + } + + s->blocked = 0; + + rc = ngx_mail_read_command(s); + + if (rc == NGX_AGAIN || rc == NGX_ERROR) { + return; + } + + text = NULL; + size = 0; + + if (rc == NGX_OK) { + switch (s->mail_state) { + + case ngx_smtp_start: + + switch (s->command) { + + case NGX_SMTP_HELO: + case NGX_SMTP_EHLO: + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + if (s->args.nelts != 1) { + text = smtp_invalid_argument; + size = sizeof(smtp_invalid_argument) - 1; + s->state = 0; + break; + } + + arg = s->args.elts; + + s->smtp_helo.len = arg[0].len; + + s->smtp_helo.data = ngx_palloc(c->pool, arg[0].len); + if (s->smtp_helo.data == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + ngx_memcpy(s->smtp_helo.data, arg[0].data, arg[0].len); + + if (s->command == NGX_SMTP_HELO) { + size = cscf->smtp_server_name.len; + text = cscf->smtp_server_name.data; + + } else { + s->esmtp = 1; + size = cscf->smtp_capability.len; + text = cscf->smtp_capability.data; + } + + break; + + case NGX_SMTP_AUTH: + + if (s->args.nelts == 0) { + text = smtp_invalid_argument; + size = sizeof(smtp_invalid_argument) - 1; + s->state = 0; + break; + } + + arg = s->args.elts; + + if (arg[0].len == 5) { + + if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) + == 0) + { + + if (s->args.nelts != 1) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + s->mail_state = ngx_smtp_auth_login_username; + + size = sizeof(smtp_username) - 1; + text = smtp_username; + + break; + + } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", + 5) + == 0) + { + if (s->args.nelts == 1) { + s->mail_state = ngx_smtp_auth_plain; + + size = sizeof(smtp_next) - 1; + text = smtp_next; + + break; + } + + if (s->args.nelts == 2) { + + rc = ngx_mail_decode_auth_plain(s, &arg[1]); + + if (rc == NGX_OK) { + ngx_mail_do_auth(s); + return; + } + + if (rc == NGX_ERROR) { + ngx_mail_session_internal_server_error(s); + return; + } + + /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */ + + break; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + } else if (arg[0].len == 8 + && ngx_strncasecmp(arg[0].data, + (u_char *) "CRAM-MD5", 8) + == 0) + { + if (s->args.nelts != 1) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + s->mail_state = ngx_smtp_auth_cram_md5; + + text = ngx_palloc(c->pool, + sizeof("334 " CRLF) - 1 + + ngx_base64_encoded_length(s->salt.len)); + if (text == NULL) { + ngx_mail_session_internal_server_error(s); + return; + } + + text[0] = '3'; text[1]= '3'; text[2] = '4'; text[3]= ' '; + salt.data = &text[4]; + s->salt.len -= 2; + + ngx_encode_base64(&salt, &s->salt); + + s->salt.len += 2; + size = 4 + salt.len; + text[size++] = CR; text[size++] = LF; + + break; + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + + case NGX_SMTP_QUIT: + s->quit = 1; + text = smtp_bye; + size = sizeof(smtp_bye) - 1; + break; + + case NGX_SMTP_MAIL: + + if (s->connection->log->log_level >= NGX_LOG_INFO) { + l.len = s->buffer->last - s->buffer->start; + l.data = s->buffer->start; + + for (i = 0; i < l.len; i++) { + ch = l.data[i]; + + if (ch != CR && ch != LF) { + continue; + } + + l.data[i] = ' '; + } + + while (i) { + if (l.data[i - 1] != ' ') { + break; + } + + i--; + } + + l.len = i; + + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, + "client was rejected: \"%V\"", &l); + } + + text = smtp_auth_required; + size = sizeof(smtp_auth_required) - 1; + break; + + case NGX_SMTP_NOOP: + case NGX_SMTP_RSET: + text = smtp_ok; + size = sizeof(smtp_ok) - 1; + break; + } + + break; + + case ngx_smtp_auth_login_username: + arg = s->args.elts; + s->mail_state = ngx_smtp_auth_login_password; + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth login username: \"%V\"", &arg[0]); + + s->login.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->login.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH LOGIN command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth login username: \"%V\"", &s->login); + + size = sizeof(smtp_password) - 1; + text = smtp_password; + + break; + + case ngx_smtp_auth_login_password: + arg = s->args.elts; + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth login password: \"%V\"", &arg[0]); +#endif + + s->passwd.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->passwd.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH LOGIN command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth login password: \"%V\"", &s->passwd); +#endif + + ngx_mail_do_auth(s); + return; + + case ngx_smtp_auth_plain: + arg = s->args.elts; + + rc = ngx_mail_decode_auth_plain(s, &arg[0]); + + if (rc == NGX_OK) { + ngx_mail_do_auth(s); + return; + } + + if (rc == NGX_ERROR) { + ngx_mail_session_internal_server_error(s); + return; + } + + /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */ + + break; + + case ngx_smtp_auth_cram_md5: + arg = s->args.elts; + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth cram-md5: \"%V\"", &arg[0]); + + s->login.data = ngx_palloc(c->pool, + ngx_base64_decoded_length(arg[0].len)); + if (s->login.data == NULL){ + ngx_mail_session_internal_server_error(s); + return; + } + + if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid base64 encoding " + "in AUTH CRAM-MD5 command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + p = s->login.data; + last = p + s->login.len; + + while (p < last) { + if (*p++ == ' ') { + s->login.len = p - s->login.data - 1; + s->passwd.len = last - p; + s->passwd.data = p; + break; + } + } + + if (s->passwd.len != 32) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid CRAM-MD5 hash " + "in AUTH CRAM-MD5 command"); + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0, + "smtp auth cram-md5: \"%V\" \"%V\"", + &s->login, &s->passwd); + + s->auth_method = NGX_MAIL_AUTH_CRAM_MD5; + + ngx_mail_do_auth(s); + return; + } + } + + if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) { + s->mail_state = ngx_smtp_start; + s->state = 0; + text = smtp_invalid_command; + size = sizeof(smtp_invalid_command) - 1; + } + + s->args.nelts = 0; + s->buffer->pos = s->buffer->start; + s->buffer->last = s->buffer->start; + + if (s->state) { + s->arg_start = s->buffer->start; + } + + s->out.data = text; + s->out.len = size; + + ngx_mail_send(c->write); +} + + +static ngx_int_t +ngx_mail_decode_auth_plain(ngx_mail_session_t *s, ngx_str_t *encoded) +{ + u_char *p, *last; + ngx_str_t plain; + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth plain: \"%V\"", encoded); +#endif + + plain.data = ngx_palloc(s->connection->pool, + ngx_base64_decoded_length(encoded->len)); + if (plain.data == NULL){ + return NGX_ERROR; + } + + if (ngx_decode_base64(&plain, encoded) != NGX_OK) { + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, + "client sent invalid base64 encoding " + "in AUTH PLAIN command"); + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + + p = plain.data; + last = p + plain.len; + + while (p < last && *p++) { /* void */ } + + if (p == last) { + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, + "client sent invalid login in AUTH PLAIN command"); + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + + s->login.data = p; + + while (p < last && *p) { p++; } + + if (p == last) { + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, + "client sent invalid password in AUTH PLAIN command"); + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + + s->login.len = p++ - s->login.data; + + s->passwd.len = last - p; + s->passwd.data = p; + +#if (NGX_DEBUG_MAIL_PASSWD) + ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "mail auth plain: \"%V\" \"%V\"", + &s->login, &s->passwd); +#endif + + return NGX_OK; +} + + +static void +ngx_mail_do_auth(ngx_mail_session_t *s) +{ + s->args.nelts = 0; + s->buffer->pos = s->buffer->start; + s->buffer->last = s->buffer->start; + s->state = 0; + + if (s->connection->read->timer_set) { + ngx_del_timer(s->connection->read); + } + + s->login_attempt++; + + ngx_mail_auth_http_init(s); +} + + +static ngx_int_t +ngx_mail_read_command(ngx_mail_session_t *s) +{ + ssize_t n; + ngx_int_t rc; + ngx_str_t l; + + n = s->connection->recv(s->connection, s->buffer->last, + s->buffer->end - s->buffer->last); + + if (n == NGX_ERROR || n == 0) { + ngx_mail_close_connection(s->connection); + return NGX_ERROR; + } + + if (n > 0) { + s->buffer->last += n; + } + + if (n == NGX_AGAIN) { + if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) { + ngx_mail_session_internal_server_error(s); + return NGX_ERROR; + } + + return NGX_AGAIN; + } + + switch (s->protocol) { + case NGX_MAIL_POP3_PROTOCOL: + rc = ngx_pop3_parse_command(s); + break; + + case NGX_MAIL_IMAP_PROTOCOL: + rc = ngx_imap_parse_command(s); + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + rc = ngx_smtp_parse_command(s); + break; + } + + if (rc == NGX_AGAIN) { + + if (s->buffer->last < s->buffer->end) { + return rc; + } + + l.len = s->buffer->last - s->buffer->start; + l.data = s->buffer->start; + + ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, + "client sent too long command \"%V\"", &l); + + s->quit = 1; + + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + + if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) { + return rc; + } + + if (rc == NGX_ERROR) { + ngx_mail_close_connection(s->connection); + return NGX_ERROR; + } + + return NGX_OK; +} + + +void +ngx_mail_session_internal_server_error(ngx_mail_session_t *s) +{ + s->out = internal_server_errors[s->protocol]; + s->quit = 1; + + ngx_mail_send(s->connection->write); +} + + +void +ngx_mail_close_connection(ngx_connection_t *c) +{ + ngx_pool_t *pool; + + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, + "close mail connection: %d", c->fd); + +#if (NGX_MAIL_SSL) + + if (c->ssl) { + if (ngx_ssl_shutdown(c) == NGX_AGAIN) { + c->ssl->handler = ngx_mail_close_connection; + return; + } + } + +#endif + + c->destroyed = 1; + + pool = c->pool; + + ngx_close_connection(c); + + ngx_destroy_pool(pool); +} + + +static u_char * +ngx_mail_log_error(ngx_log_t *log, u_char *buf, size_t len) +{ + u_char *p; + ngx_mail_session_t *s; + ngx_mail_log_ctx_t *ctx; + + if (log->action) { + p = ngx_snprintf(buf, len, " while %s", log->action); + len -= p - buf; + buf = p; + } + + ctx = log->data; + + p = ngx_snprintf(buf, len, ", client: %V", ctx->client); + len -= p - buf; + buf = p; + + s = ctx->session; + + if (s == NULL) { + return p; + } + + p = ngx_snprintf(buf, len, ", server: %V", s->addr_text); + len -= p - buf; + buf = p; + + if (s->login.len == 0) { + return p; + } + + p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login); + len -= p - buf; + buf = p; + + if (s->proxy == NULL) { + return p; + } + + p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name); + + return p; +} diff --git a/src/imap/ngx_imap_parse.c b/src/mail/ngx_mail_parse.c index fabba26af..7bab21b57 100644 --- a/src/imap/ngx_imap_parse.c +++ b/src/mail/ngx_mail_parse.c @@ -7,10 +7,207 @@ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> -#include <ngx_imap.h> +#include <ngx_mail.h> -ngx_int_t ngx_imap_parse_command(ngx_imap_session_t *s) +ngx_int_t ngx_pop3_parse_command(ngx_mail_session_t *s) +{ + u_char ch, *p, *c, c0, c1, c2, c3; + ngx_str_t *arg; + enum { + sw_start = 0, + sw_spaces_before_argument, + sw_argument, + sw_almost_done + } state; + + state = s->state; + + for (p = s->buffer->pos; p < s->buffer->last; p++) { + ch = *p; + + switch (state) { + + /* POP3 command */ + case sw_start: + if (ch == ' ' || ch == CR || ch == LF) { + c = s->buffer->start; + + if (p - c == 4) { + + c0 = ngx_toupper(c[0]); + c1 = ngx_toupper(c[1]); + c2 = ngx_toupper(c[2]); + c3 = ngx_toupper(c[3]); + + if (c0 == 'U' && c1 == 'S' && c2 == 'E' && c3 == 'R') + { + s->command = NGX_POP3_USER; + + } else if (c0 == 'P' && c1 == 'A' && c2 == 'S' && c3 == 'S') + { + s->command = NGX_POP3_PASS; + + } else if (c0 == 'A' && c1 == 'P' && c2 == 'O' && c3 == 'P') + { + s->command = NGX_POP3_APOP; + + } else if (c0 == 'Q' && c1 == 'U' && c2 == 'I' && c3 == 'T') + { + s->command = NGX_POP3_QUIT; + + } else if (c0 == 'C' && c1 == 'A' && c2 == 'P' && c3 == 'A') + { + s->command = NGX_POP3_CAPA; + + } else if (c0 == 'A' && c1 == 'U' && c2 == 'T' && c3 == 'H') + { + s->command = NGX_POP3_AUTH; + + } else if (c0 == 'N' && c1 == 'O' && c2 == 'O' && c3 == 'P') + { + s->command = NGX_POP3_NOOP; +#if (NGX_MAIL_SSL) + } else if (c0 == 'S' && c1 == 'T' && c2 == 'L' && c3 == 'S') + { + s->command = NGX_POP3_STLS; +#endif + } else { + goto invalid; + } + + } else { + goto invalid; + } + + switch (ch) { + case ' ': + state = sw_spaces_before_argument; + break; + case CR: + state = sw_almost_done; + break; + case LF: + goto done; + } + break; + } + + if ((ch < 'A' || ch > 'Z') && (ch < 'a' || ch > 'z')) { + goto invalid; + } + + break; + + case sw_spaces_before_argument: + switch (ch) { + case ' ': + break; + case CR: + state = sw_almost_done; + s->arg_end = p; + break; + case LF: + s->arg_end = p; + goto done; + default: + if (s->args.nelts <= 2) { + state = sw_argument; + s->arg_start = p; + break; + } + goto invalid; + } + break; + + case sw_argument: + switch (ch) { + + case ' ': + + /* + * the space should be considered as part of the at username + * or password, but not of argument in other commands + */ + + if (s->command == NGX_POP3_USER + || s->command == NGX_POP3_PASS) + { + break; + } + + /* fall through */ + + case CR: + case LF: + arg = ngx_array_push(&s->args); + if (arg == NULL) { + return NGX_ERROR; + } + arg->len = p - s->arg_start; + arg->data = s->arg_start; + s->arg_start = NULL; + + switch (ch) { + case ' ': + state = sw_spaces_before_argument; + break; + case CR: + state = sw_almost_done; + break; + case LF: + goto done; + } + break; + + default: + break; + } + break; + + case sw_almost_done: + switch (ch) { + case LF: + goto done; + default: + goto invalid; + } + } + } + + s->buffer->pos = p; + s->state = state; + + return NGX_AGAIN; + +done: + + s->buffer->pos = p + 1; + + if (s->arg_start) { + arg = ngx_array_push(&s->args); + if (arg == NULL) { + return NGX_ERROR; + } + arg->len = s->arg_end - s->arg_start; + arg->data = s->arg_start; + s->arg_start = NULL; + } + + s->state = (s->command != NGX_POP3_AUTH) ? sw_start : sw_argument; + + return NGX_OK; + +invalid: + + s->state = sw_start; + s->arg_start = NULL; + + return NGX_MAIL_PARSE_INVALID_COMMAND; +} + + +ngx_int_t ngx_imap_parse_command(ngx_mail_session_t *s) { u_char ch, *p, *c; ngx_str_t *arg; @@ -46,10 +243,10 @@ ngx_int_t ngx_imap_parse_command(ngx_imap_session_t *s) break; case CR: s->state = sw_start; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; case LF: s->state = sw_start; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; } break; @@ -59,10 +256,10 @@ ngx_int_t ngx_imap_parse_command(ngx_imap_session_t *s) break; case CR: s->state = sw_start; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; case LF: s->state = sw_start; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; default: s->cmd_start = p; state = sw_command; @@ -119,7 +316,7 @@ ngx_int_t ngx_imap_parse_command(ngx_imap_session_t *s) } break; -#if (NGX_IMAP_SSL) +#if (NGX_MAIL_SSL) case 8: if ((c[0] == 'S'|| c[0] == 's') && (c[1] == 'T'|| c[1] == 't') @@ -387,11 +584,11 @@ invalid: s->no_sync_literal = 0; s->literal_len = 0; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; } -ngx_int_t ngx_pop3_parse_command(ngx_imap_session_t *s) +ngx_int_t ngx_smtp_parse_command(ngx_mail_session_t *s) { u_char ch, *p, *c, c0, c1, c2, c3; ngx_str_t *arg; @@ -409,7 +606,7 @@ ngx_int_t ngx_pop3_parse_command(ngx_imap_session_t *s) switch (state) { - /* POP3 command */ + /* SMTP command */ case sw_start: if (ch == ' ' || ch == CR || ch == LF) { c = s->buffer->start; @@ -421,38 +618,34 @@ ngx_int_t ngx_pop3_parse_command(ngx_imap_session_t *s) c2 = ngx_toupper(c[2]); c3 = ngx_toupper(c[3]); - if (c0 == 'U' && c1 == 'S' && c2 == 'E' && c3 == 'R') - { - s->command = NGX_POP3_USER; - - } else if (c0 == 'P' && c1 == 'A' && c2 == 'S' && c3 == 'S') + if (c0 == 'H' && c1 == 'E' && c2 == 'L' && c3 == 'O') { - s->command = NGX_POP3_PASS; + s->command = NGX_SMTP_HELO; - } else if (c0 == 'A' && c1 == 'P' && c2 == 'O' && c3 == 'P') + } else if (c0 == 'E' && c1 == 'H' && c2 == 'L' && c3 == 'O') { - s->command = NGX_POP3_APOP; + s->command = NGX_SMTP_EHLO; } else if (c0 == 'Q' && c1 == 'U' && c2 == 'I' && c3 == 'T') { - s->command = NGX_POP3_QUIT; - - } else if (c0 == 'C' && c1 == 'A' && c2 == 'P' && c3 == 'A') - { - s->command = NGX_POP3_CAPA; + s->command = NGX_SMTP_QUIT; } else if (c0 == 'A' && c1 == 'U' && c2 == 'T' && c3 == 'H') { - s->command = NGX_POP3_AUTH; + s->command = NGX_SMTP_AUTH; } else if (c0 == 'N' && c1 == 'O' && c2 == 'O' && c3 == 'P') { - s->command = NGX_POP3_NOOP; -#if (NGX_IMAP_SSL) - } else if (c0 == 'S' && c1 == 'T' && c2 == 'L' && c3 == 'S') + s->command = NGX_SMTP_NOOP; + + } else if (c0 == 'M' && c1 == 'A' && c2 == 'I' && c3 == 'L') { - s->command = NGX_POP3_STLS; -#endif + s->command = NGX_SMTP_MAIL; + + } else if (c0 == 'R' && c1 == 'S' && c2 == 'E' && c3 == 'T') + { + s->command = NGX_SMTP_RSET; + } else { goto invalid; } @@ -503,22 +696,7 @@ ngx_int_t ngx_pop3_parse_command(ngx_imap_session_t *s) case sw_argument: switch (ch) { - case ' ': - - /* - * the space should be considered as part of the at username - * or password, but not of argument in other commands - */ - - if (s->command == NGX_POP3_USER - || s->command == NGX_POP3_PASS) - { - break; - } - - /* fall through */ - case CR: case LF: arg = ngx_array_push(&s->args); @@ -575,7 +753,8 @@ done: s->arg_start = NULL; } - s->state = (s->command != NGX_POP3_AUTH) ? sw_start : sw_argument; + s->state = (s->command != NGX_SMTP_AUTH) ? sw_start : sw_argument; + return NGX_OK; invalid: @@ -583,5 +762,5 @@ invalid: s->state = sw_start; s->arg_start = NULL; - return NGX_IMAP_PARSE_INVALID_COMMAND; + return NGX_MAIL_PARSE_INVALID_COMMAND; } diff --git a/src/imap/ngx_imap_proxy_module.c b/src/mail/ngx_mail_proxy_module.c index e3cf72e53..03f21eb4c 100644 --- a/src/imap/ngx_imap_proxy_module.c +++ b/src/mail/ngx_mail_proxy_module.c @@ -8,80 +8,89 @@ #include <ngx_core.h> #include <ngx_event.h> #include <ngx_event_connect.h> -#include <ngx_imap.h> +#include <ngx_mail.h> typedef struct { ngx_flag_t enable; ngx_flag_t pass_error_message; + ngx_flag_t xclient; size_t buffer_size; ngx_msec_t timeout; -} ngx_imap_proxy_conf_t; +} ngx_mail_proxy_conf_t; -static void ngx_imap_proxy_block_read(ngx_event_t *rev); -static void ngx_imap_proxy_imap_handler(ngx_event_t *rev); -static void ngx_imap_proxy_pop3_handler(ngx_event_t *rev); -static void ngx_imap_proxy_dummy_handler(ngx_event_t *ev); -static ngx_int_t ngx_imap_proxy_read_response(ngx_imap_session_t *s, +static void ngx_mail_proxy_block_read(ngx_event_t *rev); +static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev); +static void ngx_mail_proxy_imap_handler(ngx_event_t *rev); +static void ngx_mail_proxy_smtp_handler(ngx_event_t *rev); +static void ngx_mail_proxy_dummy_handler(ngx_event_t *ev); +static ngx_int_t ngx_mail_proxy_read_response(ngx_mail_session_t *s, ngx_uint_t state); -static void ngx_imap_proxy_handler(ngx_event_t *ev); -static void ngx_imap_proxy_upstream_error(ngx_imap_session_t *s); -static void ngx_imap_proxy_internal_server_error(ngx_imap_session_t *s); -static void ngx_imap_proxy_close_session(ngx_imap_session_t *s); -static void *ngx_imap_proxy_create_conf(ngx_conf_t *cf); -static char *ngx_imap_proxy_merge_conf(ngx_conf_t *cf, void *parent, +static void ngx_mail_proxy_handler(ngx_event_t *ev); +static void ngx_mail_proxy_upstream_error(ngx_mail_session_t *s); +static void ngx_mail_proxy_internal_server_error(ngx_mail_session_t *s); +static void ngx_mail_proxy_close_session(ngx_mail_session_t *s); +static void *ngx_mail_proxy_create_conf(ngx_conf_t *cf); +static char *ngx_mail_proxy_merge_conf(ngx_conf_t *cf, void *parent, void *child); -static ngx_command_t ngx_imap_proxy_commands[] = { +static ngx_command_t ngx_mail_proxy_commands[] = { { ngx_string("proxy"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_FLAG, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_proxy_conf_t, enable), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_proxy_conf_t, enable), NULL }, { ngx_string("proxy_buffer"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_size_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_proxy_conf_t, buffer_size), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_proxy_conf_t, buffer_size), NULL }, { ngx_string("proxy_timeout"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_proxy_conf_t, timeout), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_proxy_conf_t, timeout), NULL }, { ngx_string("proxy_pass_error_message"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_flag_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_proxy_conf_t, pass_error_message), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_proxy_conf_t, pass_error_message), + NULL }, + + { ngx_string("xclient"), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, + ngx_conf_set_flag_slot, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_proxy_conf_t, xclient), NULL }, ngx_null_command }; -static ngx_imap_module_t ngx_imap_proxy_module_ctx = { +static ngx_mail_module_t ngx_mail_proxy_module_ctx = { NULL, /* create main configuration */ NULL, /* init main configuration */ - ngx_imap_proxy_create_conf, /* create server configuration */ - ngx_imap_proxy_merge_conf /* merge server configuration */ + ngx_mail_proxy_create_conf, /* create server configuration */ + ngx_mail_proxy_merge_conf /* merge server configuration */ }; -ngx_module_t ngx_imap_proxy_module = { +ngx_module_t ngx_mail_proxy_module = { NGX_MODULE_V1, - &ngx_imap_proxy_module_ctx, /* module context */ - ngx_imap_proxy_commands, /* module directives */ - NGX_IMAP_MODULE, /* module type */ + &ngx_mail_proxy_module_ctx, /* module context */ + ngx_mail_proxy_commands, /* module directives */ + NGX_MAIL_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ NULL, /* init process */ @@ -93,17 +102,21 @@ ngx_module_t ngx_imap_proxy_module = { }; +static u_char smtp_ok[] = "235 2.0.0 OK" CRLF; + + void -ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peer_addr_t *peer) +ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_peer_addr_t *peer) { int keepalive; ngx_int_t rc; - ngx_imap_proxy_ctx_t *p; - ngx_imap_core_srv_conf_t *cscf; + ngx_mail_proxy_ctx_t *p; + ngx_mail_proxy_conf_t *pcf; + ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; - cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; @@ -117,9 +130,9 @@ ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peer_addr_t *peer) } } - p = ngx_pcalloc(s->connection->pool, sizeof(ngx_imap_proxy_ctx_t)); + p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } @@ -135,7 +148,7 @@ ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peer_addr_t *peer) rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } @@ -144,49 +157,67 @@ ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peer_addr_t *peer) p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; - s->connection->read->handler = ngx_imap_proxy_block_read; - p->upstream.connection->write->handler = ngx_imap_proxy_dummy_handler; + s->connection->read->handler = ngx_mail_proxy_block_read; + p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { - p->upstream.connection->read->handler = ngx_imap_proxy_pop3_handler; - s->imap_state = ngx_pop3_start; + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); - } else { - p->upstream.connection->read->handler = ngx_imap_proxy_imap_handler; - s->imap_state = ngx_imap_start; + s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, + pcf->buffer_size); + if (s->proxy->buffer == NULL) { + ngx_mail_proxy_internal_server_error(s); + return; + } + + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: + p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; + s->mail_state = ngx_pop3_start; + break; + + case NGX_MAIL_IMAP_PROTOCOL: + p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; + s->mail_state = ngx_imap_start; + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; + s->mail_state = ngx_smtp_start; + break; } } static void -ngx_imap_proxy_block_read(ngx_event_t *rev) +ngx_mail_proxy_block_read(ngx_event_t *rev) { ngx_connection_t *c; - ngx_imap_session_t *s; + ngx_mail_session_t *s; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, "imap proxy block read"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy block read"); if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { c = rev->data; s = c->data; - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); } } static void -ngx_imap_proxy_imap_handler(ngx_event_t *rev) +ngx_mail_proxy_pop3_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_proxy_conf_t *pcf; + ngx_mail_session_t *s; + ngx_mail_proxy_conf_t *pcf; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap proxy imap auth handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy pop3 auth handler"); c = rev->data; s = c->data; @@ -195,36 +226,140 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } - if (s->proxy->buffer == NULL) { - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); + rc = ngx_mail_proxy_read_response(s, 0); + + if (rc == NGX_AGAIN) { + return; + } + + if (rc == NGX_ERROR) { + ngx_mail_proxy_upstream_error(s); + return; + } + + switch (s->mail_state) { + + case ngx_pop3_start: + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); + + s->connection->log->action = "sending user name to upstream"; + + line.len = sizeof("USER ") - 1 + s->login.len + 2; + line.data = ngx_palloc(c->pool, line.len); + if (line.data == NULL) { + ngx_mail_proxy_internal_server_error(s); + return; + } + + p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); + p = ngx_cpymem(p, s->login.data, s->login.len); + *p++ = CR; *p = LF; + + s->mail_state = ngx_pop3_user; + break; - s->proxy->buffer = ngx_create_temp_buf(c->pool, pcf->buffer_size); - if (s->proxy->buffer == NULL) { - ngx_imap_proxy_internal_server_error(s); + case ngx_pop3_user: + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass"); + + s->connection->log->action = "sending password to upstream"; + + line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; + line.data = ngx_palloc(c->pool, line.len); + if (line.data == NULL) { + ngx_mail_proxy_internal_server_error(s); return; } + + p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); + p = ngx_cpymem(p, s->passwd.data, s->passwd.len); + *p++ = CR; *p = LF; + + s->mail_state = ngx_pop3_passwd; + break; + + case ngx_pop3_passwd: + s->connection->read->handler = ngx_mail_proxy_handler; + s->connection->write->handler = ngx_mail_proxy_handler; + rev->handler = ngx_mail_proxy_handler; + c->write->handler = ngx_mail_proxy_handler; + + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); + ngx_add_timer(s->connection->read, pcf->timeout); + ngx_del_timer(c->read); + + c->log->action = NULL; + ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); + + ngx_mail_proxy_handler(s->connection->write); + + return; + + default: +#if (NGX_SUPPRESS_WARN) + line.len = 0; + line.data = NULL; +#endif + break; } - rc = ngx_imap_proxy_read_response(s, s->imap_state); + if (c->send(c, line.data, line.len) < (ssize_t) line.len) { + /* + * we treat the incomplete sending as NGX_ERROR + * because it is very strange here + */ + ngx_mail_proxy_internal_server_error(s); + return; + } + + s->proxy->buffer->pos = s->proxy->buffer->start; + s->proxy->buffer->last = s->proxy->buffer->start; +} + + +static void +ngx_mail_proxy_imap_handler(ngx_event_t *rev) +{ + u_char *p; + ngx_int_t rc; + ngx_str_t line; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_proxy_conf_t *pcf; + + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy imap auth handler"); + + c = rev->data; + s = c->data; + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, + "upstream timed out"); + c->timedout = 1; + ngx_mail_proxy_internal_server_error(s); + return; + } + + rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { - ngx_imap_proxy_upstream_error(s); + ngx_mail_proxy_upstream_error(s); return; } - switch (s->imap_state) { + switch (s->mail_state) { case ngx_imap_start: - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap proxy send login"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy send login"); s->connection->log->action = "sending LOGIN command to upstream"; @@ -232,7 +367,7 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_palloc(c->pool, line.len); if (line.data == NULL) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } @@ -240,18 +375,18 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) &s->tag, s->login.len) - line.data; - s->imap_state = ngx_imap_login; + s->mail_state = ngx_imap_login; break; case ngx_imap_login: - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, "imap proxy send user"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = s->login.len + 1 + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_palloc(c->pool, line.len); if (line.data == NULL) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } @@ -259,42 +394,42 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) &s->login, s->passwd.len) - line.data; - s->imap_state = ngx_imap_user; + s->mail_state = ngx_imap_user; break; case ngx_imap_user: - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap proxy send passwd"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy send passwd"); s->connection->log->action = "sending password to upstream"; line.len = s->passwd.len + 2; line.data = ngx_palloc(c->pool, line.len); if (line.data == NULL) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; - s->imap_state = ngx_imap_passwd; + s->mail_state = ngx_imap_passwd; break; case ngx_imap_passwd: - s->connection->read->handler = ngx_imap_proxy_handler; - s->connection->write->handler = ngx_imap_proxy_handler; - rev->handler = ngx_imap_proxy_handler; - c->write->handler = ngx_imap_proxy_handler; + s->connection->read->handler = ngx_mail_proxy_handler; + s->connection->write->handler = ngx_mail_proxy_handler; + rev->handler = ngx_mail_proxy_handler; + c->write->handler = ngx_mail_proxy_handler; - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); - ngx_imap_proxy_handler(s->connection->write); + ngx_mail_proxy_handler(s->connection->write); return; @@ -311,7 +446,7 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } @@ -321,17 +456,18 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) static void -ngx_imap_proxy_pop3_handler(ngx_event_t *rev) +ngx_mail_proxy_smtp_handler(ngx_event_t *rev) { - u_char *p; - ngx_int_t rc; - ngx_str_t line; - ngx_connection_t *c; - ngx_imap_session_t *s; - ngx_imap_proxy_conf_t *pcf; + u_char *p; + ngx_int_t rc; + ngx_str_t line; + ngx_connection_t *c; + ngx_mail_session_t *s; + ngx_mail_proxy_conf_t *pcf; + ngx_mail_core_srv_conf_t *cscf; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, - "imap proxy pop3 auth handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy smtp auth handler"); c = rev->data; s = c->data; @@ -340,85 +476,106 @@ ngx_imap_proxy_pop3_handler(ngx_event_t *rev) ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } - if (s->proxy->buffer == NULL) { - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); - - s->proxy->buffer = ngx_create_temp_buf(c->pool, pcf->buffer_size); - if (s->proxy->buffer == NULL) { - ngx_imap_proxy_internal_server_error(s); - return; - } - } - - rc = ngx_imap_proxy_read_response(s, 0); + rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { - ngx_imap_proxy_upstream_error(s); + ngx_mail_proxy_upstream_error(s); return; } - switch (s->imap_state) { + switch (s->mail_state) { - case ngx_pop3_start: - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, "imap proxy send user"); + case ngx_smtp_start: + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send ehlo"); - s->connection->log->action = "sending user name to upstream"; + s->connection->log->action = "sending HELO/EHLO to upstream"; - line.len = sizeof("USER ") - 1 + s->login.len + 2; + cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); + + line.len = sizeof("HELO ") - 1 + cscf->server_name.len + 2; line.data = ngx_palloc(c->pool, line.len); if (line.data == NULL) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } - p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); - p = ngx_cpymem(p, s->login.data, s->login.len); + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); + + p = ngx_cpymem(line.data, + ((s->esmtp || pcf->xclient) ? "EHLO " : "HELO "), + sizeof("HELO ") - 1); + + p = ngx_cpymem(p, cscf->server_name.data, cscf->server_name.len); *p++ = CR; *p = LF; - s->imap_state = ngx_pop3_user; + s->mail_state = pcf->xclient ? ngx_smtp_helo: ngx_smtp_noxclient; + break; - case ngx_pop3_user: - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0, "imap proxy send pass"); + case ngx_smtp_helo: + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, + "mail proxy send xclient"); - s->connection->log->action = "sending password to upstream"; + s->connection->log->action = "sending XCLIENT to upstream"; + + line.len = sizeof("XCLIENT PROTO=SMTP HELO= ADDR= LOGIN= " + "NAME=[UNAVAILABLE]" CRLF) - 1 + + s->esmtp + s->smtp_helo.len + + s->connection->addr_text.len + s->login.len; - line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; line.data = ngx_palloc(c->pool, line.len); if (line.data == NULL) { - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } - p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); - p = ngx_cpymem(p, s->passwd.data, s->passwd.len); - *p++ = CR; *p = LF; + if (s->smtp_helo.len) { + line.len = ngx_sprintf(line.data, + "XCLIENT PROTO=%sSMTP HELO=%V ADDR=%V LOGIN=%V " + "NAME=[UNAVAILABLE]" CRLF, + (s->esmtp ? "E" : ""), &s->smtp_helo, + &s->connection->addr_text, &s->login) + - line.data; + } else { + line.len = ngx_sprintf(line.data, + "XCLIENT PROTO=SMTP ADDR=%V LOGIN=%V " + "NAME=[UNAVAILABLE]" CRLF, + &s->connection->addr_text, &s->login) + - line.data; + } - s->imap_state = ngx_pop3_passwd; + s->mail_state = ngx_smtp_xclient; break; - case ngx_pop3_passwd: - s->connection->read->handler = ngx_imap_proxy_handler; - s->connection->write->handler = ngx_imap_proxy_handler; - rev->handler = ngx_imap_proxy_handler; - c->write->handler = ngx_imap_proxy_handler; + case ngx_smtp_noxclient: + case ngx_smtp_xclient: - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); + ngx_memcpy(s->proxy->buffer->start, smtp_ok, sizeof(smtp_ok) - 1); + + s->proxy->buffer->pos = s->proxy->buffer->start; + s->proxy->buffer->last = s->proxy->buffer->start + sizeof(smtp_ok) - 1; + + s->connection->read->handler = ngx_mail_proxy_handler; + s->connection->write->handler = ngx_mail_proxy_handler; + rev->handler = ngx_mail_proxy_handler; + c->write->handler = ngx_mail_proxy_handler; + + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); - ngx_imap_proxy_handler(s->connection->write); + ngx_mail_proxy_handler(s->connection->write); return; @@ -435,7 +592,7 @@ ngx_imap_proxy_pop3_handler(ngx_event_t *rev) * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ - ngx_imap_proxy_internal_server_error(s); + ngx_mail_proxy_internal_server_error(s); return; } @@ -445,29 +602,29 @@ ngx_imap_proxy_pop3_handler(ngx_event_t *rev) static void -ngx_imap_proxy_dummy_handler(ngx_event_t *wev) +ngx_mail_proxy_dummy_handler(ngx_event_t *wev) { ngx_connection_t *c; - ngx_imap_session_t *s; + ngx_mail_session_t *s; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, wev->log, 0, "imap proxy dummy handler"); + ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, "mail proxy dummy handler"); if (ngx_handle_write_event(wev, 0) == NGX_ERROR) { c = wev->data; s = c->data; - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); } } static ngx_int_t -ngx_imap_proxy_read_response(ngx_imap_session_t *s, ngx_uint_t state) +ngx_mail_proxy_read_response(ngx_mail_session_t *s, ngx_uint_t state) { u_char *p; ssize_t n; ngx_buf_t *b; - ngx_imap_proxy_conf_t *pcf; + ngx_mail_proxy_conf_t *pcf; s->connection->log->action = "reading response from upstream"; @@ -504,12 +661,15 @@ ngx_imap_proxy_read_response(ngx_imap_session_t *s, ngx_uint_t state) p = b->pos; - if (s->protocol == NGX_IMAP_POP3_PROTOCOL) { + switch (s->protocol) { + + case NGX_MAIL_POP3_PROTOCOL: if (p[0] == '+' && p[1] == 'O' && p[2] == 'K') { return NGX_OK; } + break; - } else { + case NGX_MAIL_IMAP_PROTOCOL: switch (state) { case ngx_imap_start: @@ -534,9 +694,31 @@ ngx_imap_proxy_read_response(ngx_imap_session_t *s, ngx_uint_t state) } break; } + + break; + + default: /* NGX_MAIL_SMTP_PROTOCOL */ + switch (state) { + + case ngx_smtp_helo: + case ngx_smtp_noxclient: + if (p[0] == '2' && p[1] == '5' && p[2] == '0') { + return NGX_OK; + } + break; + + case ngx_smtp_start: + case ngx_smtp_xclient: + if (p[0] == '2' && p[1] == '2' && p[2] == '0') { + return NGX_OK; + } + break; + } + + break; } - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); if (pcf->pass_error_message == 0) { *(b->last - 2) = '\0'; @@ -559,7 +741,7 @@ ngx_imap_proxy_read_response(ngx_imap_session_t *s, ngx_uint_t state) static void -ngx_imap_proxy_handler(ngx_event_t *ev) +ngx_mail_proxy_handler(ngx_event_t *ev) { char *action, *recv_action, *send_action; size_t size; @@ -567,8 +749,8 @@ ngx_imap_proxy_handler(ngx_event_t *ev) ngx_buf_t *b; ngx_uint_t do_write; ngx_connection_t *c, *src, *dst; - ngx_imap_session_t *s; - ngx_imap_proxy_conf_t *pcf; + ngx_mail_session_t *s; + ngx_mail_proxy_conf_t *pcf; c = ev->data; s = c->data; @@ -586,7 +768,7 @@ ngx_imap_proxy_handler(ngx_event_t *ev) "upstream timed out"); } - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } @@ -625,8 +807,8 @@ ngx_imap_proxy_handler(ngx_event_t *ev) do_write = ev->write ? 1 : 0; - ngx_log_debug3(NGX_LOG_DEBUG_IMAP, ev->log, 0, - "imap proxy handler: %d, #%d > #%d", + ngx_log_debug3(NGX_LOG_DEBUG_MAIL, ev->log, 0, + "mail proxy handler: %d, #%d > #%d", do_write, src->fd, dst->fd); for ( ;; ) { @@ -641,7 +823,7 @@ ngx_imap_proxy_handler(ngx_event_t *ev) n = dst->send(dst, b->pos, size); if (n == NGX_ERROR) { - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } @@ -693,100 +875,101 @@ ngx_imap_proxy_handler(ngx_event_t *ev) ngx_log_error(NGX_LOG_INFO, c->log, 0, "proxied session done"); c->log->action = action; - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } if (ngx_handle_write_event(dst->write, 0) == NGX_ERROR) { - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } if (ngx_handle_read_event(dst->read, 0) == NGX_ERROR) { - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } if (ngx_handle_write_event(src->write, 0) == NGX_ERROR) { - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } if (ngx_handle_read_event(src->read, 0) == NGX_ERROR) { - ngx_imap_proxy_close_session(s); + ngx_mail_proxy_close_session(s); return; } if (c == s->connection) { - pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); + pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(c->read, pcf->timeout); } } static void -ngx_imap_proxy_upstream_error(ngx_imap_session_t *s) +ngx_mail_proxy_upstream_error(ngx_mail_session_t *s) { if (s->proxy->upstream.connection) { - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "close imap proxy connection: %d", + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "close mail proxy connection: %d", s->proxy->upstream.connection->fd); ngx_close_connection(s->proxy->upstream.connection); } if (s->out.len == 0) { - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); return; } s->quit = 1; - ngx_imap_send(s->connection->write); + ngx_mail_send(s->connection->write); } static void -ngx_imap_proxy_internal_server_error(ngx_imap_session_t *s) +ngx_mail_proxy_internal_server_error(ngx_mail_session_t *s) { if (s->proxy->upstream.connection) { - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "close imap proxy connection: %d", + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "close mail proxy connection: %d", s->proxy->upstream.connection->fd); ngx_close_connection(s->proxy->upstream.connection); } - ngx_imap_session_internal_server_error(s); + ngx_mail_session_internal_server_error(s); } static void -ngx_imap_proxy_close_session(ngx_imap_session_t *s) +ngx_mail_proxy_close_session(ngx_mail_session_t *s) { if (s->proxy->upstream.connection) { - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0, - "close imap proxy connection: %d", + ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, + "close mail proxy connection: %d", s->proxy->upstream.connection->fd); ngx_close_connection(s->proxy->upstream.connection); } - ngx_imap_close_connection(s->connection); + ngx_mail_close_connection(s->connection); } static void * -ngx_imap_proxy_create_conf(ngx_conf_t *cf) +ngx_mail_proxy_create_conf(ngx_conf_t *cf) { - ngx_imap_proxy_conf_t *pcf; + ngx_mail_proxy_conf_t *pcf; - pcf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_proxy_conf_t)); + pcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_proxy_conf_t)); if (pcf == NULL) { return NGX_CONF_ERROR; } pcf->enable = NGX_CONF_UNSET; pcf->pass_error_message = NGX_CONF_UNSET; + pcf->xclient = NGX_CONF_UNSET; pcf->buffer_size = NGX_CONF_UNSET_SIZE; pcf->timeout = NGX_CONF_UNSET_MSEC; @@ -795,13 +978,14 @@ ngx_imap_proxy_create_conf(ngx_conf_t *cf) static char * -ngx_imap_proxy_merge_conf(ngx_conf_t *cf, void *parent, void *child) +ngx_mail_proxy_merge_conf(ngx_conf_t *cf, void *parent, void *child) { - ngx_imap_proxy_conf_t *prev = parent; - ngx_imap_proxy_conf_t *conf = child; + ngx_mail_proxy_conf_t *prev = parent; + ngx_mail_proxy_conf_t *conf = child; ngx_conf_merge_value(conf->enable, prev->enable, 0); ngx_conf_merge_value(conf->pass_error_message, prev->pass_error_message, 0); + ngx_conf_merge_value(conf->xclient, prev->xclient, 1); ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, (size_t) ngx_pagesize); ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 24 * 60 * 60000); diff --git a/src/imap/ngx_imap_ssl_module.c b/src/mail/ngx_mail_ssl_module.c index ac4a08629..e343cbf7d 100644 --- a/src/imap/ngx_imap_ssl_module.c +++ b/src/mail/ngx_mail_ssl_module.c @@ -6,7 +6,7 @@ #include <ngx_config.h> #include <ngx_core.h> -#include <ngx_imap.h> +#include <ngx_mail.h> #define NGX_DEFLAUT_CERTIFICATE "cert.pem" @@ -14,31 +14,31 @@ #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" -static void *ngx_imap_ssl_create_conf(ngx_conf_t *cf); -static char *ngx_imap_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child); -static char *ngx_imap_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, +static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf); +static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child); +static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) -static char *ngx_imap_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_mail_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); -static char ngx_imap_ssl_openssl097[] = "OpenSSL 0.9.7 and higher"; +static char ngx_mail_ssl_openssl097[] = "OpenSSL 0.9.7 and higher"; #endif static ngx_conf_enum_t ngx_http_starttls_state[] = { - { ngx_string("off"), NGX_IMAP_STARTTLS_OFF }, - { ngx_string("on"), NGX_IMAP_STARTTLS_ON }, - { ngx_string("only"), NGX_IMAP_STARTTLS_ONLY }, + { ngx_string("off"), NGX_MAIL_STARTTLS_OFF }, + { ngx_string("on"), NGX_MAIL_STARTTLS_ON }, + { ngx_string("only"), NGX_MAIL_STARTTLS_ONLY }, { ngx_null_string, 0 } }; -static ngx_conf_bitmask_t ngx_imap_ssl_protocols[] = { +static ngx_conf_bitmask_t ngx_mail_ssl_protocols[] = { { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, { ngx_string("SSLv3"), NGX_SSL_SSLv3 }, { ngx_string("TLSv1"), NGX_SSL_TLSv1 }, @@ -46,93 +46,93 @@ static ngx_conf_bitmask_t ngx_imap_ssl_protocols[] = { }; -static ngx_command_t ngx_imap_ssl_commands[] = { +static ngx_command_t ngx_mail_ssl_commands[] = { { ngx_string("ssl"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_FLAG, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, enable), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, enable), NULL }, { ngx_string("starttls"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_enum_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, starttls), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, starttls), ngx_http_starttls_state }, { ngx_string("ssl_certificate"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, certificate), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, certificate), NULL }, { ngx_string("ssl_certificate_key"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, certificate_key), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, certificate_key), NULL }, { ngx_string("ssl_protocols"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_1MORE, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, ngx_conf_set_bitmask_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, protocols), - &ngx_imap_ssl_protocols }, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, protocols), + &ngx_mail_ssl_protocols }, { ngx_string("ssl_ciphers"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, ciphers), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, ciphers), NULL }, { ngx_string("ssl_prefer_server_ciphers"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_FLAG, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE ngx_conf_set_flag_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, prefer_server_ciphers), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, prefer_server_ciphers), NULL }, #else - ngx_imap_ssl_nosupported, 0, 0, ngx_imap_ssl_openssl097 }, + ngx_mail_ssl_nosupported, 0, 0, ngx_mail_ssl_openssl097 }, #endif { ngx_string("ssl_session_cache"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE12, - ngx_imap_ssl_session_cache, - NGX_IMAP_SRV_CONF_OFFSET, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE12, + ngx_mail_ssl_session_cache, + NGX_MAIL_SRV_CONF_OFFSET, 0, NULL }, { ngx_string("ssl_session_timeout"), - NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_sec_slot, - NGX_IMAP_SRV_CONF_OFFSET, - offsetof(ngx_imap_ssl_conf_t, session_timeout), + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_ssl_conf_t, session_timeout), NULL }, ngx_null_command }; -static ngx_imap_module_t ngx_imap_ssl_module_ctx = { +static ngx_mail_module_t ngx_mail_ssl_module_ctx = { NULL, /* create main configuration */ NULL, /* init main configuration */ - ngx_imap_ssl_create_conf, /* create server configuration */ - ngx_imap_ssl_merge_conf /* merge server configuration */ + ngx_mail_ssl_create_conf, /* create server configuration */ + ngx_mail_ssl_merge_conf /* merge server configuration */ }; -ngx_module_t ngx_imap_ssl_module = { +ngx_module_t ngx_mail_ssl_module = { NGX_MODULE_V1, - &ngx_imap_ssl_module_ctx, /* module context */ - ngx_imap_ssl_commands, /* module directives */ - NGX_IMAP_MODULE, /* module type */ + &ngx_mail_ssl_module_ctx, /* module context */ + ngx_mail_ssl_commands, /* module directives */ + NGX_MAIL_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ NULL, /* init process */ @@ -144,15 +144,15 @@ ngx_module_t ngx_imap_ssl_module = { }; -static ngx_str_t ngx_imap_ssl_sess_id_ctx = ngx_string("IMAP"); +static ngx_str_t ngx_mail_ssl_sess_id_ctx = ngx_string("MAIL"); static void * -ngx_imap_ssl_create_conf(ngx_conf_t *cf) +ngx_mail_ssl_create_conf(ngx_conf_t *cf) { - ngx_imap_ssl_conf_t *scf; + ngx_mail_ssl_conf_t *scf; - scf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_ssl_conf_t)); + scf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_ssl_conf_t)); if (scf == NULL) { return NGX_CONF_ERROR; } @@ -181,17 +181,17 @@ ngx_imap_ssl_create_conf(ngx_conf_t *cf) static char * -ngx_imap_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) +ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) { - ngx_imap_ssl_conf_t *prev = parent; - ngx_imap_ssl_conf_t *conf = child; + ngx_mail_ssl_conf_t *prev = parent; + ngx_mail_ssl_conf_t *conf = child; ngx_pool_cleanup_t *cln; ngx_conf_merge_value(conf->enable, prev->enable, 0); - ngx_conf_merge_value(conf->starttls, prev->starttls, NGX_IMAP_STARTTLS_OFF); + ngx_conf_merge_value(conf->starttls, prev->starttls, NGX_MAIL_STARTTLS_OFF); - if (conf->enable == 0 && conf->starttls == NGX_IMAP_STARTTLS_OFF) { + if (conf->enable == 0 && conf->starttls == NGX_MAIL_STARTTLS_OFF) { return NGX_CONF_OK; } @@ -266,7 +266,7 @@ ngx_imap_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) conf->shm_zone = prev->shm_zone; } - if (ngx_ssl_session_cache(&conf->ssl, &ngx_imap_ssl_sess_id_ctx, + if (ngx_ssl_session_cache(&conf->ssl, &ngx_mail_ssl_sess_id_ctx, conf->builtin_session_cache, conf->shm_zone, conf->session_timeout) != NGX_OK) @@ -279,9 +279,9 @@ ngx_imap_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) static char * -ngx_imap_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { - ngx_imap_ssl_conf_t *scf = conf; + ngx_mail_ssl_conf_t *scf = conf; size_t len; ngx_str_t *value, name, size; @@ -352,7 +352,7 @@ ngx_imap_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } scf->shm_zone = ngx_shared_memory_add(cf, &name, n, - &ngx_imap_ssl_module); + &ngx_mail_ssl_module); if (scf->shm_zone == NULL) { return NGX_CONF_ERROR; } @@ -381,7 +381,7 @@ invalid: #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) static char * -ngx_imap_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_mail_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "\"%V\" directive is available only in %s,", diff --git a/src/imap/ngx_imap_ssl_module.h b/src/mail/ngx_mail_ssl_module.h index 8ab8af287..c69e6186c 100644 --- a/src/imap/ngx_imap_ssl_module.h +++ b/src/mail/ngx_mail_ssl_module.h @@ -4,18 +4,18 @@ */ -#ifndef _NGX_IMAP_SSL_H_INCLUDED_ -#define _NGX_IMAP_SSL_H_INCLUDED_ +#ifndef _NGX_MAIL_SSL_H_INCLUDED_ +#define _NGX_MAIL_SSL_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> -#include <ngx_imap.h> +#include <ngx_mail.h> -#define NGX_IMAP_STARTTLS_OFF 0 -#define NGX_IMAP_STARTTLS_ON 1 -#define NGX_IMAP_STARTTLS_ONLY 2 +#define NGX_MAIL_STARTTLS_OFF 0 +#define NGX_MAIL_STARTTLS_ON 1 +#define NGX_MAIL_STARTTLS_ONLY 2 typedef struct { @@ -38,10 +38,10 @@ typedef struct { ngx_str_t ciphers; ngx_shm_zone_t *shm_zone; -} ngx_imap_ssl_conf_t; +} ngx_mail_ssl_conf_t; -extern ngx_module_t ngx_imap_ssl_module; +extern ngx_module_t ngx_mail_ssl_module; -#endif /* _NGX_IMAP_SSL_H_INCLUDED_ */ +#endif /* _NGX_MAIL_SSL_H_INCLUDED_ */ diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c index c8586f6e4..90993966d 100644 --- a/src/os/unix/ngx_process_cycle.c +++ b/src/os/unix/ngx_process_cycle.c @@ -454,7 +454,8 @@ ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo) if (ch.command) { if (ngx_write_channel(ngx_processes[i].channel[0], - &ch, sizeof(ngx_channel_t), cycle->log) == NGX_OK) + &ch, sizeof(ngx_channel_t), cycle->log) + == NGX_OK) { if (signo != ngx_signal_value(NGX_REOPEN_SIGNAL)) { ngx_processes[i].exiting = 1; @@ -663,6 +664,8 @@ ngx_master_process_exit(ngx_cycle_t *cycle) static void ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data) { + ngx_uint_t i; + ngx_connection_t *c; #if (NGX_THREADS) ngx_int_t n; ngx_err_t err; @@ -678,8 +681,8 @@ ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data) ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module); if (ngx_threads_n) { - if (ngx_init_threads(ngx_threads_n, - ccf->thread_stack_size, cycle) == NGX_ERROR) + if (ngx_init_threads(ngx_threads_n, ccf->thread_stack_size, cycle) + == NGX_ERROR) { /* fatal */ exit(2); @@ -704,7 +707,8 @@ ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data) if (ngx_create_thread((ngx_tid_t *) &ngx_threads[n].tid, ngx_worker_thread_cycle, - (void *) &ngx_threads[n], cycle->log) != 0) + (void *) &ngx_threads[n], cycle->log) + != 0) { /* fatal */ exit(2); @@ -715,12 +719,27 @@ ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data) #endif for ( ;; ) { - if (ngx_exiting - && ngx_event_timer_rbtree.root == ngx_event_timer_rbtree.sentinel) - { - ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting"); - ngx_worker_process_exit(cycle); + if (ngx_exiting) { + + c = cycle->connections; + + for (i = 0; i < cycle->connection_n; i++) { + + /* THREAD: lock */ + + if (c[i].fd != -1 && c[i].idle) { + c[i].close = 1; + c[i].read->handler(c[i].read); + } + } + + if (ngx_event_timer_rbtree.root == ngx_event_timer_rbtree.sentinel) + { + ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting"); + + ngx_worker_process_exit(cycle); + } } ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "worker cycle"); @@ -928,7 +947,8 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_uint_t priority) #endif if (ngx_add_channel_event(cycle, ngx_channel, NGX_READ_EVENT, - ngx_channel_handler) == NGX_ERROR) + ngx_channel_handler) + == NGX_ERROR) { /* fatal */ exit(2); @@ -1024,6 +1044,12 @@ ngx_channel_handler(ngx_event_t *ev) return; } + if (ngx_event_flags & NGX_USE_EVENTPORT_EVENT) { + if (ngx_add_event(ev, NGX_READ_EVENT, 0) == NGX_ERROR) { + return; + } + } + if (n == NGX_AGAIN) { return; } |