Mercurial > hg > nginx-vendor-0-5
diff src/mail/ngx_mail_core_module.c @ 324:7cf404023f50 NGINX_0_5_32
nginx 0.5.32
*) Change: now nginx tries to set the "worker_priority",
"worker_rlimit_nofile", "worker_rlimit_core", and
"worker_rlimit_sigpending" without super-user privileges.
*) Change: now nginx escapes space and "%" in request to a mail proxy
authentication server.
*) Change: now nginx escapes "%" in $memcached_key variable.
*) Change: the special make target "upgrade1" was defined for online
upgrade of 0.1.x versions.
*) Feature: the "add_header Last-Modified ..." directive changes the
"Last-Modified" response header line.
*) Feature: the mail proxy supports AUTHENTICATE in IMAP mode.
Thanks to Maxim Dounin.
*) Feature: the mail proxy supports STARTTLS in SMTP mode.
Thanks to Maxim Dounin.
*) Bugfix: nginx did not close directory file on HEAD request if
autoindex was used.
Thanks to Arkadiusz Patyk.
*) Bugfix: the "proxy_hide_header" and "fastcgi_hide_header" directives
did not hide response header lines whose name was longer than 32
characters.
Thanks to Manlio Perillo.
*) Bugfix: active connection counter always increased if mail proxy was
used.
*) Bugfix: if backend returned response header only using non-buffered
proxy, then nginx closed backend connection on timeout.
*) Bugfix: nginx did not support several "Connection" request header
lines.
*) Bugfix: a charset set by the "charset" directive was not appended to
the "Content-Type" header set by $r->send_http_header().
*) Bugfix: a segmentation fault might occur in worker process if
/dev/poll method was used.
*) Bugfix: nginx did not work on FreeBSD/sparc64.
*) Bugfix: a segmentation fault occurred in worker process if invalid
address was set in the "auth_http" directive.
*) Bugfix: now nginx uses default listen backlog value 511 on all
platforms except FreeBSD.
Thanks to Jiang Hong.
*) Bugfix: now Solaris sendfilev() is not used to transfer the client
request body to FastCGI-server via the unix domain socket.
*) Bugfix: if the same host without specified port was used as backend
for HTTP and HTTPS, then nginx used only one port - 80 or 443.
*) Bugfix: the "proxy_ignore_client_abort" and
"fastcgi_ignore_client_abort" directives did not work; bug appeared
in 0.5.13.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Mon, 24 Sep 2007 00:00:00 +0400 |
| parents | 2ceaee987f37 |
| children | f70f2f565fe0 |
line wrap: on
line diff
--- a/src/mail/ngx_mail_core_module.c +++ b/src/mail/ngx_mail_core_module.c @@ -54,6 +54,14 @@ static ngx_conf_bitmask_t ngx_pop3_auth }; +static ngx_conf_bitmask_t ngx_imap_auth_methods[] = { + { ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED }, + { ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED }, + { ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED }, + { ngx_null_string, 0 } +}; + + static ngx_conf_bitmask_t ngx_smtp_auth_methods[] = { { ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED }, { ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED }, @@ -62,6 +70,14 @@ static ngx_conf_bitmask_t ngx_smtp_auth }; +static ngx_str_t ngx_imap_auth_methods_names[] = { + ngx_string("AUTH=PLAIN"), + ngx_string("AUTH=LOGIN"), + ngx_null_string, /* APOP */ + ngx_string("AUTH=CRAM-MD5") +}; + + static ngx_str_t ngx_smtp_auth_methods_names[] = { ngx_string("PLAIN"), ngx_string("LOGIN"), @@ -172,6 +188,13 @@ static ngx_command_t ngx_mail_core_comm offsetof(ngx_mail_core_srv_conf_t, pop3_auth_methods), &ngx_pop3_auth_methods }, + { ngx_string("imap_auth"), + NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, + ngx_conf_set_bitmask_slot, + NGX_MAIL_SRV_CONF_OFFSET, + offsetof(ngx_mail_core_srv_conf_t, imap_auth_methods), + &ngx_imap_auth_methods }, + { ngx_string("smtp_auth"), NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE, ngx_conf_set_bitmask_slot, @@ -278,7 +301,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t ngx_mail_core_srv_conf_t *prev = parent; ngx_mail_core_srv_conf_t *conf = child; - u_char *p; + u_char *p, *auth; size_t size, stls_only_size; ngx_str_t *c, *d; ngx_uint_t i, m; @@ -297,6 +320,11 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t (NGX_CONF_BITMASK_SET |NGX_MAIL_AUTH_PLAIN_ENABLED)); + ngx_conf_merge_bitmask_value(conf->imap_auth_methods, + prev->imap_auth_methods, + (NGX_CONF_BITMASK_SET + |NGX_MAIL_AUTH_PLAIN_ENABLED)); + ngx_conf_merge_bitmask_value(conf->smtp_auth_methods, prev->smtp_auth_methods, (NGX_CONF_BITMASK_SET @@ -463,6 +491,15 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t size += 1 + c[i].len; } + for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0; + m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED; + m <<= 1, i++) + { + if (m & conf->imap_auth_methods) { + size += 1 + ngx_imap_auth_methods_names[i].len; + } + } + p = ngx_palloc(cf->pool, size); if (p == NULL) { return NGX_CONF_ERROR; @@ -478,6 +515,19 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t p = ngx_cpymem(p, c[i].data, c[i].len); } + auth = p; + + for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0; + m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED; + m <<= 1, i++) + { + if (m & conf->imap_auth_methods) { + *p++ = ' '; + p = ngx_cpymem(p, ngx_imap_auth_methods_names[i].data, + ngx_imap_auth_methods_names[i].len); + } + } + *p++ = CR; *p = LF; @@ -497,7 +547,8 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *p++ = CR; *p = LF; - size += sizeof(" LOGINDISABLED") - 1; + size = (auth - conf->imap_capability.data) + sizeof(CRLF) - 1 + + sizeof(" STARTTLS LOGINDISABLED") - 1; p = ngx_palloc(cf->pool, size); if (p == NULL) { @@ -507,9 +558,10 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t conf->imap_starttls_only_capability.len = size; conf->imap_starttls_only_capability.data = p; - p = ngx_cpymem(p, conf->imap_starttls_capability.data, - conf->imap_starttls_capability.len - (sizeof(CRLF) - 1)); - p = ngx_cpymem(p, " LOGINDISABLED", sizeof(" LOGINDISABLED") - 1); + p = ngx_cpymem(p, conf->imap_capability.data, + auth - conf->imap_capability.data); + p = ngx_cpymem(p, " STARTTLS LOGINDISABLED", + sizeof(" STARTTLS LOGINDISABLED") - 1); *p++ = CR; *p = LF; @@ -582,6 +634,8 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *p++ = CR; *p++ = LF; } + auth = p; + *p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = ' '; *p++ = 'A'; *p++ = 'U'; *p++ = 'T'; *p++ = 'H'; @@ -598,6 +652,42 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *p++ = CR; *p = LF; + size += sizeof("250 STARTTLS" CRLF) - 1; + + p = ngx_palloc(cf->pool, size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->smtp_starttls_capability.len = size; + conf->smtp_starttls_capability.data = p; + + p = ngx_cpymem(p, conf->smtp_capability.data, + conf->smtp_capability.len); + + p = ngx_cpymem(p, "250 STARTTLS" CRLF, sizeof("250 STARTTLS" CRLF) - 1); + *p++ = CR; *p = LF; + + p = conf->smtp_starttls_capability.data + + (auth - conf->smtp_capability.data) + 3; + *p = '-'; + + size = (auth - conf->smtp_capability.data) + + sizeof("250 STARTTLS" CRLF) - 1; + + p = ngx_palloc(cf->pool, size); + if (p == NULL) { + return NGX_CONF_ERROR; + } + + conf->smtp_starttls_only_capability.len = size; + conf->smtp_starttls_only_capability.data = p; + + p = ngx_cpymem(p, conf->smtp_capability.data, + auth - conf->smtp_capability.data); + + ngx_memcpy(p, "250 STARTTLS" CRLF, sizeof("250 STARTTLS" CRLF) - 1); + return NGX_CONF_OK; }