76
|
1
|
|
2 /*
|
|
3 * Copyright (C) Igor Sysoev
|
|
4 */
|
|
5
|
|
6
|
|
7 #include <ngx_config.h>
|
|
8 #include <ngx_core.h>
|
|
9 #include <ngx_event.h>
|
|
10 #include <ngx_imap.h>
|
|
11
|
|
12
|
96
|
13 static void ngx_imap_init_session(ngx_connection_t *c);
|
90
|
14 static void ngx_imap_init_protocol(ngx_event_t *rev);
|
262
|
15 static ngx_int_t ngx_imap_decode_auth_plain(ngx_imap_session_t *s,
|
|
16 ngx_str_t *encoded);
|
258
|
17 static void ngx_imap_do_auth(ngx_imap_session_t *s);
|
76
|
18 static ngx_int_t ngx_imap_read_command(ngx_imap_session_t *s);
|
90
|
19 static u_char *ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len);
|
76
|
20
|
88
|
21 #if (NGX_IMAP_SSL)
|
132
|
22 static void ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c);
|
96
|
23 static void ngx_imap_ssl_handshake_handler(ngx_connection_t *c);
|
88
|
24 #endif
|
|
25
|
76
|
26
|
|
27 static ngx_str_t greetings[] = {
|
|
28 ngx_string("+OK POP3 ready" CRLF),
|
78
|
29 ngx_string("* OK IMAP4 ready" CRLF)
|
76
|
30 };
|
|
31
|
|
32 static ngx_str_t internal_server_errors[] = {
|
|
33 ngx_string("-ERR internal server error" CRLF),
|
|
34 ngx_string("* BAD internal server error" CRLF),
|
|
35 };
|
|
36
|
|
37 static u_char pop3_ok[] = "+OK" CRLF;
|
252
|
38 static u_char pop3_next[] = "+ " CRLF;
|
|
39 static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF;
|
|
40 static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF;
|
76
|
41 static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF;
|
|
42
|
92
|
43 static u_char imap_star[] = "* ";
|
78
|
44 static u_char imap_ok[] = "OK completed" CRLF;
|
76
|
45 static u_char imap_next[] = "+ OK" CRLF;
|
|
46 static u_char imap_bye[] = "* BYE" CRLF;
|
|
47 static u_char imap_invalid_command[] = "BAD invalid command" CRLF;
|
|
48
|
|
49
|
|
50 void
|
|
51 ngx_imap_init_connection(ngx_connection_t *c)
|
|
52 {
|
190
|
53 in_addr_t in_addr;
|
|
54 socklen_t len;
|
|
55 ngx_uint_t i;
|
|
56 struct sockaddr_in sin;
|
|
57 ngx_imap_log_ctx_t *ctx;
|
|
58 ngx_imap_in_port_t *imip;
|
|
59 ngx_imap_in_addr_t *imia;
|
|
60 ngx_imap_session_t *s;
|
92
|
61 #if (NGX_IMAP_SSL)
|
132
|
62 ngx_imap_ssl_conf_t *sslcf;
|
92
|
63 #endif
|
90
|
64
|
190
|
65
|
|
66 /* find the server configuration for the address:port */
|
|
67
|
|
68 /* AF_INET only */
|
|
69
|
|
70 imip = c->listening->servers;
|
|
71 imia = imip->addrs;
|
|
72
|
|
73 i = 0;
|
|
74
|
|
75 if (imip->naddrs > 1) {
|
|
76
|
|
77 /*
|
|
78 * There are several addresses on this port and one of them
|
|
79 * is the "*:port" wildcard so getsockname() is needed to determine
|
|
80 * the server address.
|
|
81 *
|
|
82 * AcceptEx() already gave this address.
|
|
83 */
|
|
84
|
|
85 #if (NGX_WIN32)
|
|
86 if (c->local_sockaddr) {
|
|
87 in_addr =
|
|
88 ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr;
|
90
|
89
|
190
|
90 } else
|
|
91 #endif
|
|
92 {
|
|
93 len = sizeof(struct sockaddr_in);
|
|
94 if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) {
|
|
95 ngx_connection_error(c, ngx_socket_errno,
|
|
96 "getsockname() failed");
|
|
97 ngx_imap_close_connection(c);
|
|
98 return;
|
|
99 }
|
|
100
|
|
101 in_addr = sin.sin_addr.s_addr;
|
|
102 }
|
|
103
|
|
104 /* the last address is "*" */
|
|
105
|
|
106 for ( /* void */ ; i < imip->naddrs - 1; i++) {
|
|
107 if (in_addr == imia[i].addr) {
|
|
108 break;
|
|
109 }
|
|
110 }
|
|
111 }
|
|
112
|
|
113
|
|
114 s = ngx_pcalloc(c->pool, sizeof(ngx_imap_session_t));
|
|
115 if (s == NULL) {
|
90
|
116 ngx_imap_close_connection(c);
|
|
117 return;
|
126
|
118 }
|
90
|
119
|
190
|
120 s->main_conf = imia[i].ctx->main_conf;
|
|
121 s->srv_conf = imia[i].ctx->srv_conf;
|
|
122
|
|
123 s->addr_text = &imia[i].addr_text;
|
|
124
|
|
125 c->data = s;
|
|
126 s->connection = c;
|
|
127
|
|
128 ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V",
|
|
129 c->number, &c->addr_text, s->addr_text);
|
|
130
|
|
131 ctx = ngx_palloc(c->pool, sizeof(ngx_imap_log_ctx_t));
|
|
132 if (ctx == NULL) {
|
|
133 ngx_imap_close_connection(c);
|
|
134 return;
|
|
135 }
|
|
136
|
|
137 ctx->client = &c->addr_text;
|
|
138 ctx->session = s;
|
90
|
139
|
|
140 c->log->connection = c->number;
|
|
141 c->log->handler = ngx_imap_log_error;
|
190
|
142 c->log->data = ctx;
|
90
|
143 c->log->action = "sending client greeting line";
|
|
144
|
|
145 c->log_error = NGX_ERROR_INFO;
|
|
146
|
92
|
147 #if (NGX_IMAP_SSL)
|
|
148
|
190
|
149 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
92
|
150
|
|
151 if (sslcf->enable) {
|
132
|
152 ngx_imap_ssl_init_connection(&sslcf->ssl, c);
|
96
|
153 return;
|
92
|
154 }
|
|
155
|
|
156 #endif
|
|
157
|
96
|
158 ngx_imap_init_session(c);
|
90
|
159 }
|
|
160
|
|
161
|
96
|
162 #if (NGX_IMAP_SSL)
|
|
163
|
90
|
164 static void
|
132
|
165 ngx_imap_starttls_handler(ngx_event_t *rev)
|
|
166 {
|
|
167 ngx_connection_t *c;
|
|
168 ngx_imap_session_t *s;
|
|
169 ngx_imap_ssl_conf_t *sslcf;
|
|
170
|
|
171 c = rev->data;
|
|
172 s = c->data;
|
190
|
173 s->starttls = 1;
|
132
|
174
|
|
175 c->log->action = "in starttls state";
|
|
176
|
|
177 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
178
|
|
179 ngx_imap_ssl_init_connection(&sslcf->ssl, c);
|
|
180 }
|
|
181
|
|
182
|
|
183 static void
|
|
184 ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c)
|
|
185 {
|
190
|
186 ngx_imap_session_t *s;
|
132
|
187 ngx_imap_core_srv_conf_t *cscf;
|
|
188
|
|
189 if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) {
|
|
190 ngx_imap_close_connection(c);
|
|
191 return;
|
|
192 }
|
|
193
|
|
194 if (ngx_ssl_handshake(c) == NGX_AGAIN) {
|
|
195
|
190
|
196 s = c->data;
|
|
197
|
|
198 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
199
|
|
200 ngx_add_timer(c->read, cscf->timeout);
|
|
201
|
|
202 c->ssl->handler = ngx_imap_ssl_handshake_handler;
|
|
203
|
|
204 return;
|
|
205 }
|
|
206
|
|
207 ngx_imap_ssl_handshake_handler(c);
|
|
208 }
|
|
209
|
|
210
|
|
211 static void
|
96
|
212 ngx_imap_ssl_handshake_handler(ngx_connection_t *c)
|
126
|
213 {
|
190
|
214 ngx_imap_session_t *s;
|
|
215
|
96
|
216 if (c->ssl->handshaked) {
|
132
|
217
|
190
|
218 s = c->data;
|
|
219
|
|
220 if (s->starttls) {
|
132
|
221 c->read->handler = ngx_imap_init_protocol;
|
|
222 c->write->handler = ngx_imap_send;
|
|
223
|
|
224 ngx_imap_init_protocol(c->read);
|
|
225
|
|
226 return;
|
|
227 }
|
|
228
|
96
|
229 ngx_imap_init_session(c);
|
|
230 return;
|
|
231 }
|
|
232
|
|
233 ngx_imap_close_connection(c);
|
|
234 }
|
|
235
|
|
236 #endif
|
|
237
|
|
238
|
|
239 static void
|
|
240 ngx_imap_init_session(ngx_connection_t *c)
|
90
|
241 {
|
250
|
242 u_char *p;
|
88
|
243 ngx_imap_session_t *s;
|
90
|
244 ngx_imap_core_srv_conf_t *cscf;
|
76
|
245
|
96
|
246 c->read->handler = ngx_imap_init_protocol;
|
|
247 c->write->handler = ngx_imap_send;
|
88
|
248
|
190
|
249 s = c->data;
|
76
|
250
|
190
|
251 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
88
|
252
|
|
253 s->protocol = cscf->protocol;
|
|
254
|
|
255 s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_imap_max_module);
|
|
256 if (s->ctx == NULL) {
|
|
257 ngx_imap_session_internal_server_error(s);
|
|
258 return;
|
|
259 }
|
|
260
|
|
261 s->out = greetings[s->protocol];
|
|
262
|
250
|
263 if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
|
|
264 && s->protocol == NGX_IMAP_POP3_PROTOCOL)
|
|
265 {
|
|
266 s->salt.data = ngx_palloc(c->pool,
|
|
267 sizeof(" <18446744073709551616.@>" CRLF) - 1
|
|
268 + NGX_TIME_T_LEN
|
|
269 + cscf->server_name.len);
|
|
270 if (s->salt.data == NULL) {
|
|
271 ngx_imap_session_internal_server_error(s);
|
|
272 return;
|
|
273 }
|
|
274
|
|
275 s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF,
|
|
276 ngx_random(), ngx_time(), &cscf->server_name)
|
|
277 - s->salt.data;
|
|
278
|
|
279 s->out.data = ngx_palloc(c->pool, greetings[0].len + 1 + s->salt.len);
|
|
280 if (s->out.data == NULL) {
|
|
281 ngx_imap_session_internal_server_error(s);
|
|
282 return;
|
|
283 }
|
|
284
|
|
285 p = ngx_cpymem(s->out.data, greetings[0].data, greetings[0].len - 2);
|
|
286 *p++ = ' ';
|
|
287 p = ngx_cpymem(p, s->salt.data, s->salt.len);
|
|
288
|
|
289 s->out.len = p - s->out.data;
|
|
290 }
|
|
291
|
96
|
292 ngx_add_timer(c->read, cscf->timeout);
|
76
|
293
|
96
|
294 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
|
76
|
295 ngx_imap_close_connection(c);
|
|
296 }
|
88
|
297
|
|
298 ngx_imap_send(c->write);
|
|
299 }
|
|
300
|
|
301
|
|
302 void
|
|
303 ngx_imap_send(ngx_event_t *wev)
|
|
304 {
|
90
|
305 ngx_int_t n;
|
|
306 ngx_connection_t *c;
|
|
307 ngx_imap_session_t *s;
|
|
308 ngx_imap_core_srv_conf_t *cscf;
|
88
|
309
|
|
310 c = wev->data;
|
|
311 s = c->data;
|
|
312
|
|
313 if (wev->timedout) {
|
|
314 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
315 c->timedout = 1;
|
88
|
316 ngx_imap_close_connection(c);
|
|
317 return;
|
|
318 }
|
|
319
|
|
320 if (s->out.len == 0) {
|
|
321 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
322 ngx_imap_close_connection(c);
|
|
323 }
|
|
324
|
|
325 return;
|
|
326 }
|
|
327
|
|
328 n = c->send(c, s->out.data, s->out.len);
|
|
329
|
|
330 if (n > 0) {
|
|
331 s->out.len -= n;
|
|
332
|
90
|
333 if (wev->timer_set) {
|
|
334 ngx_del_timer(wev);
|
|
335 }
|
|
336
|
88
|
337 if (s->quit) {
|
|
338 ngx_imap_close_connection(c);
|
|
339 return;
|
|
340 }
|
|
341
|
|
342 if (s->blocked) {
|
|
343 c->read->handler(c->read);
|
|
344 }
|
|
345
|
|
346 return;
|
|
347 }
|
|
348
|
|
349 if (n == NGX_ERROR) {
|
|
350 ngx_imap_close_connection(c);
|
|
351 return;
|
|
352 }
|
|
353
|
|
354 /* n == NGX_AGAIN */
|
|
355
|
90
|
356 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
357
|
|
358 ngx_add_timer(c->write, cscf->timeout);
|
|
359
|
88
|
360 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
361 ngx_imap_close_connection(c);
|
|
362 return;
|
|
363 }
|
76
|
364 }
|
|
365
|
|
366
|
|
367 static void
|
90
|
368 ngx_imap_init_protocol(ngx_event_t *rev)
|
76
|
369 {
|
|
370 size_t size;
|
|
371 ngx_connection_t *c;
|
|
372 ngx_imap_session_t *s;
|
|
373 ngx_imap_core_srv_conf_t *cscf;
|
|
374
|
|
375 c = rev->data;
|
|
376
|
90
|
377 c->log->action = "in auth state";
|
|
378
|
76
|
379 if (rev->timedout) {
|
|
380 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
381 c->timedout = 1;
|
76
|
382 ngx_imap_close_connection(c);
|
|
383 return;
|
|
384 }
|
|
385
|
88
|
386 s = c->data;
|
76
|
387
|
88
|
388 if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
|
76
|
389 size = 128;
|
|
390 s->imap_state = ngx_pop3_start;
|
|
391 c->read->handler = ngx_pop3_auth_state;
|
|
392
|
|
393 } else {
|
88
|
394 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
76
|
395 size = cscf->imap_client_buffer_size;
|
|
396 s->imap_state = ngx_imap_start;
|
|
397 c->read->handler = ngx_imap_auth_state;
|
|
398 }
|
|
399
|
|
400 if (s->buffer == NULL) {
|
132
|
401 if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t))
|
|
402 == NGX_ERROR)
|
|
403 {
|
|
404 ngx_imap_session_internal_server_error(s);
|
|
405 return;
|
|
406 }
|
|
407
|
|
408 s->buffer = ngx_create_temp_buf(c->pool, size);
|
|
409 if (s->buffer == NULL) {
|
|
410 ngx_imap_session_internal_server_error(s);
|
|
411 return;
|
|
412 }
|
76
|
413 }
|
|
414
|
|
415 c->read->handler(rev);
|
|
416 }
|
|
417
|
|
418
|
|
419 void
|
|
420 ngx_imap_auth_state(ngx_event_t *rev)
|
|
421 {
|
92
|
422 u_char *text, *last, *p, *dst, *src, *end;
|
88
|
423 ssize_t text_len, last_len;
|
76
|
424 ngx_str_t *arg;
|
|
425 ngx_int_t rc;
|
92
|
426 ngx_uint_t tag, i;
|
76
|
427 ngx_connection_t *c;
|
|
428 ngx_imap_session_t *s;
|
|
429 ngx_imap_core_srv_conf_t *cscf;
|
132
|
430 #if (NGX_IMAP_SSL)
|
|
431 ngx_imap_ssl_conf_t *sslcf;
|
|
432 #endif
|
76
|
433
|
|
434 c = rev->data;
|
|
435 s = c->data;
|
|
436
|
|
437 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth state");
|
|
438
|
|
439 if (rev->timedout) {
|
|
440 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
441 c->timedout = 1;
|
76
|
442 ngx_imap_close_connection(c);
|
|
443 return;
|
|
444 }
|
|
445
|
88
|
446 if (s->out.len) {
|
|
447 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
|
|
448 s->blocked = 1;
|
|
449 return;
|
|
450 }
|
|
451
|
|
452 s->blocked = 0;
|
|
453
|
76
|
454 rc = ngx_imap_read_command(s);
|
|
455
|
|
456 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth: %i", rc);
|
|
457
|
|
458 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
459 return;
|
|
460 }
|
|
461
|
|
462 tag = 1;
|
|
463
|
|
464 text = NULL;
|
|
465 text_len = 0;
|
|
466
|
|
467 last = imap_ok;
|
|
468 last_len = sizeof(imap_ok) - 1;
|
|
469
|
|
470 if (rc == NGX_OK) {
|
|
471
|
|
472 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth command: %i",
|
|
473 s->command);
|
|
474
|
92
|
475 if (s->backslash) {
|
|
476
|
|
477 arg = s->args.elts;
|
|
478
|
|
479 for (i = 0; i < s->args.nelts; i++) {
|
|
480 dst = arg[i].data;
|
|
481 end = dst + arg[i].len;
|
|
482
|
|
483 for (src = dst; src < end; dst++) {
|
|
484 *dst = *src;
|
|
485 if (*src++ == '\\') {
|
|
486 *dst = *src++;
|
|
487 }
|
|
488 }
|
|
489
|
|
490 arg[i].len = dst - arg[i].data;
|
|
491 }
|
|
492
|
|
493 s->backslash = 0;
|
|
494 }
|
|
495
|
76
|
496 switch (s->command) {
|
|
497
|
|
498 case NGX_IMAP_LOGIN:
|
132
|
499
|
|
500 #if (NGX_IMAP_SSL)
|
|
501
|
|
502 if (c->ssl == NULL) {
|
|
503 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
504
|
|
505 if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
|
|
506 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
507 break;
|
|
508 }
|
|
509 }
|
|
510 #endif
|
|
511
|
118
|
512 arg = s->args.elts;
|
76
|
513
|
118
|
514 if (s->args.nelts == 2 && arg[0].len) {
|
76
|
515
|
|
516 s->login.len = arg[0].len;
|
|
517 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
518 if (s->login.data == NULL) {
|
|
519 ngx_imap_session_internal_server_error(s);
|
|
520 return;
|
|
521 }
|
|
522
|
|
523 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
524
|
|
525 s->passwd.len = arg[1].len;
|
|
526 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
527 if (s->passwd.data == NULL) {
|
|
528 ngx_imap_session_internal_server_error(s);
|
|
529 return;
|
|
530 }
|
|
531
|
|
532 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
533
|
96
|
534 #if (NGX_DEBUG_IMAP_PASSWD)
|
76
|
535 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
536 "imap login:\"%V\" passwd:\"%V\"",
|
|
537 &s->login, &s->passwd);
|
96
|
538 #else
|
|
539 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
540 "imap login:\"%V\"", &s->login);
|
|
541 #endif
|
76
|
542
|
258
|
543 ngx_imap_do_auth(s);
|
76
|
544 return;
|
|
545 }
|
|
546
|
252
|
547 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
548 break;
|
|
549
|
|
550 case NGX_IMAP_CAPABILITY:
|
|
551 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
552
|
|
553 #if (NGX_IMAP_SSL)
|
|
554
|
|
555 if (c->ssl == NULL) {
|
|
556 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
557
|
|
558 if (sslcf->starttls == NGX_IMAP_STARTTLS_ON) {
|
|
559 text_len = cscf->imap_starttls_capability.len;
|
|
560 text = cscf->imap_starttls_capability.data;
|
|
561 break;
|
|
562 }
|
|
563
|
|
564 if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
|
|
565 text_len = cscf->imap_starttls_only_capability.len;
|
|
566 text = cscf->imap_starttls_only_capability.data;
|
|
567 break;
|
|
568 }
|
|
569 }
|
|
570 #endif
|
|
571
|
|
572 text_len = cscf->imap_capability.len;
|
|
573 text = cscf->imap_capability.data;
|
76
|
574 break;
|
|
575
|
|
576 case NGX_IMAP_LOGOUT:
|
88
|
577 s->quit = 1;
|
76
|
578 text = imap_bye;
|
|
579 text_len = sizeof(imap_bye) - 1;
|
|
580 break;
|
|
581
|
|
582 case NGX_IMAP_NOOP:
|
|
583 break;
|
|
584
|
132
|
585 #if (NGX_IMAP_SSL)
|
|
586
|
|
587 case NGX_IMAP_STARTTLS:
|
|
588 if (c->ssl == NULL) {
|
|
589 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
590 if (sslcf->starttls) {
|
|
591 c->read->handler = ngx_imap_starttls_handler;
|
|
592 break;
|
|
593 }
|
|
594 }
|
|
595
|
|
596 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
597 break;
|
|
598 #endif
|
|
599
|
76
|
600 default:
|
|
601 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
602 break;
|
|
603 }
|
|
604
|
|
605 } else if (rc == NGX_IMAP_NEXT) {
|
|
606 last = imap_next;
|
|
607 last_len = sizeof(imap_next) - 1;
|
|
608 tag = 0;
|
|
609 }
|
|
610
|
|
611 if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
|
|
612 last = imap_invalid_command;
|
|
613 last_len = sizeof(imap_invalid_command) - 1;
|
|
614 }
|
|
615
|
|
616 if (tag) {
|
92
|
617 if (s->tag.len == 0) {
|
|
618 s->tag.len = sizeof(imap_star) - 1;
|
|
619 s->tag.data = (u_char *) imap_star;
|
|
620 }
|
|
621
|
88
|
622 if (s->tagged_line.len < s->tag.len + text_len + last_len) {
|
|
623 s->tagged_line.len = s->tag.len + text_len + last_len;
|
|
624 s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len);
|
|
625 if (s->tagged_line.data == NULL) {
|
76
|
626 ngx_imap_close_connection(c);
|
|
627 return;
|
|
628 }
|
|
629 }
|
|
630
|
88
|
631 s->out.data = s->tagged_line.data;
|
|
632 s->out.len = s->tag.len + text_len + last_len;
|
|
633
|
|
634 p = s->out.data;
|
76
|
635
|
|
636 if (text) {
|
|
637 p = ngx_cpymem(p, text, text_len);
|
|
638 }
|
|
639 p = ngx_cpymem(p, s->tag.data, s->tag.len);
|
|
640 ngx_memcpy(p, last, last_len);
|
|
641
|
|
642
|
|
643 } else {
|
88
|
644 s->out.data = last;
|
|
645 s->out.len = last_len;
|
76
|
646 }
|
|
647
|
88
|
648 if (rc != NGX_IMAP_NEXT) {
|
|
649 s->args.nelts = 0;
|
|
650 s->buffer->pos = s->buffer->start;
|
|
651 s->buffer->last = s->buffer->start;
|
|
652 s->tag.len = 0;
|
76
|
653 }
|
|
654
|
88
|
655 ngx_imap_send(c->write);
|
76
|
656 }
|
|
657
|
|
658
|
|
659 void
|
|
660 ngx_pop3_auth_state(ngx_event_t *rev)
|
|
661 {
|
252
|
662 u_char *text, *p, *last;
|
76
|
663 ssize_t size;
|
|
664 ngx_int_t rc;
|
262
|
665 ngx_str_t *arg, salt;
|
76
|
666 ngx_connection_t *c;
|
|
667 ngx_imap_session_t *s;
|
|
668 ngx_imap_core_srv_conf_t *cscf;
|
132
|
669 #if (NGX_IMAP_SSL)
|
|
670 ngx_imap_ssl_conf_t *sslcf;
|
|
671 #endif
|
76
|
672
|
|
673 c = rev->data;
|
|
674 s = c->data;
|
|
675
|
|
676 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth state");
|
|
677
|
|
678 if (rev->timedout) {
|
|
679 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
680 c->timedout = 1;
|
76
|
681 ngx_imap_close_connection(c);
|
|
682 return;
|
|
683 }
|
|
684
|
88
|
685 if (s->out.len) {
|
|
686 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
|
|
687 s->blocked = 1;
|
|
688 return;
|
|
689 }
|
|
690
|
|
691 s->blocked = 0;
|
|
692
|
76
|
693 rc = ngx_imap_read_command(s);
|
|
694
|
|
695 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
696 return;
|
|
697 }
|
|
698
|
|
699 text = pop3_ok;
|
|
700 size = sizeof(pop3_ok) - 1;
|
|
701
|
|
702 if (rc == NGX_OK) {
|
|
703 switch (s->imap_state) {
|
|
704
|
|
705 case ngx_pop3_start:
|
|
706
|
|
707 switch (s->command) {
|
|
708
|
|
709 case NGX_POP3_USER:
|
|
710 if (s->args.nelts == 1) {
|
|
711 s->imap_state = ngx_pop3_user;
|
|
712
|
|
713 arg = s->args.elts;
|
|
714 s->login.len = arg[0].len;
|
|
715 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
716 if (s->login.data == NULL) {
|
|
717 ngx_imap_session_internal_server_error(s);
|
|
718 return;
|
|
719 }
|
|
720
|
|
721 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
722
|
|
723 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
724 "pop3 login: \"%V\"", &s->login);
|
|
725
|
252
|
726 break;
|
76
|
727 }
|
|
728
|
252
|
729 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
730 break;
|
|
731
|
|
732 case NGX_POP3_CAPA:
|
|
733 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
734
|
|
735 #if (NGX_IMAP_SSL)
|
|
736
|
|
737 if (c->ssl == NULL) {
|
|
738 sslcf = ngx_imap_get_module_srv_conf(s,
|
|
739 ngx_imap_ssl_module);
|
|
740 if (sslcf->starttls) {
|
|
741 size = cscf->pop3_starttls_capability.len;
|
|
742 text = cscf->pop3_starttls_capability.data;
|
|
743 break;
|
|
744 }
|
|
745 }
|
|
746 #endif
|
|
747
|
|
748 size = cscf->pop3_capability.len;
|
|
749 text = cscf->pop3_capability.data;
|
76
|
750 break;
|
|
751
|
250
|
752 case NGX_POP3_APOP:
|
|
753 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
754
|
|
755 if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
|
|
756 && s->args.nelts == 2)
|
|
757 {
|
|
758 arg = s->args.elts;
|
|
759
|
|
760 s->login.len = arg[0].len;
|
|
761 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
762 if (s->login.data == NULL) {
|
|
763 ngx_imap_session_internal_server_error(s);
|
|
764 return;
|
|
765 }
|
|
766
|
|
767 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
768
|
|
769 s->passwd.len = arg[1].len;
|
|
770 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
771 if (s->passwd.data == NULL) {
|
|
772 ngx_imap_session_internal_server_error(s);
|
|
773 return;
|
|
774 }
|
|
775
|
|
776 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
777
|
|
778 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
779 "pop3 apop: \"%V\" \"%V\"",
|
|
780 &s->login, &s->passwd);
|
|
781
|
|
782 s->auth_method = NGX_IMAP_AUTH_APOP;
|
|
783
|
258
|
784 ngx_imap_do_auth(s);
|
250
|
785 return;
|
252
|
786 }
|
250
|
787
|
252
|
788 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
789 break;
|
|
790
|
|
791 case NGX_POP3_AUTH:
|
|
792 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
793
|
|
794 if (s->args.nelts == 0) {
|
|
795 size = cscf->pop3_auth_capability.len;
|
|
796 text = cscf->pop3_auth_capability.data;
|
|
797 s->state = 0;
|
|
798 break;
|
|
799 }
|
|
800
|
|
801 arg = s->args.elts;
|
|
802
|
|
803 if (arg[0].len == 5) {
|
|
804
|
|
805 if (ngx_strncasecmp(arg[0].data, "LOGIN", 5) == 0) {
|
262
|
806
|
|
807 if (s->args.nelts != 1) {
|
|
808 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
809 break;
|
|
810 }
|
|
811
|
252
|
812 s->imap_state = ngx_pop3_auth_login_username;
|
|
813
|
|
814 size = sizeof(pop3_username) - 1;
|
|
815 text = pop3_username;
|
|
816
|
|
817 break;
|
|
818
|
|
819 } else if (ngx_strncasecmp(arg[0].data, "PLAIN", 5) == 0) {
|
262
|
820
|
|
821 if (s->args.nelts == 1) {
|
|
822 s->imap_state = ngx_pop3_auth_plain;
|
|
823
|
|
824 size = sizeof(pop3_next) - 1;
|
|
825 text = pop3_next;
|
|
826
|
|
827 break;
|
|
828 }
|
|
829
|
|
830 if (s->args.nelts == 2) {
|
|
831
|
|
832 /*
|
|
833 * workaround for Eudora for Mac: it sends
|
|
834 * AUTH PLAIN [base64 encoded]
|
|
835 */
|
252
|
836
|
262
|
837 rc = ngx_imap_decode_auth_plain(s, &arg[1]);
|
|
838
|
|
839 if (rc == NGX_OK) {
|
|
840 ngx_imap_do_auth(s);
|
|
841 return;
|
|
842 }
|
252
|
843
|
262
|
844 if (rc == NGX_ERROR) {
|
|
845 ngx_imap_session_internal_server_error(s);
|
|
846 return;
|
|
847 }
|
|
848
|
|
849 /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
|
|
850
|
|
851 break;
|
|
852 }
|
|
853
|
|
854 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
252
|
855 break;
|
|
856 }
|
|
857
|
|
858 } else if (arg[0].len == 8
|
|
859 && ngx_strncasecmp(arg[0].data, "CRAM-MD5", 8) == 0)
|
|
860 {
|
|
861 s->imap_state = ngx_pop3_auth_cram_md5;
|
|
862
|
|
863 text = ngx_palloc(c->pool,
|
|
864 sizeof("+ " CRLF) - 1
|
|
865 + ngx_base64_encoded_length(s->salt.len));
|
|
866 if (text == NULL) {
|
|
867 ngx_imap_session_internal_server_error(s);
|
|
868 return;
|
|
869 }
|
|
870
|
|
871 text[0] = '+'; text[1]= ' ';
|
|
872 salt.data = &text[2];
|
|
873 s->salt.len -= 2;
|
|
874
|
|
875 ngx_encode_base64(&salt, &s->salt);
|
|
876
|
|
877 s->salt.len += 2;
|
|
878 size = 2 + salt.len;
|
|
879 text[size++] = CR; text[size++] = LF;
|
|
880
|
|
881 break;
|
|
882 }
|
|
883
|
|
884 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
250
|
885 break;
|
|
886
|
76
|
887 case NGX_POP3_QUIT:
|
88
|
888 s->quit = 1;
|
76
|
889 break;
|
|
890
|
|
891 case NGX_POP3_NOOP:
|
|
892 break;
|
|
893
|
132
|
894 #if (NGX_IMAP_SSL)
|
|
895
|
|
896 case NGX_POP3_STLS:
|
|
897 if (c->ssl == NULL) {
|
|
898 sslcf = ngx_imap_get_module_srv_conf(s,
|
|
899 ngx_imap_ssl_module);
|
|
900 if (sslcf->starttls) {
|
|
901 c->read->handler = ngx_imap_starttls_handler;
|
|
902 break;
|
|
903 }
|
|
904 }
|
|
905
|
|
906 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
907 break;
|
|
908 #endif
|
|
909
|
76
|
910 default:
|
|
911 s->imap_state = ngx_pop3_start;
|
|
912 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
913 break;
|
|
914 }
|
|
915
|
|
916 break;
|
|
917
|
|
918 case ngx_pop3_user:
|
|
919
|
|
920 switch (s->command) {
|
|
921
|
|
922 case NGX_POP3_PASS:
|
|
923 if (s->args.nelts == 1) {
|
|
924 arg = s->args.elts;
|
|
925 s->passwd.len = arg[0].len;
|
|
926 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
927 if (s->passwd.data == NULL) {
|
|
928 ngx_imap_session_internal_server_error(s);
|
|
929 return;
|
|
930 }
|
|
931
|
|
932 ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len);
|
|
933
|
96
|
934 #if (NGX_DEBUG_IMAP_PASSWD)
|
76
|
935 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
936 "pop3 passwd: \"%V\"", &s->passwd);
|
96
|
937 #endif
|
76
|
938
|
258
|
939 ngx_imap_do_auth(s);
|
76
|
940 return;
|
|
941 }
|
|
942
|
252
|
943 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
944 break;
|
|
945
|
|
946 case NGX_POP3_CAPA:
|
|
947 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
948 size = cscf->pop3_capability.len;
|
|
949 text = cscf->pop3_capability.data;
|
76
|
950 break;
|
|
951
|
|
952 case NGX_POP3_QUIT:
|
88
|
953 s->quit = 1;
|
76
|
954 break;
|
|
955
|
|
956 case NGX_POP3_NOOP:
|
|
957 break;
|
|
958
|
|
959 default:
|
|
960 s->imap_state = ngx_pop3_start;
|
|
961 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
962 break;
|
|
963 }
|
|
964
|
|
965 break;
|
|
966
|
|
967 /* suppress warinings */
|
|
968 case ngx_pop3_passwd:
|
|
969 break;
|
252
|
970
|
|
971 case ngx_pop3_auth_login_username:
|
|
972 arg = s->args.elts;
|
|
973 s->imap_state = ngx_pop3_auth_login_password;
|
|
974
|
|
975 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
976 "pop3 auth login username: \"%V\"", &arg[0]);
|
|
977
|
|
978 s->login.data = ngx_palloc(c->pool,
|
|
979 ngx_base64_decoded_length(arg[0].len));
|
|
980 if (s->login.data == NULL){
|
|
981 ngx_imap_session_internal_server_error(s);
|
|
982 return;
|
|
983 }
|
|
984
|
|
985 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
986 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
987 "client sent invalid base64 encoding "
|
|
988 "in AUTH LOGIN command");
|
|
989 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
990 break;
|
|
991 }
|
|
992
|
|
993 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
994 "pop3 auth login username: \"%V\"", &s->login);
|
|
995
|
|
996 size = sizeof(pop3_password) - 1;
|
|
997 text = pop3_password;
|
|
998
|
|
999 break;
|
|
1000
|
|
1001 case ngx_pop3_auth_login_password:
|
|
1002 arg = s->args.elts;
|
|
1003
|
|
1004 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1005 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1006 "pop3 auth login password: \"%V\"", &arg[0]);
|
|
1007 #endif
|
|
1008
|
|
1009 s->passwd.data = ngx_palloc(c->pool,
|
|
1010 ngx_base64_decoded_length(arg[0].len));
|
|
1011 if (s->passwd.data == NULL){
|
|
1012 ngx_imap_session_internal_server_error(s);
|
|
1013 return;
|
|
1014 }
|
|
1015
|
|
1016 if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
|
|
1017 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1018 "client sent invalid base64 encoding "
|
|
1019 "in AUTH LOGIN command");
|
|
1020 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1021 break;
|
|
1022 }
|
|
1023
|
|
1024 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1025 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1026 "pop3 auth login password: \"%V\"", &s->passwd);
|
|
1027 #endif
|
|
1028
|
258
|
1029 ngx_imap_do_auth(s);
|
252
|
1030 return;
|
|
1031
|
|
1032 case ngx_pop3_auth_plain:
|
|
1033 arg = s->args.elts;
|
|
1034
|
262
|
1035 rc = ngx_imap_decode_auth_plain(s, &arg[0]);
|
252
|
1036
|
262
|
1037 if (rc == NGX_OK) {
|
|
1038 ngx_imap_do_auth(s);
|
|
1039 return;
|
|
1040 }
|
|
1041
|
|
1042 if (rc == NGX_ERROR) {
|
252
|
1043 ngx_imap_session_internal_server_error(s);
|
|
1044 return;
|
|
1045 }
|
|
1046
|
262
|
1047 /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
|
252
|
1048
|
262
|
1049 break;
|
252
|
1050
|
|
1051 case ngx_pop3_auth_cram_md5:
|
|
1052 arg = s->args.elts;
|
|
1053
|
|
1054 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1055 "pop3 auth cram-md5: \"%V\"", &arg[0]);
|
|
1056
|
|
1057 s->login.data = ngx_palloc(c->pool,
|
|
1058 ngx_base64_decoded_length(arg[0].len));
|
|
1059 if (s->login.data == NULL){
|
|
1060 ngx_imap_session_internal_server_error(s);
|
|
1061 return;
|
|
1062 }
|
|
1063
|
|
1064 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
1065 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1066 "client sent invalid base64 encoding "
|
|
1067 "in AUTH CRAM-MD5 command");
|
|
1068 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1069 break;
|
|
1070 }
|
|
1071
|
|
1072 p = s->login.data;
|
|
1073 last = p + s->login.len;
|
|
1074
|
|
1075 while (p < last) {
|
|
1076 if (*p++ == ' ') {
|
|
1077 s->login.len = p - s->login.data - 1;
|
|
1078 s->passwd.len = last - p;
|
|
1079 s->passwd.data = p;
|
|
1080 break;
|
|
1081 }
|
|
1082 }
|
|
1083
|
|
1084 if (s->passwd.len != 32) {
|
|
1085 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1086 "client sent invalid CRAM-MD5 hash "
|
|
1087 "in AUTH CRAM-MD5 command");
|
|
1088 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1089 break;
|
|
1090 }
|
|
1091
|
|
1092 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1093 "pop3 auth cram-md5: \"%V\" \"%V\"",
|
|
1094 &s->login, &s->passwd);
|
|
1095
|
|
1096 s->auth_method = NGX_IMAP_AUTH_CRAM_MD5;
|
|
1097
|
258
|
1098 ngx_imap_do_auth(s);
|
252
|
1099 return;
|
76
|
1100 }
|
|
1101 }
|
|
1102
|
|
1103 if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
|
252
|
1104 s->imap_state = ngx_pop3_start;
|
|
1105 s->state = 0;
|
76
|
1106 text = pop3_invalid_command;
|
|
1107 size = sizeof(pop3_invalid_command) - 1;
|
|
1108 }
|
|
1109
|
|
1110 s->args.nelts = 0;
|
|
1111 s->buffer->pos = s->buffer->start;
|
|
1112 s->buffer->last = s->buffer->start;
|
88
|
1113
|
252
|
1114 if (s->state) {
|
|
1115 s->arg_start = s->buffer->start;
|
|
1116 }
|
|
1117
|
88
|
1118 s->out.data = text;
|
|
1119 s->out.len = size;
|
|
1120
|
|
1121 ngx_imap_send(c->write);
|
76
|
1122 }
|
|
1123
|
|
1124
|
262
|
1125 static ngx_int_t
|
|
1126 ngx_imap_decode_auth_plain(ngx_imap_session_t *s, ngx_str_t *encoded)
|
|
1127 {
|
|
1128 u_char *p, *last;
|
|
1129 ngx_str_t plain;
|
|
1130
|
|
1131 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1132 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
|
|
1133 "pop3 auth plain: \"%V\"", encoded);
|
|
1134 #endif
|
|
1135
|
|
1136 plain.data = ngx_palloc(s->connection->pool,
|
|
1137 ngx_base64_decoded_length(encoded->len));
|
|
1138 if (plain.data == NULL){
|
|
1139 return NGX_ERROR;
|
|
1140 }
|
|
1141
|
|
1142 if (ngx_decode_base64(&plain, encoded) != NGX_OK) {
|
|
1143 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1144 "client sent invalid base64 encoding "
|
|
1145 "in AUTH PLAIN command");
|
|
1146 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1147 }
|
|
1148
|
|
1149 p = plain.data;
|
|
1150 last = p + plain.len;
|
|
1151
|
|
1152 while (p < last && *p++) { /* void */ }
|
|
1153
|
|
1154 if (p == last) {
|
|
1155 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1156 "client sent invalid login in AUTH PLAIN command");
|
|
1157 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1158 }
|
|
1159
|
|
1160 s->login.data = p;
|
|
1161
|
|
1162 while (p < last && *p) { p++; }
|
|
1163
|
|
1164 if (p == last) {
|
|
1165 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1166 "client sent invalid password in AUTH PLAIN command");
|
|
1167 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1168 }
|
|
1169
|
|
1170 s->login.len = p++ - s->login.data;
|
|
1171
|
|
1172 s->passwd.len = last - p;
|
|
1173 s->passwd.data = p;
|
|
1174
|
|
1175 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1176 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
|
|
1177 "pop3 auth plain: \"%V\" \"%V\"",
|
|
1178 &s->login, &s->passwd);
|
|
1179 #endif
|
|
1180
|
|
1181 return NGX_OK;
|
|
1182 }
|
|
1183
|
|
1184
|
258
|
1185 static void
|
|
1186 ngx_imap_do_auth(ngx_imap_session_t *s)
|
|
1187 {
|
|
1188 s->args.nelts = 0;
|
|
1189 s->buffer->pos = s->buffer->start;
|
|
1190 s->buffer->last = s->buffer->start;
|
|
1191 s->state = 0;
|
|
1192
|
|
1193 if (s->connection->read->timer_set) {
|
|
1194 ngx_del_timer(s->connection->read);
|
|
1195 }
|
|
1196
|
|
1197 s->login_attempt++;
|
|
1198
|
|
1199 ngx_imap_auth_http_init(s);
|
|
1200 }
|
|
1201
|
|
1202
|
76
|
1203 static ngx_int_t
|
|
1204 ngx_imap_read_command(ngx_imap_session_t *s)
|
|
1205 {
|
|
1206 ssize_t n;
|
|
1207 ngx_int_t rc;
|
|
1208
|
88
|
1209 n = s->connection->recv(s->connection, s->buffer->last,
|
|
1210 s->buffer->end - s->buffer->last);
|
76
|
1211
|
|
1212 if (n == NGX_ERROR || n == 0) {
|
|
1213 ngx_imap_close_connection(s->connection);
|
|
1214 return NGX_ERROR;
|
|
1215 }
|
|
1216
|
|
1217 if (n > 0) {
|
|
1218 s->buffer->last += n;
|
|
1219 }
|
|
1220
|
|
1221 if (n == NGX_AGAIN) {
|
|
1222 if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) {
|
|
1223 ngx_imap_session_internal_server_error(s);
|
|
1224 return NGX_ERROR;
|
|
1225 }
|
|
1226
|
|
1227 return NGX_AGAIN;
|
|
1228 }
|
|
1229
|
|
1230 if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
|
|
1231 rc = ngx_pop3_parse_command(s);
|
|
1232 } else {
|
|
1233 rc = ngx_imap_parse_command(s);
|
|
1234 }
|
|
1235
|
|
1236 if (rc == NGX_AGAIN
|
|
1237 || rc == NGX_IMAP_NEXT
|
|
1238 || rc == NGX_IMAP_PARSE_INVALID_COMMAND)
|
|
1239 {
|
|
1240 return rc;
|
|
1241 }
|
|
1242
|
|
1243 if (rc == NGX_ERROR) {
|
|
1244 ngx_imap_close_connection(s->connection);
|
|
1245 return NGX_ERROR;
|
|
1246 }
|
|
1247
|
|
1248 return NGX_OK;
|
|
1249 }
|
|
1250
|
|
1251
|
|
1252 void
|
|
1253 ngx_imap_session_internal_server_error(ngx_imap_session_t *s)
|
|
1254 {
|
88
|
1255 s->out = internal_server_errors[s->protocol];
|
|
1256 s->quit = 1;
|
76
|
1257
|
88
|
1258 ngx_imap_send(s->connection->write);
|
76
|
1259 }
|
|
1260
|
|
1261
|
|
1262 void
|
|
1263 ngx_imap_close_connection(ngx_connection_t *c)
|
|
1264 {
|
|
1265 ngx_pool_t *pool;
|
|
1266
|
|
1267 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1268 "close imap connection: %d", c->fd);
|
|
1269
|
88
|
1270 #if (NGX_IMAP_SSL)
|
|
1271
|
|
1272 if (c->ssl) {
|
|
1273 if (ngx_ssl_shutdown(c) == NGX_AGAIN) {
|
126
|
1274 c->ssl->handler = ngx_imap_close_connection;
|
88
|
1275 return;
|
|
1276 }
|
|
1277 }
|
|
1278
|
|
1279 #endif
|
|
1280
|
132
|
1281 c->destroyed = 1;
|
92
|
1282
|
76
|
1283 pool = c->pool;
|
|
1284
|
|
1285 ngx_close_connection(c);
|
|
1286
|
|
1287 ngx_destroy_pool(pool);
|
|
1288 }
|
88
|
1289
|
|
1290
|
90
|
1291 static u_char *
|
|
1292 ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len)
|
|
1293 {
|
116
|
1294 u_char *p;
|
|
1295 ngx_imap_session_t *s;
|
|
1296 ngx_imap_log_ctx_t *ctx;
|
90
|
1297
|
|
1298 if (log->action) {
|
|
1299 p = ngx_snprintf(buf, len, " while %s", log->action);
|
|
1300 len -= p - buf;
|
|
1301 buf = p;
|
|
1302 }
|
126
|
1303
|
90
|
1304 ctx = log->data;
|
|
1305
|
|
1306 p = ngx_snprintf(buf, len, ", client: %V", ctx->client);
|
|
1307 len -= p - buf;
|
|
1308 buf = p;
|
|
1309
|
|
1310 s = ctx->session;
|
|
1311
|
|
1312 if (s == NULL) {
|
|
1313 return p;
|
|
1314 }
|
|
1315
|
190
|
1316 p = ngx_snprintf(buf, len, ", server: %V", s->addr_text);
|
90
|
1317 len -= p - buf;
|
|
1318 buf = p;
|
|
1319
|
|
1320 if (s->login.len == 0) {
|
|
1321 return p;
|
|
1322 }
|
|
1323
|
|
1324 p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login);
|
|
1325 len -= p - buf;
|
|
1326 buf = p;
|
|
1327
|
|
1328 if (s->proxy == NULL) {
|
|
1329 return p;
|
|
1330 }
|
|
1331
|
260
|
1332 p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name);
|
90
|
1333
|
|
1334 return p;
|
|
1335 }
|