Mercurial > hg > nginx-quic
annotate src/mail/ngx_mail_auth_http_module.c @ 1373:fdea12ffb24a
discard request body before going to keep-alive state and use lingering timeouts
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Tue, 07 Aug 2007 10:53:27 +0000 |
parents | 0c10dc6a8e74 |
children | 3e045031ee3b fa67e7914b70 |
rev | line source |
---|---|
521 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4 */ | |
5 | |
6 | |
7 #include <ngx_config.h> | |
8 #include <ngx_core.h> | |
9 #include <ngx_event.h> | |
10 #include <ngx_event_connect.h> | |
1136 | 11 #include <ngx_mail.h> |
521 | 12 |
13 | |
14 typedef struct { | |
884 | 15 ngx_peer_addr_t *peer; |
521 | 16 |
527 | 17 ngx_msec_t timeout; |
521 | 18 |
527 | 19 ngx_str_t host_header; |
20 ngx_str_t uri; | |
573 | 21 ngx_str_t header; |
22 | |
23 ngx_array_t *headers; | |
1136 | 24 } ngx_mail_auth_http_conf_t; |
521 | 25 |
26 | |
1136 | 27 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; |
527 | 28 |
1136 | 29 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, |
30 ngx_mail_auth_http_ctx_t *ctx); | |
527 | 31 |
1136 | 32 struct ngx_mail_auth_http_ctx_s { |
527 | 33 ngx_buf_t *request; |
34 ngx_buf_t *response; | |
35 ngx_peer_connection_t peer; | |
36 | |
1136 | 37 ngx_mail_auth_http_handler_pt handler; |
527 | 38 |
39 ngx_uint_t state; | |
40 ngx_uint_t hash; /* no needed ? */ | |
41 | |
42 u_char *header_name_start; | |
43 u_char *header_name_end; | |
44 u_char *header_start; | |
45 u_char *header_end; | |
46 | |
47 ngx_str_t addr; | |
48 ngx_str_t port; | |
49 ngx_str_t err; | |
567 | 50 ngx_str_t errmsg; |
1136 | 51 ngx_str_t errcode; |
527 | 52 |
547 | 53 time_t sleep; |
527 | 54 |
547 | 55 ngx_pool_t *pool; |
527 | 56 }; |
521 | 57 |
58 | |
1136 | 59 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); |
60 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); | |
61 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, | |
62 ngx_mail_auth_http_ctx_t *ctx); | |
63 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, | |
64 ngx_mail_auth_http_ctx_t *ctx); | |
65 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); | |
66 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, | |
67 ngx_mail_auth_http_ctx_t *ctx); | |
68 static void ngx_mail_auth_http_block_read(ngx_event_t *rev); | |
69 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); | |
70 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, | |
71 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); | |
72 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, | |
633 | 73 ngx_str_t *escaped); |
521 | 74 |
1136 | 75 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); |
76 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | |
521 | 77 void *child); |
1136 | 78 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
79 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
573 | 80 void *conf); |
521 | 81 |
82 | |
1136 | 83 static ngx_command_t ngx_mail_auth_http_commands[] = { |
521 | 84 |
85 { ngx_string("auth_http"), | |
1136 | 86 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
87 ngx_mail_auth_http, | |
88 NGX_MAIL_SRV_CONF_OFFSET, | |
521 | 89 0, |
90 NULL }, | |
91 | |
92 { ngx_string("auth_http_timeout"), | |
1136 | 93 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
521 | 94 ngx_conf_set_msec_slot, |
1136 | 95 NGX_MAIL_SRV_CONF_OFFSET, |
96 offsetof(ngx_mail_auth_http_conf_t, timeout), | |
521 | 97 NULL }, |
98 | |
573 | 99 { ngx_string("auth_http_header"), |
1136 | 100 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, |
101 ngx_mail_auth_http_header, | |
102 NGX_MAIL_SRV_CONF_OFFSET, | |
573 | 103 0, |
104 NULL }, | |
105 | |
521 | 106 ngx_null_command |
107 }; | |
108 | |
109 | |
1136 | 110 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { |
521 | 111 NULL, /* create main configuration */ |
112 NULL, /* init main configuration */ | |
113 | |
1136 | 114 ngx_mail_auth_http_create_conf, /* create server configuration */ |
115 ngx_mail_auth_http_merge_conf /* merge server configuration */ | |
521 | 116 }; |
117 | |
118 | |
1136 | 119 ngx_module_t ngx_mail_auth_http_module = { |
521 | 120 NGX_MODULE_V1, |
1136 | 121 &ngx_mail_auth_http_module_ctx, /* module context */ |
122 ngx_mail_auth_http_commands, /* module directives */ | |
123 NGX_MAIL_MODULE, /* module type */ | |
541 | 124 NULL, /* init master */ |
521 | 125 NULL, /* init module */ |
541 | 126 NULL, /* init process */ |
127 NULL, /* init thread */ | |
128 NULL, /* exit thread */ | |
129 NULL, /* exit process */ | |
130 NULL, /* exit master */ | |
131 NGX_MODULE_V1_PADDING | |
521 | 132 }; |
133 | |
134 | |
1136 | 135 static char *ngx_mail_auth_http_protocol[] = { "pop3", "imap", "smtp" }; |
136 static ngx_str_t ngx_mail_auth_http_method[] = { | |
137 ngx_string("plain"), | |
809 | 138 ngx_string("plain"), |
139 ngx_string("apop"), | |
140 ngx_string("cram-md5") | |
800 | 141 }; |
521 | 142 |
1136 | 143 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
521 | 144 |
145 void | |
1136 | 146 ngx_mail_auth_http_init(ngx_mail_session_t *s) |
521 | 147 { |
148 ngx_int_t rc; | |
547 | 149 ngx_pool_t *pool; |
1136 | 150 ngx_mail_auth_http_ctx_t *ctx; |
151 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 152 |
541 | 153 s->connection->log->action = "in http auth state"; |
154 | |
547 | 155 pool = ngx_create_pool(2048, s->connection->log); |
156 if (pool == NULL) { | |
1136 | 157 ngx_mail_session_internal_server_error(s); |
521 | 158 return; |
159 } | |
160 | |
1136 | 161 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); |
547 | 162 if (ctx == NULL) { |
163 ngx_destroy_pool(pool); | |
1136 | 164 ngx_mail_session_internal_server_error(s); |
547 | 165 return; |
166 } | |
167 | |
168 ctx->pool = pool; | |
169 | |
1136 | 170 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 171 |
1136 | 172 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); |
521 | 173 if (ctx->request == NULL) { |
547 | 174 ngx_destroy_pool(ctx->pool); |
1136 | 175 ngx_mail_session_internal_server_error(s); |
521 | 176 return; |
177 } | |
178 | |
1136 | 179 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); |
521 | 180 |
884 | 181 ctx->peer.sockaddr = ahcf->peer->sockaddr; |
182 ctx->peer.socklen = ahcf->peer->socklen; | |
183 ctx->peer.name = &ahcf->peer->name; | |
184 ctx->peer.get = ngx_event_get_peer; | |
521 | 185 ctx->peer.log = s->connection->log; |
186 ctx->peer.log_error = NGX_ERROR_ERR; | |
187 | |
188 rc = ngx_event_connect_peer(&ctx->peer); | |
189 | |
543 | 190 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { |
862
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
191 if (ctx->peer.connection) { |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
192 ngx_close_connection(ctx->peer.connection); |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
193 } |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
194 |
547 | 195 ngx_destroy_pool(ctx->pool); |
1136 | 196 ngx_mail_session_internal_server_error(s); |
521 | 197 return; |
198 } | |
199 | |
200 ctx->peer.connection->data = s; | |
201 ctx->peer.connection->pool = s->connection->pool; | |
202 | |
1136 | 203 s->connection->read->handler = ngx_mail_auth_http_block_read; |
204 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; | |
205 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; | |
521 | 206 |
1136 | 207 ctx->handler = ngx_mail_auth_http_ignore_status_line; |
527 | 208 |
541 | 209 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); |
210 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); | |
211 | |
521 | 212 if (rc == NGX_OK) { |
1136 | 213 ngx_mail_auth_http_write_handler(ctx->peer.connection->write); |
521 | 214 return; |
215 } | |
216 } | |
217 | |
218 | |
219 static void | |
1136 | 220 ngx_mail_auth_http_write_handler(ngx_event_t *wev) |
521 | 221 { |
222 ssize_t n, size; | |
223 ngx_connection_t *c; | |
1136 | 224 ngx_mail_session_t *s; |
225 ngx_mail_auth_http_ctx_t *ctx; | |
226 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 227 |
228 c = wev->data; | |
229 s = c->data; | |
230 | |
1136 | 231 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 232 |
1136 | 233 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, |
234 "mail auth http write handler"); | |
521 | 235 |
577 | 236 if (wev->timedout) { |
521 | 237 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, |
884 | 238 "auth http server %V timed out", ctx->peer.name); |
525 | 239 ngx_close_connection(ctx->peer.connection); |
547 | 240 ngx_destroy_pool(ctx->pool); |
1136 | 241 ngx_mail_session_internal_server_error(s); |
521 | 242 return; |
243 } | |
244 | |
245 size = ctx->request->last - ctx->request->pos; | |
246 | |
247 n = ngx_send(c, ctx->request->pos, size); | |
248 | |
249 if (n == NGX_ERROR) { | |
525 | 250 ngx_close_connection(ctx->peer.connection); |
547 | 251 ngx_destroy_pool(ctx->pool); |
1136 | 252 ngx_mail_session_internal_server_error(s); |
521 | 253 return; |
254 } | |
255 | |
256 if (n > 0) { | |
257 ctx->request->pos += n; | |
258 | |
259 if (n == size) { | |
1136 | 260 wev->handler = ngx_mail_auth_http_dummy_handler; |
521 | 261 |
262 if (wev->timer_set) { | |
263 ngx_del_timer(wev); | |
264 } | |
265 | |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
266 if (ngx_handle_write_event(wev, 0) == NGX_ERROR) { |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
267 ngx_close_connection(ctx->peer.connection); |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
268 ngx_destroy_pool(ctx->pool); |
1136 | 269 ngx_mail_session_internal_server_error(s); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
270 } |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
271 |
521 | 272 return; |
273 } | |
274 } | |
275 | |
276 if (!wev->timer_set) { | |
1136 | 277 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 278 ngx_add_timer(wev, ahcf->timeout); |
279 } | |
280 } | |
281 | |
282 | |
283 static void | |
1136 | 284 ngx_mail_auth_http_read_handler(ngx_event_t *rev) |
521 | 285 { |
525 | 286 ssize_t n, size; |
521 | 287 ngx_connection_t *c; |
1136 | 288 ngx_mail_session_t *s; |
289 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 290 |
291 c = rev->data; | |
292 s = c->data; | |
293 | |
1136 | 294 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
295 "mail auth http read handler"); | |
521 | 296 |
1136 | 297 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
525 | 298 |
577 | 299 if (rev->timedout) { |
525 | 300 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, |
884 | 301 "auth http server %V timed out", ctx->peer.name); |
525 | 302 ngx_close_connection(ctx->peer.connection); |
547 | 303 ngx_destroy_pool(ctx->pool); |
1136 | 304 ngx_mail_session_internal_server_error(s); |
525 | 305 return; |
306 } | |
307 | |
308 if (ctx->response == NULL) { | |
547 | 309 ctx->response = ngx_create_temp_buf(ctx->pool, 1024); |
525 | 310 if (ctx->response == NULL) { |
311 ngx_close_connection(ctx->peer.connection); | |
547 | 312 ngx_destroy_pool(ctx->pool); |
1136 | 313 ngx_mail_session_internal_server_error(s); |
525 | 314 return; |
315 } | |
316 } | |
317 | |
527 | 318 size = ctx->response->end - ctx->response->last; |
525 | 319 |
320 n = ngx_recv(c, ctx->response->pos, size); | |
321 | |
527 | 322 if (n > 0) { |
323 ctx->response->last += n; | |
324 | |
325 ctx->handler(s, ctx); | |
326 return; | |
327 } | |
328 | |
329 if (n == NGX_AGAIN) { | |
525 | 330 return; |
331 } | |
332 | |
527 | 333 ngx_close_connection(ctx->peer.connection); |
547 | 334 ngx_destroy_pool(ctx->pool); |
1136 | 335 ngx_mail_session_internal_server_error(s); |
527 | 336 } |
525 | 337 |
338 | |
527 | 339 static void |
1136 | 340 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, |
341 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 342 { |
343 u_char *p, ch; | |
344 enum { | |
345 sw_start = 0, | |
346 sw_H, | |
347 sw_HT, | |
348 sw_HTT, | |
349 sw_HTTP, | |
350 sw_skip, | |
351 sw_almost_done | |
352 } state; | |
353 | |
1136 | 354 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
355 "mail auth http process status line"); | |
527 | 356 |
357 state = ctx->state; | |
358 | |
359 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
360 ch = *p; | |
361 | |
362 switch (state) { | |
363 | |
364 /* "HTTP/" */ | |
365 case sw_start: | |
366 if (ch == 'H') { | |
367 state = sw_H; | |
368 break; | |
369 } | |
370 goto next; | |
371 | |
372 case sw_H: | |
373 if (ch == 'T') { | |
374 state = sw_HT; | |
375 break; | |
376 } | |
377 goto next; | |
378 | |
379 case sw_HT: | |
380 if (ch == 'T') { | |
381 state = sw_HTT; | |
382 break; | |
383 } | |
384 goto next; | |
385 | |
386 case sw_HTT: | |
387 if (ch == 'P') { | |
388 state = sw_HTTP; | |
389 break; | |
390 } | |
391 goto next; | |
392 | |
393 case sw_HTTP: | |
394 if (ch == '/') { | |
395 state = sw_skip; | |
396 break; | |
397 } | |
398 goto next; | |
399 | |
400 /* any text until end of line */ | |
401 case sw_skip: | |
402 switch (ch) { | |
403 case CR: | |
404 state = sw_almost_done; | |
405 | |
406 break; | |
577 | 407 case LF: |
527 | 408 goto done; |
409 } | |
410 break; | |
411 | |
412 /* end of status line */ | |
413 case sw_almost_done: | |
414 if (ch == LF) { | |
415 goto done; | |
416 } | |
417 | |
418 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 419 "auth http server &V sent invalid response", |
884 | 420 ctx->peer.name); |
527 | 421 ngx_close_connection(ctx->peer.connection); |
547 | 422 ngx_destroy_pool(ctx->pool); |
1136 | 423 ngx_mail_session_internal_server_error(s); |
527 | 424 return; |
425 } | |
426 } | |
427 | |
428 ctx->response->pos = p; | |
429 ctx->state = state; | |
430 | |
431 return; | |
432 | |
433 next: | |
434 | |
435 p = ctx->response->start - 1; | |
436 | |
437 done: | |
438 | |
439 ctx->response->pos = p + 1; | |
440 ctx->state = 0; | |
1136 | 441 ctx->handler = ngx_mail_auth_http_process_headers; |
527 | 442 ctx->handler(s, ctx); |
443 } | |
525 | 444 |
445 | |
527 | 446 static void |
1136 | 447 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, |
448 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 449 { |
450 u_char *p; | |
547 | 451 time_t timer; |
527 | 452 size_t len, size; |
453 ngx_int_t rc, port, n; | |
884 | 454 ngx_peer_addr_t *peer; |
527 | 455 struct sockaddr_in *sin; |
525 | 456 |
1136 | 457 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
458 "mail auth http process headers"); | |
527 | 459 |
460 for ( ;; ) { | |
1136 | 461 rc = ngx_mail_auth_http_parse_header_line(s, ctx); |
527 | 462 |
463 if (rc == NGX_OK) { | |
464 | |
465 #if (NGX_DEBUG) | |
466 { | |
467 ngx_str_t key, value; | |
468 | |
469 key.len = ctx->header_name_end - ctx->header_name_start; | |
470 key.data = ctx->header_name_start; | |
471 value.len = ctx->header_end - ctx->header_start; | |
472 value.data = ctx->header_start; | |
473 | |
1136 | 474 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
475 "mail auth http header: \"%V: %V\"", | |
527 | 476 &key, &value); |
477 } | |
478 #endif | |
479 | |
480 len = ctx->header_name_end - ctx->header_name_start; | |
481 | |
482 if (len == sizeof("Auth-Status") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
483 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
484 (u_char *) "Auth-Status", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
485 sizeof("Auth-Status") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
486 == 0) |
527 | 487 { |
488 len = ctx->header_end - ctx->header_start; | |
489 | |
490 if (len == 2 | |
491 && ctx->header_start[0] == 'O' | |
492 && ctx->header_start[1] == 'K') | |
493 { | |
494 continue; | |
495 } | |
496 | |
883 | 497 if (len == 4 |
498 && ctx->header_start[0] == 'W' | |
499 && ctx->header_start[1] == 'A' | |
500 && ctx->header_start[2] == 'I' | |
501 && ctx->header_start[3] == 'T') | |
502 { | |
503 s->auth_wait = 1; | |
504 continue; | |
505 } | |
506 | |
567 | 507 ctx->errmsg.len = len; |
508 ctx->errmsg.data = ctx->header_start; | |
509 | |
1136 | 510 switch (s->protocol) { |
511 | |
512 case NGX_MAIL_POP3_PROTOCOL: | |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
513 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; |
1136 | 514 break; |
527 | 515 |
1136 | 516 case NGX_MAIL_IMAP_PROTOCOL: |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
517 size = s->tag.len + sizeof("NO ") - 1 + len |
527 | 518 + sizeof(CRLF) - 1; |
1136 | 519 break; |
520 | |
521 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
522 ctx->err = ctx->errmsg; | |
523 continue; | |
527 | 524 } |
525 | |
526 p = ngx_pcalloc(s->connection->pool, size); | |
527 if (p == NULL) { | |
543 | 528 ngx_close_connection(ctx->peer.connection); |
547 | 529 ngx_destroy_pool(ctx->pool); |
1136 | 530 ngx_mail_session_internal_server_error(s); |
527 | 531 return; |
532 } | |
533 | |
534 ctx->err.data = p; | |
535 | |
1136 | 536 switch (s->protocol) { |
527 | 537 |
1136 | 538 case NGX_MAIL_POP3_PROTOCOL: |
539 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; | |
540 break; | |
541 | |
542 case NGX_MAIL_IMAP_PROTOCOL: | |
527 | 543 p = ngx_cpymem(p, s->tag.data, s->tag.len); |
1136 | 544 *p++ = 'N'; *p++ = 'O'; *p++ = ' '; |
545 break; | |
546 | |
547 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
548 break; | |
527 | 549 } |
550 | |
551 p = ngx_cpymem(p, ctx->header_start, len); | |
552 *p++ = CR; *p++ = LF; | |
553 | |
554 ctx->err.len = p - ctx->err.data; | |
555 | |
556 continue; | |
557 } | |
558 | |
559 if (len == sizeof("Auth-Server") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
560 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
561 (u_char *) "Auth-Server", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
562 sizeof("Auth-Server") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
563 == 0) |
527 | 564 { |
565 ctx->addr.len = ctx->header_end - ctx->header_start; | |
566 ctx->addr.data = ctx->header_start; | |
567 | |
568 continue; | |
569 } | |
570 | |
571 if (len == sizeof("Auth-Port") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
572 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
573 (u_char *) "Auth-Port", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
574 sizeof("Auth-Port") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
575 == 0) |
527 | 576 { |
577 ctx->port.len = ctx->header_end - ctx->header_start; | |
578 ctx->port.data = ctx->header_start; | |
579 | |
580 continue; | |
581 } | |
582 | |
583 if (len == sizeof("Auth-User") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
584 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
585 (u_char *) "Auth-User", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
586 sizeof("Auth-User") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
587 == 0) |
527 | 588 { |
589 s->login.len = ctx->header_end - ctx->header_start; | |
567 | 590 |
591 s->login.data = ngx_palloc(s->connection->pool, s->login.len); | |
592 if (s->login.data == NULL) { | |
593 ngx_close_connection(ctx->peer.connection); | |
594 ngx_destroy_pool(ctx->pool); | |
1136 | 595 ngx_mail_session_internal_server_error(s); |
567 | 596 return; |
597 } | |
598 | |
599 ngx_memcpy(s->login.data, ctx->header_start, s->login.len); | |
527 | 600 |
601 continue; | |
602 } | |
603 | |
800 | 604 if (len == sizeof("Auth-Pass") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
605 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
606 (u_char *) "Auth-Pass", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
607 sizeof("Auth-Pass") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
608 == 0) |
800 | 609 { |
610 s->passwd.len = ctx->header_end - ctx->header_start; | |
611 | |
612 s->passwd.data = ngx_palloc(s->connection->pool, s->passwd.len); | |
613 if (s->passwd.data == NULL) { | |
614 ngx_close_connection(ctx->peer.connection); | |
615 ngx_destroy_pool(ctx->pool); | |
1136 | 616 ngx_mail_session_internal_server_error(s); |
800 | 617 return; |
618 } | |
619 | |
620 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); | |
621 | |
622 continue; | |
623 } | |
624 | |
527 | 625 if (len == sizeof("Auth-Wait") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
626 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
627 (u_char *) "Auth-Wait", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
628 sizeof("Auth-Wait") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
629 == 0) |
527 | 630 { |
631 n = ngx_atoi(ctx->header_start, | |
632 ctx->header_end - ctx->header_start); | |
633 | |
634 if (n != NGX_ERROR) { | |
635 ctx->sleep = n; | |
636 } | |
637 | |
638 continue; | |
639 } | |
640 | |
1136 | 641 if (len == sizeof("Auth-Error-Code") - 1 |
642 && ngx_strncasecmp(ctx->header_name_start, | |
643 (u_char *) "Auth-Error-Code", | |
644 sizeof("Auth-Error-Code") - 1) | |
645 == 0) | |
646 { | |
647 ctx->errcode.len = ctx->header_end - ctx->header_start; | |
648 | |
649 ctx->errcode.data = ngx_palloc(s->connection->pool, | |
650 ctx->errcode.len); | |
651 if (ctx->errcode.data == NULL) { | |
652 ngx_close_connection(ctx->peer.connection); | |
653 ngx_destroy_pool(ctx->pool); | |
654 ngx_mail_session_internal_server_error(s); | |
655 return; | |
656 } | |
657 | |
658 ngx_memcpy(ctx->errcode.data, ctx->header_start, | |
659 ctx->errcode.len); | |
660 | |
661 continue; | |
662 } | |
663 | |
527 | 664 /* ignore other headers */ |
665 | |
666 continue; | |
667 } | |
668 | |
669 if (rc == NGX_DONE) { | |
1136 | 670 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
671 "mail auth http header done"); | |
527 | 672 |
673 ngx_close_connection(ctx->peer.connection); | |
674 | |
675 if (ctx->err.len) { | |
1136 | 676 |
567 | 677 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, |
678 "client login failed: \"%V\"", &ctx->errmsg); | |
679 | |
1136 | 680 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
681 | |
682 if (ctx->errcode.len == 0) { | |
683 ctx->errcode = ngx_mail_smtp_errcode; | |
684 } | |
685 | |
686 ctx->err.len = ctx->errcode.len + ctx->errmsg.len | |
687 + sizeof(" " CRLF) - 1; | |
688 | |
1166 | 689 p = ngx_palloc(s->connection->pool, ctx->err.len); |
690 if (p == NULL) { | |
691 ngx_close_connection(ctx->peer.connection); | |
692 ngx_destroy_pool(ctx->pool); | |
693 ngx_mail_session_internal_server_error(s); | |
694 return; | |
695 } | |
1136 | 696 |
1166 | 697 ctx->err.data = p; |
1136 | 698 |
1166 | 699 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); |
1136 | 700 *p++ = ' '; |
1166 | 701 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); |
1136 | 702 *p++ = CR; *p = LF; |
703 } | |
704 | |
539 | 705 s->out = ctx->err; |
547 | 706 timer = ctx->sleep; |
527 | 707 |
547 | 708 ngx_destroy_pool(ctx->pool); |
709 | |
710 if (timer == 0) { | |
539 | 711 s->quit = 1; |
1136 | 712 ngx_mail_send(s->connection->write); |
541 | 713 return; |
714 } | |
539 | 715 |
547 | 716 ngx_add_timer(s->connection->read, timer * 1000); |
527 | 717 |
1136 | 718 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
527 | 719 |
720 return; | |
721 } | |
722 | |
883 | 723 if (s->auth_wait) { |
724 timer = ctx->sleep; | |
725 | |
726 ngx_destroy_pool(ctx->pool); | |
727 | |
728 if (timer == 0) { | |
1136 | 729 ngx_mail_auth_http_init(s); |
883 | 730 return; |
731 } | |
732 | |
733 ngx_add_timer(s->connection->read, timer * 1000); | |
734 | |
1136 | 735 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
883 | 736 |
737 return; | |
738 } | |
739 | |
527 | 740 if (ctx->addr.len == 0 || ctx->port.len == 0) { |
741 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 742 "auth http server %V did not send server or port", |
884 | 743 ctx->peer.name); |
547 | 744 ngx_destroy_pool(ctx->pool); |
1136 | 745 ngx_mail_session_internal_server_error(s); |
527 | 746 return; |
747 } | |
748 | |
1136 | 749 if (s->passwd.data == NULL && s->protocol != NGX_MAIL_SMTP_PROTOCOL) |
750 { | |
800 | 751 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
752 "auth http server %V did not send password", | |
884 | 753 ctx->peer.name); |
800 | 754 ngx_destroy_pool(ctx->pool); |
1136 | 755 ngx_mail_session_internal_server_error(s); |
800 | 756 return; |
757 } | |
758 | |
884 | 759 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_peer_addr_t)); |
760 if (peer == NULL) { | |
547 | 761 ngx_destroy_pool(ctx->pool); |
1136 | 762 ngx_mail_session_internal_server_error(s); |
527 | 763 return; |
764 } | |
765 | |
766 sin = ngx_pcalloc(s->connection->pool, sizeof(struct sockaddr_in)); | |
767 if (sin == NULL) { | |
547 | 768 ngx_destroy_pool(ctx->pool); |
1136 | 769 ngx_mail_session_internal_server_error(s); |
527 | 770 return; |
771 } | |
772 | |
773 sin->sin_family = AF_INET; | |
774 | |
775 port = ngx_atoi(ctx->port.data, ctx->port.len); | |
776 if (port == NGX_ERROR || port < 1 || port > 65536) { | |
777 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 778 "auth http server %V sent invalid server " |
779 "port:\"%V\"", | |
884 | 780 ctx->peer.name, &ctx->port); |
547 | 781 ngx_destroy_pool(ctx->pool); |
1136 | 782 ngx_mail_session_internal_server_error(s); |
527 | 783 return; |
784 } | |
785 | |
786 sin->sin_port = htons((in_port_t) port); | |
787 | |
788 ctx->addr.data[ctx->addr.len] = '\0'; | |
789 sin->sin_addr.s_addr = inet_addr((char *) ctx->addr.data); | |
790 if (sin->sin_addr.s_addr == INADDR_NONE) { | |
791 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 792 "auth http server %V sent invalid server " |
793 "address:\"%V\"", | |
884 | 794 ctx->peer.name, &ctx->addr); |
547 | 795 ngx_destroy_pool(ctx->pool); |
1136 | 796 ngx_mail_session_internal_server_error(s); |
527 | 797 return; |
798 } | |
799 | |
884 | 800 peer->sockaddr = (struct sockaddr *) sin; |
801 peer->socklen = sizeof(struct sockaddr_in); | |
527 | 802 |
803 len = ctx->addr.len + 1 + ctx->port.len; | |
804 | |
884 | 805 peer->name.len = len; |
527 | 806 |
884 | 807 peer->name.data = ngx_palloc(s->connection->pool, len); |
808 if (peer->name.data == NULL) { | |
547 | 809 ngx_destroy_pool(ctx->pool); |
1136 | 810 ngx_mail_session_internal_server_error(s); |
527 | 811 return; |
812 } | |
813 | |
814 len = ctx->addr.len; | |
815 | |
884 | 816 ngx_memcpy(peer->name.data, ctx->addr.data, len); |
527 | 817 |
884 | 818 peer->name.data[len++] = ':'; |
527 | 819 |
884 | 820 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); |
527 | 821 |
547 | 822 ngx_destroy_pool(ctx->pool); |
1136 | 823 ngx_mail_proxy_init(s, peer); |
527 | 824 |
825 return; | |
826 } | |
827 | |
828 if (rc == NGX_AGAIN ) { | |
829 return; | |
830 } | |
831 | |
832 /* rc == NGX_ERROR */ | |
833 | |
834 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 835 "auth http server %V sent invalid header in response", |
884 | 836 ctx->peer.name); |
527 | 837 ngx_close_connection(ctx->peer.connection); |
547 | 838 ngx_destroy_pool(ctx->pool); |
1136 | 839 ngx_mail_session_internal_server_error(s); |
527 | 840 |
841 return; | |
842 } | |
843 } | |
844 | |
521 | 845 |
527 | 846 static void |
1136 | 847 ngx_mail_auth_sleep_handler(ngx_event_t *rev) |
527 | 848 { |
543 | 849 ngx_connection_t *c; |
1136 | 850 ngx_mail_session_t *s; |
851 ngx_mail_core_srv_conf_t *cscf; | |
527 | 852 |
1136 | 853 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); |
527 | 854 |
855 c = rev->data; | |
856 s = c->data; | |
857 | |
858 if (rev->timedout) { | |
859 | |
860 rev->timedout = 0; | |
861 | |
883 | 862 if (s->auth_wait) { |
863 s->auth_wait = 0; | |
1136 | 864 ngx_mail_auth_http_init(s); |
883 | 865 return; |
866 } | |
867 | |
1136 | 868 switch (s->protocol) { |
869 | |
870 case NGX_MAIL_POP3_PROTOCOL: | |
871 s->mail_state = ngx_pop3_start; | |
527 | 872 s->connection->read->handler = ngx_pop3_auth_state; |
1136 | 873 break; |
527 | 874 |
1136 | 875 case NGX_MAIL_IMAP_PROTOCOL: |
876 s->mail_state = ngx_imap_start; | |
527 | 877 s->connection->read->handler = ngx_imap_auth_state; |
1136 | 878 break; |
879 | |
880 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
881 s->mail_state = ngx_smtp_start; | |
882 s->connection->read->handler = ngx_smtp_auth_state; | |
883 break; | |
527 | 884 } |
885 | |
1136 | 886 s->auth_method = NGX_MAIL_AUTH_PLAIN; |
800 | 887 |
543 | 888 c->log->action = "in auth state"; |
889 | |
1136 | 890 ngx_mail_send(s->connection->write); |
543 | 891 |
583 | 892 if (c->destroyed) { |
543 | 893 return; |
894 } | |
895 | |
1136 | 896 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
543 | 897 |
898 ngx_add_timer(rev, cscf->timeout); | |
899 | |
527 | 900 if (rev->ready) { |
901 s->connection->read->handler(rev); | |
902 return; | |
903 } | |
904 | |
905 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1136 | 906 ngx_mail_close_connection(s->connection); |
527 | 907 } |
908 | |
909 return; | |
910 } | |
911 | |
912 if (rev->active) { | |
913 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1136 | 914 ngx_mail_close_connection(s->connection); |
527 | 915 } |
916 } | |
917 } | |
918 | |
919 | |
920 static ngx_int_t | |
1136 | 921 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
922 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 923 { |
924 u_char c, ch, *p; | |
925 ngx_uint_t hash; | |
926 enum { | |
927 sw_start = 0, | |
928 sw_name, | |
929 sw_space_before_value, | |
930 sw_value, | |
931 sw_space_after_value, | |
577 | 932 sw_almost_done, |
527 | 933 sw_header_almost_done |
934 } state; | |
935 | |
577 | 936 state = ctx->state; |
527 | 937 hash = ctx->hash; |
938 | |
939 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
940 ch = *p; | |
941 | |
942 switch (state) { | |
943 | |
944 /* first char */ | |
945 case sw_start: | |
946 | |
947 switch (ch) { | |
948 case CR: | |
577 | 949 ctx->header_end = p; |
527 | 950 state = sw_header_almost_done; |
951 break; | |
577 | 952 case LF: |
527 | 953 ctx->header_end = p; |
954 goto header_done; | |
955 default: | |
956 state = sw_name; | |
957 ctx->header_name_start = p; | |
958 | |
959 c = (u_char) (ch | 0x20); | |
960 if (c >= 'a' && c <= 'z') { | |
961 hash = c; | |
962 break; | |
963 } | |
964 | |
965 if (ch >= '0' && ch <= '9') { | |
966 hash = ch; | |
967 break; | |
968 } | |
969 | |
970 return NGX_ERROR; | |
971 } | |
972 break; | |
973 | |
974 /* header name */ | |
975 case sw_name: | |
976 c = (u_char) (ch | 0x20); | |
977 if (c >= 'a' && c <= 'z') { | |
978 hash += c; | |
979 break; | |
980 } | |
981 | |
982 if (ch == ':') { | |
983 ctx->header_name_end = p; | |
984 state = sw_space_before_value; | |
985 break; | |
986 } | |
987 | |
988 if (ch == '-') { | |
989 hash += ch; | |
990 break; | |
991 } | |
992 | |
993 if (ch >= '0' && ch <= '9') { | |
994 hash += ch; | |
995 break; | |
996 } | |
997 | |
998 if (ch == CR) { | |
999 ctx->header_name_end = p; | |
1000 ctx->header_start = p; | |
1001 ctx->header_end = p; | |
1002 state = sw_almost_done; | |
1003 break; | |
1004 } | |
1005 | |
1006 if (ch == LF) { | |
1007 ctx->header_name_end = p; | |
1008 ctx->header_start = p; | |
1009 ctx->header_end = p; | |
1010 goto done; | |
1011 } | |
1012 | |
1013 return NGX_ERROR; | |
1014 | |
1015 /* space* before header value */ | |
1016 case sw_space_before_value: | |
1017 switch (ch) { | |
1018 case ' ': | |
1019 break; | |
1020 case CR: | |
1021 ctx->header_start = p; | |
1022 ctx->header_end = p; | |
1023 state = sw_almost_done; | |
1024 break; | |
1025 case LF: | |
1026 ctx->header_start = p; | |
1027 ctx->header_end = p; | |
1028 goto done; | |
1029 default: | |
1030 ctx->header_start = p; | |
1031 state = sw_value; | |
1032 break; | |
1033 } | |
1034 break; | |
1035 | |
1036 /* header value */ | |
1037 case sw_value: | |
1038 switch (ch) { | |
1039 case ' ': | |
1040 ctx->header_end = p; | |
1041 state = sw_space_after_value; | |
1042 break; | |
1043 case CR: | |
1044 ctx->header_end = p; | |
1045 state = sw_almost_done; | |
1046 break; | |
1047 case LF: | |
1048 ctx->header_end = p; | |
1049 goto done; | |
1050 } | |
1051 break; | |
1052 | |
1053 /* space* before end of header line */ | |
1054 case sw_space_after_value: | |
1055 switch (ch) { | |
1056 case ' ': | |
1057 break; | |
1058 case CR: | |
1059 state = sw_almost_done; | |
1060 break; | |
1061 case LF: | |
1062 goto done; | |
1063 default: | |
1064 state = sw_value; | |
1065 break; | |
1066 } | |
1067 break; | |
1068 | |
1069 /* end of header line */ | |
1070 case sw_almost_done: | |
1071 switch (ch) { | |
1072 case LF: | |
1073 goto done; | |
1074 default: | |
1075 return NGX_ERROR; | |
1076 } | |
1077 | |
1078 /* end of header */ | |
1079 case sw_header_almost_done: | |
1080 switch (ch) { | |
1081 case LF: | |
1082 goto header_done; | |
1083 default: | |
1084 return NGX_ERROR; | |
1085 } | |
1086 } | |
1087 } | |
1088 | |
1089 ctx->response->pos = p; | |
1090 ctx->state = state; | |
1091 ctx->hash = hash; | |
1092 | |
1093 return NGX_AGAIN; | |
1094 | |
1095 done: | |
1096 | |
1097 ctx->response->pos = p + 1; | |
1098 ctx->state = sw_start; | |
1099 ctx->hash = hash; | |
1100 | |
1101 return NGX_OK; | |
1102 | |
1103 header_done: | |
1104 | |
1105 ctx->response->pos = p + 1; | |
1106 ctx->state = sw_start; | |
1107 | |
1108 return NGX_DONE; | |
521 | 1109 } |
1110 | |
1111 | |
1112 static void | |
1136 | 1113 ngx_mail_auth_http_block_read(ngx_event_t *rev) |
521 | 1114 { |
1115 ngx_connection_t *c; | |
1136 | 1116 ngx_mail_session_t *s; |
1117 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 1118 |
1136 | 1119 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
1120 "mail auth http block read"); | |
521 | 1121 |
1122 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1123 c = rev->data; | |
1124 s = c->data; | |
1125 | |
1136 | 1126 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 1127 |
525 | 1128 ngx_close_connection(ctx->peer.connection); |
547 | 1129 ngx_destroy_pool(ctx->pool); |
1136 | 1130 ngx_mail_session_internal_server_error(s); |
521 | 1131 } |
1132 } | |
1133 | |
1134 | |
1135 static void | |
1136 | 1136 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) |
521 | 1137 { |
1136 | 1138 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, |
1139 "mail auth http dummy handler"); | |
521 | 1140 } |
1141 | |
1142 | |
1143 static ngx_buf_t * | |
1136 | 1144 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, |
1145 ngx_mail_auth_http_conf_t *ahcf) | |
521 | 1146 { |
1147 size_t len; | |
1148 ngx_buf_t *b; | |
633 | 1149 ngx_str_t login, passwd; |
1150 | |
1136 | 1151 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { |
633 | 1152 return NULL; |
1153 } | |
1154 | |
1136 | 1155 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { |
633 | 1156 return NULL; |
1157 } | |
521 | 1158 |
1159 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 | |
1160 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 | |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1161 + sizeof("Auth-Method: ") - 1 |
1136 | 1162 + ngx_mail_auth_http_method[s->auth_method].len |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1163 + sizeof(CRLF) - 1 |
633 | 1164 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 |
1165 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 | |
800 | 1166 + sizeof("Auth-Salt: ") - 1 + s->salt.len |
521 | 1167 + sizeof("Auth-Protocol: imap" CRLF) - 1 |
527 | 1168 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1169 + sizeof(CRLF) - 1 | |
521 | 1170 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1171 + sizeof(CRLF) - 1 | |
1285
0c10dc6a8e74
fix memory allocation for auth_http_header
Igor Sysoev <igor@sysoev.ru>
parents:
1166
diff
changeset
|
1172 + ahcf->header.len |
521 | 1173 + sizeof(CRLF) - 1; |
1174 | |
547 | 1175 b = ngx_create_temp_buf(pool, len); |
521 | 1176 if (b == NULL) { |
1177 return NULL; | |
1178 } | |
1179 | |
1180 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | |
573 | 1181 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
521 | 1182 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
1183 sizeof(" HTTP/1.0" CRLF) - 1); | |
1184 | |
1185 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | |
573 | 1186 b->last = ngx_copy(b->last, ahcf->host_header.data, |
521 | 1187 ahcf->host_header.len); |
1188 *b->last++ = CR; *b->last++ = LF; | |
1189 | |
800 | 1190 b->last = ngx_cpymem(b->last, "Auth-Method: ", |
1191 sizeof("Auth-Method: ") - 1); | |
1192 b->last = ngx_cpymem(b->last, | |
1136 | 1193 ngx_mail_auth_http_method[s->auth_method].data, |
1194 ngx_mail_auth_http_method[s->auth_method].len); | |
800 | 1195 *b->last++ = CR; *b->last++ = LF; |
521 | 1196 |
1197 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | |
633 | 1198 b->last = ngx_copy(b->last, login.data, login.len); |
521 | 1199 *b->last++ = CR; *b->last++ = LF; |
1200 | |
1201 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | |
633 | 1202 b->last = ngx_copy(b->last, passwd.data, passwd.len); |
521 | 1203 *b->last++ = CR; *b->last++ = LF; |
1204 | |
1136 | 1205 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { |
800 | 1206 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); |
1207 b->last = ngx_copy(b->last, s->salt.data, s->salt.len); | |
1208 | |
1209 s->passwd.data = NULL; | |
1210 } | |
1211 | |
521 | 1212 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1213 sizeof("Auth-Protocol: ") - 1); | |
1136 | 1214 b->last = ngx_cpymem(b->last, ngx_mail_auth_http_protocol[s->protocol], |
521 | 1215 sizeof("imap") - 1); |
1216 *b->last++ = CR; *b->last++ = LF; | |
1217 | |
527 | 1218 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1219 s->login_attempt); | |
1220 | |
521 | 1221 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
573 | 1222 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
521 | 1223 s->connection->addr_text.len); |
1224 *b->last++ = CR; *b->last++ = LF; | |
1225 | |
573 | 1226 if (ahcf->header.len) { |
1227 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1228 } | |
1229 | |
521 | 1230 /* add "\r\n" at the header end */ |
1231 *b->last++ = CR; *b->last++ = LF; | |
1232 | |
1136 | 1233 #if (NGX_DEBUG_MAIL_PASSWD) |
521 | 1234 { |
1235 ngx_str_t l; | |
1236 | |
1237 l.len = b->last - b->pos; | |
1238 l.data = b->pos; | |
1136 | 1239 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
1240 "mail auth http header:\n\"%V\"", &l); | |
521 | 1241 } |
1242 #endif | |
1243 | |
1244 return b; | |
1245 } | |
1246 | |
1247 | |
633 | 1248 static ngx_int_t |
1136 | 1249 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) |
633 | 1250 { |
1251 u_char ch, *p; | |
1252 ngx_uint_t i, n; | |
1253 | |
1254 n = 0; | |
1255 | |
1256 for (i = 0; i < text->len; i++) { | |
1257 ch = text->data[i]; | |
1258 | |
1259 if (ch == CR || ch == LF) { | |
1260 n++; | |
1261 } | |
1262 } | |
1263 | |
1264 if (n == 0) { | |
1265 *escaped = *text; | |
1266 return NGX_OK; | |
1267 } | |
1268 | |
1269 escaped->len = text->len + n * 2; | |
1270 | |
1271 p = ngx_palloc(pool, escaped->len); | |
1272 if (p == NULL) { | |
1273 return NGX_ERROR; | |
1274 } | |
1275 | |
1276 escaped->data = p; | |
1277 | |
1278 for (i = 0; i < text->len; i++) { | |
1279 ch = text->data[i]; | |
1280 | |
1281 if (ch == CR) { | |
1282 *p++ = '%'; | |
1283 *p++ = '0'; | |
1284 *p++ = 'D'; | |
1285 continue; | |
1286 } | |
1287 | |
1288 if (ch == LF) { | |
1289 *p++ = '%'; | |
1290 *p++ = '0'; | |
1291 *p++ = 'A'; | |
1292 continue; | |
1293 } | |
1294 | |
1295 *p++ = ch; | |
1296 } | |
1297 | |
1298 return NGX_OK; | |
1299 } | |
1300 | |
1301 | |
521 | 1302 static void * |
1136 | 1303 ngx_mail_auth_http_create_conf(ngx_conf_t *cf) |
577 | 1304 { |
1136 | 1305 ngx_mail_auth_http_conf_t *ahcf; |
577 | 1306 |
1136 | 1307 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); |
521 | 1308 if (ahcf == NULL) { |
1309 return NGX_CONF_ERROR; | |
1310 } | |
1311 | |
1312 ahcf->timeout = NGX_CONF_UNSET_MSEC; | |
1313 | |
1314 return ahcf; | |
1315 } | |
1316 | |
1317 | |
1318 static char * | |
1136 | 1319 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
521 | 1320 { |
1136 | 1321 ngx_mail_auth_http_conf_t *prev = parent; |
1322 ngx_mail_auth_http_conf_t *conf = child; | |
521 | 1323 |
573 | 1324 u_char *p; |
1325 size_t len; | |
1326 ngx_uint_t i; | |
1327 ngx_table_elt_t *header; | |
1328 | |
884 | 1329 if (conf->peer == NULL) { |
1330 conf->peer = prev->peer; | |
521 | 1331 conf->host_header = prev->host_header; |
1332 conf->uri = prev->uri; | |
1333 } | |
1334 | |
1335 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | |
1336 | |
573 | 1337 if (conf->headers == NULL) { |
1338 conf->headers = prev->headers; | |
1339 conf->header = prev->header; | |
1340 } | |
1341 | |
1342 if (conf->headers && conf->header.len == 0) { | |
1343 len = 0; | |
1344 header = conf->headers->elts; | |
1345 for (i = 0; i < conf->headers->nelts; i++) { | |
1346 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1347 } | |
1348 | |
1349 p = ngx_palloc(cf->pool, len); | |
1350 if (p == NULL) { | |
1351 return NGX_CONF_ERROR; | |
1352 } | |
1353 | |
1354 conf->header.len = len; | |
1355 conf->header.data = p; | |
1356 | |
1357 for (i = 0; i < conf->headers->nelts; i++) { | |
1358 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1359 *p++ = ':'; *p++ = ' '; | |
1360 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1361 *p++ = CR; *p++ = LF; | |
1362 } | |
1363 } | |
1364 | |
521 | 1365 return NGX_CONF_OK; |
1366 } | |
1367 | |
1368 | |
1369 static char * | |
1136 | 1370 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1371 { |
1136 | 1372 ngx_mail_auth_http_conf_t *ahcf = conf; |
521 | 1373 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1374 ngx_str_t *value; |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1375 ngx_url_t u; |
573 | 1376 |
521 | 1377 value = cf->args->elts; |
1378 | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1379 ngx_memzero(&u, sizeof(ngx_url_t)); |
521 | 1380 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1381 u.url = value[1]; |
906 | 1382 u.default_port = 80; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1383 u.uri_part = 1; |
884 | 1384 u.one_addr = 1; |
577 | 1385 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1386 if (ngx_parse_url(cf, &u) != NGX_OK) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1387 if (u.err) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1388 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1389 "%s in auth_http \"%V\"", u.err, &u.url); |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1390 } |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1391 } |
521 | 1392 |
884 | 1393 ahcf->peer = u.addrs; |
521 | 1394 |
906 | 1395 ahcf->host_header = u.host; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1396 ahcf->uri = u.uri; |
521 | 1397 |
559 | 1398 if (ahcf->uri.len == 0) { |
555 | 1399 ahcf->uri.len = sizeof("/") - 1; |
1400 ahcf->uri.data = (u_char *) "/"; | |
1401 } | |
1402 | |
521 | 1403 return NGX_CONF_OK; |
1404 } | |
573 | 1405 |
1406 | |
1407 static char * | |
1136 | 1408 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1409 { |
1136 | 1410 ngx_mail_auth_http_conf_t *ahcf = conf; |
573 | 1411 |
1412 ngx_str_t *value; | |
1413 ngx_table_elt_t *header; | |
1414 | |
1415 if (ahcf->headers == NULL) { | |
1416 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1417 if (ahcf->headers == NULL) { | |
1418 return NGX_CONF_ERROR; | |
1419 } | |
1420 } | |
1421 | |
1422 header = ngx_array_push(ahcf->headers); | |
1423 if (header == NULL) { | |
1424 return NGX_CONF_ERROR; | |
1425 } | |
1426 | |
1427 value = cf->args->elts; | |
1428 | |
1429 header->key = value[1]; | |
1430 header->value = value[2]; | |
1431 | |
1432 return NGX_CONF_OK; | |
1433 } |