290
|
1
|
|
2 /*
|
|
3 * Copyright (C) Igor Sysoev
|
|
4 */
|
|
5
|
|
6
|
|
7 #include <ngx_config.h>
|
|
8 #include <ngx_core.h>
|
|
9 #include <ngx_event.h>
|
|
10 #include <ngx_mail.h>
|
|
11
|
|
12
|
|
13 static void ngx_mail_init_session(ngx_connection_t *c);
|
|
14 static void ngx_mail_init_protocol(ngx_event_t *rev);
|
|
15 static ngx_int_t ngx_mail_decode_auth_plain(ngx_mail_session_t *s,
|
|
16 ngx_str_t *encoded);
|
|
17 static void ngx_mail_do_auth(ngx_mail_session_t *s);
|
|
18 static ngx_int_t ngx_mail_read_command(ngx_mail_session_t *s);
|
|
19 static u_char *ngx_mail_log_error(ngx_log_t *log, u_char *buf, size_t len);
|
|
20
|
|
21 #if (NGX_MAIL_SSL)
|
|
22 static void ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c);
|
|
23 static void ngx_mail_ssl_handshake_handler(ngx_connection_t *c);
|
|
24 #endif
|
|
25
|
|
26
|
|
27 static ngx_str_t greetings[] = {
|
|
28 ngx_string("+OK POP3 ready" CRLF),
|
|
29 ngx_string("* OK IMAP4 ready" CRLF)
|
|
30 /* SMTP greeting */
|
|
31 };
|
|
32
|
|
33 static ngx_str_t internal_server_errors[] = {
|
|
34 ngx_string("-ERR internal server error" CRLF),
|
|
35 ngx_string("* BAD internal server error" CRLF),
|
|
36 ngx_string("451 4.3.2 Internal server error" CRLF),
|
|
37 };
|
|
38
|
|
39 static u_char pop3_ok[] = "+OK" CRLF;
|
|
40 static u_char pop3_next[] = "+ " CRLF;
|
|
41 static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF;
|
|
42 static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF;
|
|
43 static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF;
|
|
44
|
|
45 static u_char imap_star[] = "* ";
|
|
46 static u_char imap_ok[] = "OK completed" CRLF;
|
|
47 static u_char imap_next[] = "+ OK" CRLF;
|
|
48 static u_char imap_bye[] = "* BYE" CRLF;
|
|
49 static u_char imap_invalid_command[] = "BAD invalid command" CRLF;
|
|
50
|
|
51 static u_char smtp_ok[] = "250 2.0.0 OK" CRLF;
|
|
52 static u_char smtp_bye[] = "221 2.0.0 Bye" CRLF;
|
|
53 static u_char smtp_next[] = "334 " CRLF;
|
|
54 static u_char smtp_username[] = "334 VXNlcm5hbWU6" CRLF;
|
|
55 static u_char smtp_password[] = "334 UGFzc3dvcmQ6" CRLF;
|
|
56 static u_char smtp_invalid_command[] = "500 5.5.1 Invalid command" CRLF;
|
|
57 static u_char smtp_invalid_argument[] = "501 5.5.4 Invalid argument" CRLF;
|
|
58 static u_char smtp_auth_required[] = "530 5.7.1 Authentication required" CRLF;
|
|
59
|
|
60
|
|
61 void
|
|
62 ngx_mail_init_connection(ngx_connection_t *c)
|
|
63 {
|
|
64 in_addr_t in_addr;
|
|
65 socklen_t len;
|
|
66 ngx_uint_t i;
|
|
67 struct sockaddr_in sin;
|
|
68 ngx_mail_log_ctx_t *ctx;
|
|
69 ngx_mail_in_port_t *imip;
|
|
70 ngx_mail_in_addr_t *imia;
|
|
71 ngx_mail_session_t *s;
|
|
72 #if (NGX_MAIL_SSL)
|
|
73 ngx_mail_ssl_conf_t *sslcf;
|
|
74 #endif
|
|
75
|
|
76
|
|
77 /* find the server configuration for the address:port */
|
|
78
|
|
79 /* AF_INET only */
|
|
80
|
|
81 imip = c->listening->servers;
|
|
82 imia = imip->addrs;
|
|
83
|
|
84 i = 0;
|
|
85
|
|
86 if (imip->naddrs > 1) {
|
|
87
|
|
88 /*
|
|
89 * There are several addresses on this port and one of them
|
|
90 * is the "*:port" wildcard so getsockname() is needed to determine
|
|
91 * the server address.
|
|
92 *
|
|
93 * AcceptEx() already gave this address.
|
|
94 */
|
|
95
|
|
96 #if (NGX_WIN32)
|
|
97 if (c->local_sockaddr) {
|
|
98 in_addr =
|
|
99 ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr;
|
|
100
|
|
101 } else
|
|
102 #endif
|
|
103 {
|
|
104 len = sizeof(struct sockaddr_in);
|
|
105 if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) {
|
|
106 ngx_connection_error(c, ngx_socket_errno,
|
|
107 "getsockname() failed");
|
|
108 ngx_mail_close_connection(c);
|
|
109 return;
|
|
110 }
|
|
111
|
|
112 in_addr = sin.sin_addr.s_addr;
|
|
113 }
|
|
114
|
|
115 /* the last address is "*" */
|
|
116
|
|
117 for ( /* void */ ; i < imip->naddrs - 1; i++) {
|
|
118 if (in_addr == imia[i].addr) {
|
|
119 break;
|
|
120 }
|
|
121 }
|
|
122 }
|
|
123
|
|
124
|
|
125 s = ngx_pcalloc(c->pool, sizeof(ngx_mail_session_t));
|
|
126 if (s == NULL) {
|
|
127 ngx_mail_close_connection(c);
|
|
128 return;
|
|
129 }
|
|
130
|
|
131 s->main_conf = imia[i].ctx->main_conf;
|
|
132 s->srv_conf = imia[i].ctx->srv_conf;
|
|
133
|
|
134 s->addr_text = &imia[i].addr_text;
|
|
135
|
|
136 c->data = s;
|
|
137 s->connection = c;
|
|
138
|
|
139 ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V",
|
|
140 c->number, &c->addr_text, s->addr_text);
|
|
141
|
|
142 ctx = ngx_palloc(c->pool, sizeof(ngx_mail_log_ctx_t));
|
|
143 if (ctx == NULL) {
|
|
144 ngx_mail_close_connection(c);
|
|
145 return;
|
|
146 }
|
|
147
|
|
148 ctx->client = &c->addr_text;
|
|
149 ctx->session = s;
|
|
150
|
|
151 c->log->connection = c->number;
|
|
152 c->log->handler = ngx_mail_log_error;
|
|
153 c->log->data = ctx;
|
|
154 c->log->action = "sending client greeting line";
|
|
155
|
|
156 c->log_error = NGX_ERROR_INFO;
|
|
157
|
|
158 #if (NGX_MAIL_SSL)
|
|
159
|
|
160 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
|
|
161
|
|
162 if (sslcf->enable) {
|
|
163 ngx_mail_ssl_init_connection(&sslcf->ssl, c);
|
|
164 return;
|
|
165 }
|
|
166
|
|
167 #endif
|
|
168
|
|
169 ngx_mail_init_session(c);
|
|
170 }
|
|
171
|
|
172
|
|
173 #if (NGX_MAIL_SSL)
|
|
174
|
|
175 static void
|
|
176 ngx_mail_starttls_handler(ngx_event_t *rev)
|
|
177 {
|
|
178 ngx_connection_t *c;
|
|
179 ngx_mail_session_t *s;
|
|
180 ngx_mail_ssl_conf_t *sslcf;
|
|
181
|
|
182 c = rev->data;
|
|
183 s = c->data;
|
|
184 s->starttls = 1;
|
|
185
|
|
186 c->log->action = "in starttls state";
|
|
187
|
|
188 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
|
|
189
|
|
190 ngx_mail_ssl_init_connection(&sslcf->ssl, c);
|
|
191 }
|
|
192
|
|
193
|
|
194 static void
|
|
195 ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c)
|
|
196 {
|
|
197 ngx_mail_session_t *s;
|
|
198 ngx_mail_core_srv_conf_t *cscf;
|
|
199
|
|
200 if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) {
|
|
201 ngx_mail_close_connection(c);
|
|
202 return;
|
|
203 }
|
|
204
|
|
205 if (ngx_ssl_handshake(c) == NGX_AGAIN) {
|
|
206
|
|
207 s = c->data;
|
|
208
|
|
209 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
210
|
|
211 ngx_add_timer(c->read, cscf->timeout);
|
|
212
|
|
213 c->ssl->handler = ngx_mail_ssl_handshake_handler;
|
|
214
|
|
215 return;
|
|
216 }
|
|
217
|
|
218 ngx_mail_ssl_handshake_handler(c);
|
|
219 }
|
|
220
|
|
221
|
|
222 static void
|
|
223 ngx_mail_ssl_handshake_handler(ngx_connection_t *c)
|
|
224 {
|
|
225 ngx_mail_session_t *s;
|
|
226
|
|
227 if (c->ssl->handshaked) {
|
|
228
|
|
229 s = c->data;
|
|
230
|
|
231 if (s->starttls) {
|
|
232 c->read->handler = ngx_mail_init_protocol;
|
|
233 c->write->handler = ngx_mail_send;
|
|
234
|
|
235 ngx_mail_init_protocol(c->read);
|
|
236
|
|
237 return;
|
|
238 }
|
|
239
|
|
240 ngx_mail_init_session(c);
|
|
241 return;
|
|
242 }
|
|
243
|
|
244 ngx_mail_close_connection(c);
|
|
245 }
|
|
246
|
|
247 #endif
|
|
248
|
|
249
|
|
250 static void
|
|
251 ngx_mail_init_session(ngx_connection_t *c)
|
|
252 {
|
|
253 u_char *p;
|
|
254 ngx_mail_session_t *s;
|
|
255 ngx_mail_core_srv_conf_t *cscf;
|
|
256
|
|
257 c->read->handler = ngx_mail_init_protocol;
|
|
258 c->write->handler = ngx_mail_send;
|
|
259
|
|
260 s = c->data;
|
|
261
|
|
262 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
263
|
|
264 s->protocol = cscf->protocol;
|
|
265
|
|
266 s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_mail_max_module);
|
|
267 if (s->ctx == NULL) {
|
|
268 ngx_mail_session_internal_server_error(s);
|
|
269 return;
|
|
270 }
|
|
271
|
|
272 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) {
|
|
273 s->out = cscf->smtp_greeting;
|
|
274
|
|
275 } else {
|
|
276 s->out = greetings[s->protocol];
|
|
277 }
|
|
278
|
|
279 if ((s->protocol == NGX_MAIL_POP3_PROTOCOL
|
|
280 && (cscf->pop3_auth_methods
|
|
281 & (NGX_MAIL_AUTH_APOP_ENABLED|NGX_MAIL_AUTH_CRAM_MD5_ENABLED)))
|
|
282
|
|
283 || (s->protocol == NGX_MAIL_SMTP_PROTOCOL
|
|
284 && (cscf->smtp_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)))
|
|
285 {
|
|
286 s->salt.data = ngx_palloc(c->pool,
|
|
287 sizeof(" <18446744073709551616.@>" CRLF) - 1
|
|
288 + NGX_TIME_T_LEN
|
|
289 + cscf->server_name.len);
|
|
290 if (s->salt.data == NULL) {
|
|
291 ngx_mail_session_internal_server_error(s);
|
|
292 return;
|
|
293 }
|
|
294
|
|
295 s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF,
|
|
296 ngx_random(), ngx_time(), &cscf->server_name)
|
|
297 - s->salt.data;
|
|
298
|
|
299 if (s->protocol == NGX_MAIL_POP3_PROTOCOL) {
|
296
|
300 s->out.data = ngx_palloc(c->pool,
|
290
|
301 greetings[0].len + 1 + s->salt.len);
|
296
|
302 if (s->out.data == NULL) {
|
|
303 ngx_mail_session_internal_server_error(s);
|
|
304 return;
|
|
305 }
|
290
|
306
|
296
|
307 p = ngx_cpymem(s->out.data,
|
290
|
308 greetings[0].data, greetings[0].len - 2);
|
296
|
309 *p++ = ' ';
|
|
310 p = ngx_cpymem(p, s->salt.data, s->salt.len);
|
290
|
311
|
296
|
312 s->out.len = p - s->out.data;
|
290
|
313 }
|
|
314 }
|
|
315
|
|
316 ngx_add_timer(c->read, cscf->timeout);
|
|
317
|
|
318 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
|
|
319 ngx_mail_close_connection(c);
|
|
320 }
|
|
321
|
|
322 ngx_mail_send(c->write);
|
|
323 }
|
|
324
|
|
325
|
|
326 void
|
|
327 ngx_mail_send(ngx_event_t *wev)
|
|
328 {
|
|
329 ngx_int_t n;
|
|
330 ngx_connection_t *c;
|
|
331 ngx_mail_session_t *s;
|
|
332 ngx_mail_core_srv_conf_t *cscf;
|
|
333
|
|
334 c = wev->data;
|
|
335 s = c->data;
|
|
336
|
|
337 if (wev->timedout) {
|
|
338 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
|
339 c->timedout = 1;
|
|
340 ngx_mail_close_connection(c);
|
|
341 return;
|
|
342 }
|
|
343
|
|
344 if (s->out.len == 0) {
|
|
345 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
346 ngx_mail_close_connection(c);
|
|
347 }
|
|
348
|
|
349 return;
|
|
350 }
|
|
351
|
|
352 n = c->send(c, s->out.data, s->out.len);
|
|
353
|
|
354 if (n > 0) {
|
|
355 s->out.len -= n;
|
|
356
|
|
357 if (wev->timer_set) {
|
|
358 ngx_del_timer(wev);
|
|
359 }
|
|
360
|
|
361 if (s->quit) {
|
|
362 ngx_mail_close_connection(c);
|
|
363 return;
|
|
364 }
|
|
365
|
|
366 if (s->blocked) {
|
|
367 c->read->handler(c->read);
|
|
368 }
|
|
369
|
|
370 return;
|
|
371 }
|
|
372
|
|
373 if (n == NGX_ERROR) {
|
|
374 ngx_mail_close_connection(c);
|
|
375 return;
|
|
376 }
|
|
377
|
|
378 /* n == NGX_AGAIN */
|
|
379
|
|
380 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
381
|
|
382 ngx_add_timer(c->write, cscf->timeout);
|
|
383
|
|
384 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
385 ngx_mail_close_connection(c);
|
|
386 return;
|
|
387 }
|
|
388 }
|
|
389
|
|
390
|
|
391 static void
|
|
392 ngx_mail_init_protocol(ngx_event_t *rev)
|
|
393 {
|
|
394 size_t size;
|
|
395 ngx_connection_t *c;
|
|
396 ngx_mail_session_t *s;
|
|
397 ngx_mail_core_srv_conf_t *cscf;
|
|
398
|
|
399 c = rev->data;
|
|
400
|
|
401 c->log->action = "in auth state";
|
|
402
|
|
403 if (rev->timedout) {
|
|
404 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
|
405 c->timedout = 1;
|
|
406 ngx_mail_close_connection(c);
|
|
407 return;
|
|
408 }
|
|
409
|
|
410 s = c->data;
|
|
411
|
|
412 switch (s->protocol) {
|
|
413
|
|
414 case NGX_MAIL_POP3_PROTOCOL:
|
|
415 size = 128;
|
|
416 s->mail_state = ngx_pop3_start;
|
|
417 c->read->handler = ngx_pop3_auth_state;
|
|
418 break;
|
|
419
|
|
420 case NGX_MAIL_IMAP_PROTOCOL:
|
|
421 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
422 size = cscf->imap_client_buffer_size;
|
|
423 s->mail_state = ngx_imap_start;
|
|
424 c->read->handler = ngx_imap_auth_state;
|
|
425 break;
|
|
426
|
|
427 default: /* NGX_MAIL_SMTP_PROTOCOL */
|
|
428 size = 512;
|
|
429 s->mail_state = ngx_smtp_start;
|
|
430 c->read->handler = ngx_smtp_auth_state;
|
|
431 break;
|
|
432 }
|
|
433
|
|
434 if (s->buffer == NULL) {
|
|
435 if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t))
|
|
436 == NGX_ERROR)
|
|
437 {
|
|
438 ngx_mail_session_internal_server_error(s);
|
|
439 return;
|
|
440 }
|
|
441
|
|
442 s->buffer = ngx_create_temp_buf(c->pool, size);
|
|
443 if (s->buffer == NULL) {
|
|
444 ngx_mail_session_internal_server_error(s);
|
|
445 return;
|
|
446 }
|
|
447 }
|
|
448
|
|
449 c->read->handler(rev);
|
|
450 }
|
|
451
|
|
452
|
|
453 void
|
|
454 ngx_pop3_auth_state(ngx_event_t *rev)
|
|
455 {
|
|
456 u_char *p, *last, *text;
|
|
457 ssize_t size;
|
|
458 ngx_int_t rc;
|
|
459 ngx_str_t *arg, salt;
|
|
460 ngx_connection_t *c;
|
|
461 ngx_mail_session_t *s;
|
|
462 ngx_mail_core_srv_conf_t *cscf;
|
|
463 #if (NGX_MAIL_SSL)
|
|
464 ngx_mail_ssl_conf_t *sslcf;
|
|
465 #endif
|
|
466
|
|
467 c = rev->data;
|
|
468 s = c->data;
|
|
469
|
|
470 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 auth state");
|
|
471
|
|
472 if (rev->timedout) {
|
|
473 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
|
474 c->timedout = 1;
|
|
475 ngx_mail_close_connection(c);
|
|
476 return;
|
|
477 }
|
|
478
|
|
479 if (s->out.len) {
|
|
480 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 send handler busy");
|
|
481 s->blocked = 1;
|
|
482 return;
|
|
483 }
|
|
484
|
|
485 s->blocked = 0;
|
|
486
|
|
487 rc = ngx_mail_read_command(s);
|
|
488
|
|
489 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
490 return;
|
|
491 }
|
|
492
|
|
493 text = pop3_ok;
|
|
494 size = sizeof(pop3_ok) - 1;
|
|
495
|
|
496 if (rc == NGX_OK) {
|
|
497 switch (s->mail_state) {
|
|
498
|
|
499 case ngx_pop3_start:
|
|
500
|
|
501 switch (s->command) {
|
|
502
|
|
503 case NGX_POP3_USER:
|
|
504
|
|
505 #if (NGX_MAIL_SSL)
|
|
506
|
|
507 if (c->ssl == NULL) {
|
|
508 sslcf = ngx_mail_get_module_srv_conf(s,
|
|
509 ngx_mail_ssl_module);
|
|
510
|
|
511 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
512 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
513 break;
|
|
514 }
|
|
515 }
|
|
516 #endif
|
|
517
|
|
518 if (s->args.nelts == 1) {
|
|
519 s->mail_state = ngx_pop3_user;
|
|
520
|
|
521 arg = s->args.elts;
|
|
522 s->login.len = arg[0].len;
|
|
523 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
524 if (s->login.data == NULL) {
|
|
525 ngx_mail_session_internal_server_error(s);
|
|
526 return;
|
|
527 }
|
|
528
|
|
529 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
530
|
|
531 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
532 "pop3 login: \"%V\"", &s->login);
|
|
533
|
|
534 break;
|
|
535 }
|
|
536
|
|
537 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
538 break;
|
|
539
|
|
540 case NGX_POP3_CAPA:
|
|
541 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
542
|
|
543 #if (NGX_MAIL_SSL)
|
|
544
|
|
545 if (c->ssl == NULL) {
|
|
546 sslcf = ngx_mail_get_module_srv_conf(s,
|
|
547 ngx_mail_ssl_module);
|
|
548
|
|
549 if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
|
|
550 size = cscf->pop3_starttls_capability.len;
|
|
551 text = cscf->pop3_starttls_capability.data;
|
|
552 break;
|
|
553 }
|
|
554
|
|
555 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
556 size = cscf->pop3_starttls_only_capability.len;
|
|
557 text = cscf->pop3_starttls_only_capability.data;
|
|
558 break;
|
|
559 }
|
|
560 }
|
|
561 #endif
|
|
562
|
|
563 size = cscf->pop3_capability.len;
|
|
564 text = cscf->pop3_capability.data;
|
|
565 break;
|
|
566
|
|
567 case NGX_POP3_APOP:
|
|
568
|
|
569 #if (NGX_MAIL_SSL)
|
|
570
|
|
571 if (c->ssl == NULL) {
|
|
572 sslcf = ngx_mail_get_module_srv_conf(s,
|
|
573 ngx_mail_ssl_module);
|
|
574
|
|
575 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
576 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
577 break;
|
|
578 }
|
|
579 }
|
|
580 #endif
|
|
581
|
|
582 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
583
|
|
584 if ((cscf->pop3_auth_methods & NGX_MAIL_AUTH_APOP_ENABLED)
|
|
585 && s->args.nelts == 2)
|
|
586 {
|
|
587 arg = s->args.elts;
|
|
588
|
|
589 s->login.len = arg[0].len;
|
|
590 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
591 if (s->login.data == NULL) {
|
|
592 ngx_mail_session_internal_server_error(s);
|
|
593 return;
|
|
594 }
|
|
595
|
|
596 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
597
|
|
598 s->passwd.len = arg[1].len;
|
|
599 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
600 if (s->passwd.data == NULL) {
|
|
601 ngx_mail_session_internal_server_error(s);
|
|
602 return;
|
|
603 }
|
|
604
|
|
605 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
606
|
|
607 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
608 "pop3 apop: \"%V\" \"%V\"",
|
|
609 &s->login, &s->passwd);
|
|
610
|
|
611 s->auth_method = NGX_MAIL_AUTH_APOP;
|
|
612
|
|
613 ngx_mail_do_auth(s);
|
|
614 return;
|
|
615 }
|
|
616
|
|
617 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
618 break;
|
|
619
|
|
620 case NGX_POP3_AUTH:
|
|
621
|
|
622 #if (NGX_MAIL_SSL)
|
|
623
|
|
624 if (c->ssl == NULL) {
|
|
625 sslcf = ngx_mail_get_module_srv_conf(s,
|
|
626 ngx_mail_ssl_module);
|
|
627
|
|
628 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
629 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
630 break;
|
|
631 }
|
|
632 }
|
|
633 #endif
|
|
634
|
|
635 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
636
|
|
637 if (s->args.nelts == 0) {
|
|
638 size = cscf->pop3_auth_capability.len;
|
|
639 text = cscf->pop3_auth_capability.data;
|
|
640 s->state = 0;
|
|
641 break;
|
|
642 }
|
|
643
|
|
644 arg = s->args.elts;
|
|
645
|
|
646 if (arg[0].len == 5) {
|
|
647
|
|
648 if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5)
|
|
649 == 0)
|
|
650 {
|
|
651
|
|
652 if (s->args.nelts != 1) {
|
|
653 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
654 break;
|
|
655 }
|
|
656
|
|
657 s->mail_state = ngx_pop3_auth_login_username;
|
|
658
|
|
659 size = sizeof(pop3_username) - 1;
|
|
660 text = pop3_username;
|
|
661
|
|
662 break;
|
|
663
|
|
664 } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN",
|
|
665 5)
|
|
666 == 0)
|
|
667 {
|
|
668
|
|
669 if (s->args.nelts == 1) {
|
|
670 s->mail_state = ngx_pop3_auth_plain;
|
|
671
|
|
672 size = sizeof(pop3_next) - 1;
|
|
673 text = pop3_next;
|
|
674
|
|
675 break;
|
|
676 }
|
|
677
|
|
678 if (s->args.nelts == 2) {
|
|
679
|
|
680 /*
|
|
681 * workaround for Eudora for Mac: it sends
|
|
682 * AUTH PLAIN [base64 encoded]
|
|
683 */
|
|
684
|
|
685 rc = ngx_mail_decode_auth_plain(s, &arg[1]);
|
|
686
|
|
687 if (rc == NGX_OK) {
|
|
688 ngx_mail_do_auth(s);
|
|
689 return;
|
|
690 }
|
|
691
|
|
692 if (rc == NGX_ERROR) {
|
|
693 ngx_mail_session_internal_server_error(s);
|
|
694 return;
|
|
695 }
|
|
696
|
|
697 /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */
|
|
698
|
|
699 break;
|
|
700 }
|
|
701
|
|
702 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
703 break;
|
|
704 }
|
|
705
|
|
706 } else if (arg[0].len == 8
|
|
707 && ngx_strncasecmp(arg[0].data,
|
|
708 (u_char *) "CRAM-MD5", 8)
|
|
709 == 0)
|
|
710 {
|
318
|
711 if (!(cscf->pop3_auth_methods
|
|
712 & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)
|
|
713 || s->args.nelts != 1)
|
|
714 {
|
290
|
715 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
716 break;
|
|
717 }
|
|
718
|
|
719 s->mail_state = ngx_pop3_auth_cram_md5;
|
|
720
|
|
721 text = ngx_palloc(c->pool,
|
|
722 sizeof("+ " CRLF) - 1
|
|
723 + ngx_base64_encoded_length(s->salt.len));
|
|
724 if (text == NULL) {
|
|
725 ngx_mail_session_internal_server_error(s);
|
|
726 return;
|
|
727 }
|
|
728
|
|
729 text[0] = '+'; text[1]= ' ';
|
|
730 salt.data = &text[2];
|
|
731 s->salt.len -= 2;
|
|
732
|
|
733 ngx_encode_base64(&salt, &s->salt);
|
|
734
|
|
735 s->salt.len += 2;
|
|
736 size = 2 + salt.len;
|
|
737 text[size++] = CR; text[size++] = LF;
|
|
738
|
|
739 break;
|
|
740 }
|
|
741
|
|
742 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
743 break;
|
|
744
|
|
745 case NGX_POP3_QUIT:
|
|
746 s->quit = 1;
|
|
747 break;
|
|
748
|
|
749 case NGX_POP3_NOOP:
|
|
750 break;
|
|
751
|
|
752 #if (NGX_MAIL_SSL)
|
|
753
|
|
754 case NGX_POP3_STLS:
|
|
755 if (c->ssl == NULL) {
|
|
756 sslcf = ngx_mail_get_module_srv_conf(s,
|
|
757 ngx_mail_ssl_module);
|
|
758 if (sslcf->starttls) {
|
|
759 c->read->handler = ngx_mail_starttls_handler;
|
|
760 break;
|
|
761 }
|
|
762 }
|
|
763
|
|
764 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
765 break;
|
|
766 #endif
|
|
767
|
|
768 default:
|
|
769 s->mail_state = ngx_pop3_start;
|
|
770 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
771 break;
|
|
772 }
|
|
773
|
|
774 break;
|
|
775
|
|
776 case ngx_pop3_user:
|
|
777
|
|
778 switch (s->command) {
|
|
779
|
|
780 case NGX_POP3_PASS:
|
|
781 if (s->args.nelts == 1) {
|
|
782 arg = s->args.elts;
|
|
783 s->passwd.len = arg[0].len;
|
|
784 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
785 if (s->passwd.data == NULL) {
|
|
786 ngx_mail_session_internal_server_error(s);
|
|
787 return;
|
|
788 }
|
|
789
|
|
790 ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len);
|
|
791
|
|
792 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
793 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
794 "pop3 passwd: \"%V\"", &s->passwd);
|
|
795 #endif
|
|
796
|
|
797 ngx_mail_do_auth(s);
|
|
798 return;
|
|
799 }
|
|
800
|
|
801 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
802 break;
|
|
803
|
|
804 case NGX_POP3_CAPA:
|
|
805 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
806 size = cscf->pop3_capability.len;
|
|
807 text = cscf->pop3_capability.data;
|
|
808 break;
|
|
809
|
|
810 case NGX_POP3_QUIT:
|
|
811 s->quit = 1;
|
|
812 break;
|
|
813
|
|
814 case NGX_POP3_NOOP:
|
|
815 break;
|
|
816
|
|
817 default:
|
|
818 s->mail_state = ngx_pop3_start;
|
|
819 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
820 break;
|
|
821 }
|
|
822
|
|
823 break;
|
|
824
|
|
825 /* suppress warinings */
|
|
826 case ngx_pop3_passwd:
|
|
827 break;
|
|
828
|
|
829 case ngx_pop3_auth_login_username:
|
|
830 arg = s->args.elts;
|
|
831 s->mail_state = ngx_pop3_auth_login_password;
|
|
832
|
|
833 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
834 "pop3 auth login username: \"%V\"", &arg[0]);
|
|
835
|
|
836 s->login.data = ngx_palloc(c->pool,
|
|
837 ngx_base64_decoded_length(arg[0].len));
|
|
838 if (s->login.data == NULL){
|
|
839 ngx_mail_session_internal_server_error(s);
|
|
840 return;
|
|
841 }
|
|
842
|
|
843 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
844 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
845 "client sent invalid base64 encoding "
|
|
846 "in AUTH LOGIN command");
|
|
847 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
848 break;
|
|
849 }
|
|
850
|
|
851 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
852 "pop3 auth login username: \"%V\"", &s->login);
|
|
853
|
|
854 size = sizeof(pop3_password) - 1;
|
|
855 text = pop3_password;
|
|
856
|
|
857 break;
|
|
858
|
|
859 case ngx_pop3_auth_login_password:
|
|
860 arg = s->args.elts;
|
|
861
|
|
862 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
863 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
864 "pop3 auth login password: \"%V\"", &arg[0]);
|
|
865 #endif
|
|
866
|
|
867 s->passwd.data = ngx_palloc(c->pool,
|
|
868 ngx_base64_decoded_length(arg[0].len));
|
|
869 if (s->passwd.data == NULL){
|
|
870 ngx_mail_session_internal_server_error(s);
|
|
871 return;
|
|
872 }
|
|
873
|
|
874 if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
|
|
875 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
876 "client sent invalid base64 encoding "
|
|
877 "in AUTH LOGIN command");
|
|
878 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
879 break;
|
|
880 }
|
|
881
|
|
882 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
883 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
884 "pop3 auth login password: \"%V\"", &s->passwd);
|
|
885 #endif
|
|
886
|
|
887 ngx_mail_do_auth(s);
|
|
888 return;
|
|
889
|
|
890 case ngx_pop3_auth_plain:
|
|
891 arg = s->args.elts;
|
|
892
|
|
893 rc = ngx_mail_decode_auth_plain(s, &arg[0]);
|
|
894
|
|
895 if (rc == NGX_OK) {
|
|
896 ngx_mail_do_auth(s);
|
|
897 return;
|
|
898 }
|
|
899
|
|
900 if (rc == NGX_ERROR) {
|
|
901 ngx_mail_session_internal_server_error(s);
|
|
902 return;
|
|
903 }
|
|
904
|
|
905 /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */
|
|
906
|
|
907 break;
|
|
908
|
|
909 case ngx_pop3_auth_cram_md5:
|
|
910 arg = s->args.elts;
|
|
911
|
|
912 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
913 "pop3 auth cram-md5: \"%V\"", &arg[0]);
|
|
914
|
|
915 s->login.data = ngx_palloc(c->pool,
|
|
916 ngx_base64_decoded_length(arg[0].len));
|
|
917 if (s->login.data == NULL){
|
|
918 ngx_mail_session_internal_server_error(s);
|
|
919 return;
|
|
920 }
|
|
921
|
|
922 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
923 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
924 "client sent invalid base64 encoding "
|
|
925 "in AUTH CRAM-MD5 command");
|
|
926 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
927 break;
|
|
928 }
|
|
929
|
|
930 p = s->login.data;
|
|
931 last = p + s->login.len;
|
|
932
|
|
933 while (p < last) {
|
|
934 if (*p++ == ' ') {
|
|
935 s->login.len = p - s->login.data - 1;
|
|
936 s->passwd.len = last - p;
|
|
937 s->passwd.data = p;
|
|
938 break;
|
|
939 }
|
|
940 }
|
|
941
|
|
942 if (s->passwd.len != 32) {
|
|
943 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
944 "client sent invalid CRAM-MD5 hash "
|
|
945 "in AUTH CRAM-MD5 command");
|
|
946 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
947 break;
|
|
948 }
|
|
949
|
|
950 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
951 "pop3 auth cram-md5: \"%V\" \"%V\"",
|
|
952 &s->login, &s->passwd);
|
|
953
|
|
954 s->auth_method = NGX_MAIL_AUTH_CRAM_MD5;
|
|
955
|
|
956 ngx_mail_do_auth(s);
|
|
957 return;
|
|
958 }
|
|
959 }
|
|
960
|
|
961 if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
|
|
962 s->mail_state = ngx_pop3_start;
|
|
963 s->state = 0;
|
|
964 text = pop3_invalid_command;
|
|
965 size = sizeof(pop3_invalid_command) - 1;
|
|
966 }
|
|
967
|
|
968 s->args.nelts = 0;
|
|
969 s->buffer->pos = s->buffer->start;
|
|
970 s->buffer->last = s->buffer->start;
|
|
971
|
|
972 if (s->state) {
|
|
973 s->arg_start = s->buffer->start;
|
|
974 }
|
|
975
|
|
976 s->out.data = text;
|
|
977 s->out.len = size;
|
|
978
|
|
979 ngx_mail_send(c->write);
|
|
980 }
|
|
981
|
|
982
|
|
983 void
|
|
984 ngx_imap_auth_state(ngx_event_t *rev)
|
|
985 {
|
|
986 u_char *p, *last, *text, *dst, *src, *end;
|
|
987 ssize_t text_len, last_len;
|
|
988 ngx_str_t *arg;
|
|
989 ngx_int_t rc;
|
|
990 ngx_uint_t tag, i;
|
|
991 ngx_connection_t *c;
|
|
992 ngx_mail_session_t *s;
|
|
993 ngx_mail_core_srv_conf_t *cscf;
|
|
994 #if (NGX_MAIL_SSL)
|
|
995 ngx_mail_ssl_conf_t *sslcf;
|
|
996 #endif
|
|
997
|
|
998 c = rev->data;
|
|
999 s = c->data;
|
|
1000
|
|
1001 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth state");
|
|
1002
|
|
1003 if (rev->timedout) {
|
|
1004 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
|
1005 c->timedout = 1;
|
|
1006 ngx_mail_close_connection(c);
|
|
1007 return;
|
|
1008 }
|
|
1009
|
|
1010 if (s->out.len) {
|
|
1011 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap send handler busy");
|
|
1012 s->blocked = 1;
|
|
1013 return;
|
|
1014 }
|
|
1015
|
|
1016 s->blocked = 0;
|
|
1017
|
|
1018 rc = ngx_mail_read_command(s);
|
|
1019
|
|
1020 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
1021 return;
|
|
1022 }
|
|
1023
|
|
1024 tag = 1;
|
|
1025
|
|
1026 text = NULL;
|
|
1027 text_len = 0;
|
|
1028
|
|
1029 last = imap_ok;
|
|
1030 last_len = sizeof(imap_ok) - 1;
|
|
1031
|
|
1032 if (rc == NGX_OK) {
|
|
1033
|
|
1034 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth command: %i",
|
|
1035 s->command);
|
|
1036
|
|
1037 if (s->backslash) {
|
|
1038
|
|
1039 arg = s->args.elts;
|
|
1040
|
|
1041 for (i = 0; i < s->args.nelts; i++) {
|
|
1042 dst = arg[i].data;
|
|
1043 end = dst + arg[i].len;
|
|
1044
|
|
1045 for (src = dst; src < end; dst++) {
|
|
1046 *dst = *src;
|
|
1047 if (*src++ == '\\') {
|
|
1048 *dst = *src++;
|
|
1049 }
|
|
1050 }
|
|
1051
|
|
1052 arg[i].len = dst - arg[i].data;
|
|
1053 }
|
|
1054
|
|
1055 s->backslash = 0;
|
|
1056 }
|
|
1057
|
|
1058 switch (s->command) {
|
|
1059
|
|
1060 case NGX_IMAP_LOGIN:
|
|
1061
|
|
1062 #if (NGX_MAIL_SSL)
|
|
1063
|
|
1064 if (c->ssl == NULL) {
|
|
1065 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
|
|
1066
|
|
1067 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
1068 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1069 break;
|
|
1070 }
|
|
1071 }
|
|
1072 #endif
|
|
1073
|
|
1074 arg = s->args.elts;
|
|
1075
|
|
1076 if (s->args.nelts == 2 && arg[0].len) {
|
|
1077
|
|
1078 s->login.len = arg[0].len;
|
|
1079 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
1080 if (s->login.data == NULL) {
|
|
1081 ngx_mail_session_internal_server_error(s);
|
|
1082 return;
|
|
1083 }
|
|
1084
|
|
1085 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
1086
|
|
1087 s->passwd.len = arg[1].len;
|
|
1088 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
1089 if (s->passwd.data == NULL) {
|
|
1090 ngx_mail_session_internal_server_error(s);
|
|
1091 return;
|
|
1092 }
|
|
1093
|
|
1094 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
1095
|
|
1096 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
1097 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1098 "imap login:\"%V\" passwd:\"%V\"",
|
|
1099 &s->login, &s->passwd);
|
|
1100 #else
|
|
1101 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1102 "imap login:\"%V\"", &s->login);
|
|
1103 #endif
|
|
1104
|
|
1105 ngx_mail_do_auth(s);
|
|
1106 return;
|
|
1107 }
|
|
1108
|
|
1109 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1110 break;
|
|
1111
|
|
1112 case NGX_IMAP_CAPABILITY:
|
|
1113 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
1114
|
|
1115 #if (NGX_MAIL_SSL)
|
|
1116
|
|
1117 if (c->ssl == NULL) {
|
|
1118 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
|
|
1119
|
|
1120 if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
|
|
1121 text_len = cscf->imap_starttls_capability.len;
|
|
1122 text = cscf->imap_starttls_capability.data;
|
|
1123 break;
|
|
1124 }
|
|
1125
|
|
1126 if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
|
|
1127 text_len = cscf->imap_starttls_only_capability.len;
|
|
1128 text = cscf->imap_starttls_only_capability.data;
|
|
1129 break;
|
|
1130 }
|
|
1131 }
|
|
1132 #endif
|
|
1133
|
|
1134 text_len = cscf->imap_capability.len;
|
|
1135 text = cscf->imap_capability.data;
|
|
1136 break;
|
|
1137
|
|
1138 case NGX_IMAP_LOGOUT:
|
|
1139 s->quit = 1;
|
|
1140 text = imap_bye;
|
|
1141 text_len = sizeof(imap_bye) - 1;
|
|
1142 break;
|
|
1143
|
|
1144 case NGX_IMAP_NOOP:
|
|
1145 break;
|
|
1146
|
|
1147 #if (NGX_MAIL_SSL)
|
|
1148
|
|
1149 case NGX_IMAP_STARTTLS:
|
|
1150 if (c->ssl == NULL) {
|
|
1151 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
|
|
1152 if (sslcf->starttls) {
|
|
1153 c->read->handler = ngx_mail_starttls_handler;
|
|
1154 break;
|
|
1155 }
|
|
1156 }
|
|
1157
|
|
1158 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1159 break;
|
|
1160 #endif
|
|
1161
|
|
1162 default:
|
|
1163 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1164 break;
|
|
1165 }
|
|
1166
|
|
1167 } else if (rc == NGX_IMAP_NEXT) {
|
|
1168 last = imap_next;
|
|
1169 last_len = sizeof(imap_next) - 1;
|
|
1170 tag = 0;
|
|
1171 }
|
|
1172
|
|
1173 if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
|
|
1174 last = imap_invalid_command;
|
|
1175 last_len = sizeof(imap_invalid_command) - 1;
|
|
1176 }
|
|
1177
|
|
1178 if (tag) {
|
|
1179 if (s->tag.len == 0) {
|
|
1180 s->tag.len = sizeof(imap_star) - 1;
|
|
1181 s->tag.data = (u_char *) imap_star;
|
|
1182 }
|
|
1183
|
|
1184 if (s->tagged_line.len < s->tag.len + text_len + last_len) {
|
|
1185 s->tagged_line.len = s->tag.len + text_len + last_len;
|
|
1186 s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len);
|
|
1187 if (s->tagged_line.data == NULL) {
|
|
1188 ngx_mail_close_connection(c);
|
|
1189 return;
|
|
1190 }
|
|
1191 }
|
|
1192
|
|
1193 s->out.data = s->tagged_line.data;
|
|
1194 s->out.len = s->tag.len + text_len + last_len;
|
|
1195
|
|
1196 p = s->out.data;
|
|
1197
|
|
1198 if (text) {
|
|
1199 p = ngx_cpymem(p, text, text_len);
|
|
1200 }
|
|
1201 p = ngx_cpymem(p, s->tag.data, s->tag.len);
|
|
1202 ngx_memcpy(p, last, last_len);
|
|
1203
|
|
1204
|
|
1205 } else {
|
|
1206 s->out.data = last;
|
|
1207 s->out.len = last_len;
|
|
1208 }
|
|
1209
|
|
1210 if (rc != NGX_IMAP_NEXT) {
|
|
1211 s->args.nelts = 0;
|
|
1212 s->buffer->pos = s->buffer->start;
|
|
1213 s->buffer->last = s->buffer->start;
|
|
1214 s->tag.len = 0;
|
|
1215 }
|
|
1216
|
|
1217 ngx_mail_send(c->write);
|
|
1218 }
|
|
1219
|
|
1220
|
|
1221 void
|
|
1222 ngx_smtp_auth_state(ngx_event_t *rev)
|
|
1223 {
|
|
1224 u_char *p, *last, *text, ch;
|
|
1225 ssize_t size;
|
|
1226 ngx_int_t rc;
|
|
1227 ngx_str_t *arg, salt, l;
|
|
1228 ngx_uint_t i;
|
|
1229 ngx_connection_t *c;
|
|
1230 ngx_mail_session_t *s;
|
|
1231 ngx_mail_core_srv_conf_t *cscf;
|
|
1232
|
|
1233 c = rev->data;
|
|
1234 s = c->data;
|
|
1235
|
|
1236 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp auth state");
|
|
1237
|
|
1238 if (rev->timedout) {
|
|
1239 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
|
1240 c->timedout = 1;
|
|
1241 ngx_mail_close_connection(c);
|
|
1242 return;
|
|
1243 }
|
|
1244
|
|
1245 if (s->out.len) {
|
|
1246 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp send handler busy");
|
|
1247 s->blocked = 1;
|
|
1248 return;
|
|
1249 }
|
|
1250
|
|
1251 s->blocked = 0;
|
|
1252
|
|
1253 rc = ngx_mail_read_command(s);
|
|
1254
|
|
1255 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
1256 return;
|
|
1257 }
|
|
1258
|
|
1259 text = NULL;
|
|
1260 size = 0;
|
|
1261
|
|
1262 if (rc == NGX_OK) {
|
|
1263 switch (s->mail_state) {
|
|
1264
|
|
1265 case ngx_smtp_start:
|
|
1266
|
|
1267 switch (s->command) {
|
|
1268
|
|
1269 case NGX_SMTP_HELO:
|
|
1270 case NGX_SMTP_EHLO:
|
|
1271 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
|
1272
|
|
1273 if (s->args.nelts != 1) {
|
|
1274 text = smtp_invalid_argument;
|
|
1275 size = sizeof(smtp_invalid_argument) - 1;
|
|
1276 s->state = 0;
|
|
1277 break;
|
|
1278 }
|
|
1279
|
|
1280 arg = s->args.elts;
|
|
1281
|
|
1282 s->smtp_helo.len = arg[0].len;
|
|
1283
|
|
1284 s->smtp_helo.data = ngx_palloc(c->pool, arg[0].len);
|
|
1285 if (s->smtp_helo.data == NULL) {
|
|
1286 ngx_mail_session_internal_server_error(s);
|
|
1287 return;
|
|
1288 }
|
|
1289
|
|
1290 ngx_memcpy(s->smtp_helo.data, arg[0].data, arg[0].len);
|
|
1291
|
|
1292 if (s->command == NGX_SMTP_HELO) {
|
|
1293 size = cscf->smtp_server_name.len;
|
|
1294 text = cscf->smtp_server_name.data;
|
|
1295
|
|
1296 } else {
|
|
1297 s->esmtp = 1;
|
|
1298 size = cscf->smtp_capability.len;
|
|
1299 text = cscf->smtp_capability.data;
|
|
1300 }
|
|
1301
|
|
1302 break;
|
|
1303
|
|
1304 case NGX_SMTP_AUTH:
|
|
1305
|
|
1306 if (s->args.nelts == 0) {
|
|
1307 text = smtp_invalid_argument;
|
|
1308 size = sizeof(smtp_invalid_argument) - 1;
|
|
1309 s->state = 0;
|
|
1310 break;
|
|
1311 }
|
|
1312
|
|
1313 arg = s->args.elts;
|
|
1314
|
|
1315 if (arg[0].len == 5) {
|
|
1316
|
|
1317 if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5)
|
|
1318 == 0)
|
|
1319 {
|
|
1320
|
|
1321 if (s->args.nelts != 1) {
|
|
1322 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1323 break;
|
|
1324 }
|
|
1325
|
|
1326 s->mail_state = ngx_smtp_auth_login_username;
|
|
1327
|
|
1328 size = sizeof(smtp_username) - 1;
|
|
1329 text = smtp_username;
|
|
1330
|
|
1331 break;
|
|
1332
|
|
1333 } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN",
|
|
1334 5)
|
|
1335 == 0)
|
|
1336 {
|
|
1337 if (s->args.nelts == 1) {
|
|
1338 s->mail_state = ngx_smtp_auth_plain;
|
|
1339
|
|
1340 size = sizeof(smtp_next) - 1;
|
|
1341 text = smtp_next;
|
|
1342
|
|
1343 break;
|
|
1344 }
|
|
1345
|
|
1346 if (s->args.nelts == 2) {
|
|
1347
|
|
1348 rc = ngx_mail_decode_auth_plain(s, &arg[1]);
|
|
1349
|
|
1350 if (rc == NGX_OK) {
|
|
1351 ngx_mail_do_auth(s);
|
|
1352 return;
|
|
1353 }
|
|
1354
|
|
1355 if (rc == NGX_ERROR) {
|
|
1356 ngx_mail_session_internal_server_error(s);
|
|
1357 return;
|
|
1358 }
|
|
1359
|
|
1360 /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */
|
|
1361
|
|
1362 break;
|
|
1363 }
|
|
1364
|
|
1365 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1366 break;
|
|
1367 }
|
|
1368
|
|
1369 } else if (arg[0].len == 8
|
|
1370 && ngx_strncasecmp(arg[0].data,
|
|
1371 (u_char *) "CRAM-MD5", 8)
|
|
1372 == 0)
|
|
1373 {
|
318
|
1374 cscf = ngx_mail_get_module_srv_conf(s,
|
|
1375 ngx_mail_core_module);
|
|
1376
|
|
1377 if (!(cscf->smtp_auth_methods
|
|
1378 & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)
|
|
1379 || s->args.nelts != 1)
|
|
1380 {
|
290
|
1381 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1382 break;
|
|
1383 }
|
|
1384
|
|
1385 s->mail_state = ngx_smtp_auth_cram_md5;
|
|
1386
|
|
1387 text = ngx_palloc(c->pool,
|
|
1388 sizeof("334 " CRLF) - 1
|
|
1389 + ngx_base64_encoded_length(s->salt.len));
|
|
1390 if (text == NULL) {
|
|
1391 ngx_mail_session_internal_server_error(s);
|
|
1392 return;
|
|
1393 }
|
|
1394
|
|
1395 text[0] = '3'; text[1]= '3'; text[2] = '4'; text[3]= ' ';
|
|
1396 salt.data = &text[4];
|
|
1397 s->salt.len -= 2;
|
|
1398
|
|
1399 ngx_encode_base64(&salt, &s->salt);
|
|
1400
|
|
1401 s->salt.len += 2;
|
|
1402 size = 4 + salt.len;
|
|
1403 text[size++] = CR; text[size++] = LF;
|
|
1404
|
|
1405 break;
|
|
1406 }
|
|
1407
|
|
1408 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1409 break;
|
|
1410
|
|
1411 case NGX_SMTP_QUIT:
|
|
1412 s->quit = 1;
|
|
1413 text = smtp_bye;
|
|
1414 size = sizeof(smtp_bye) - 1;
|
|
1415 break;
|
|
1416
|
|
1417 case NGX_SMTP_MAIL:
|
|
1418
|
|
1419 if (s->connection->log->log_level >= NGX_LOG_INFO) {
|
296
|
1420 l.len = s->buffer->last - s->buffer->start;
|
|
1421 l.data = s->buffer->start;
|
290
|
1422
|
296
|
1423 for (i = 0; i < l.len; i++) {
|
|
1424 ch = l.data[i];
|
290
|
1425
|
296
|
1426 if (ch != CR && ch != LF) {
|
|
1427 continue;
|
|
1428 }
|
290
|
1429
|
296
|
1430 l.data[i] = ' ';
|
|
1431 }
|
290
|
1432
|
296
|
1433 while (i) {
|
|
1434 if (l.data[i - 1] != ' ') {
|
|
1435 break;
|
|
1436 }
|
290
|
1437
|
296
|
1438 i--;
|
|
1439 }
|
290
|
1440
|
296
|
1441 l.len = i;
|
290
|
1442
|
296
|
1443 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1444 "client was rejected: \"%V\"", &l);
|
290
|
1445 }
|
|
1446
|
|
1447 text = smtp_auth_required;
|
|
1448 size = sizeof(smtp_auth_required) - 1;
|
|
1449 break;
|
|
1450
|
|
1451 case NGX_SMTP_NOOP:
|
|
1452 case NGX_SMTP_RSET:
|
|
1453 text = smtp_ok;
|
|
1454 size = sizeof(smtp_ok) - 1;
|
|
1455 break;
|
|
1456 }
|
|
1457
|
|
1458 break;
|
|
1459
|
|
1460 case ngx_smtp_auth_login_username:
|
|
1461 arg = s->args.elts;
|
|
1462 s->mail_state = ngx_smtp_auth_login_password;
|
|
1463
|
|
1464 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1465 "smtp auth login username: \"%V\"", &arg[0]);
|
|
1466
|
|
1467 s->login.data = ngx_palloc(c->pool,
|
|
1468 ngx_base64_decoded_length(arg[0].len));
|
|
1469 if (s->login.data == NULL){
|
|
1470 ngx_mail_session_internal_server_error(s);
|
|
1471 return;
|
|
1472 }
|
|
1473
|
|
1474 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
1475 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1476 "client sent invalid base64 encoding "
|
|
1477 "in AUTH LOGIN command");
|
|
1478 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1479 break;
|
|
1480 }
|
|
1481
|
|
1482 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1483 "smtp auth login username: \"%V\"", &s->login);
|
|
1484
|
|
1485 size = sizeof(smtp_password) - 1;
|
|
1486 text = smtp_password;
|
|
1487
|
|
1488 break;
|
|
1489
|
|
1490 case ngx_smtp_auth_login_password:
|
|
1491 arg = s->args.elts;
|
|
1492
|
|
1493 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
1494 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1495 "smtp auth login password: \"%V\"", &arg[0]);
|
|
1496 #endif
|
|
1497
|
|
1498 s->passwd.data = ngx_palloc(c->pool,
|
|
1499 ngx_base64_decoded_length(arg[0].len));
|
|
1500 if (s->passwd.data == NULL){
|
|
1501 ngx_mail_session_internal_server_error(s);
|
|
1502 return;
|
|
1503 }
|
|
1504
|
|
1505 if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
|
|
1506 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1507 "client sent invalid base64 encoding "
|
|
1508 "in AUTH LOGIN command");
|
|
1509 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1510 break;
|
|
1511 }
|
|
1512
|
|
1513 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
1514 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1515 "smtp auth login password: \"%V\"", &s->passwd);
|
|
1516 #endif
|
|
1517
|
|
1518 ngx_mail_do_auth(s);
|
|
1519 return;
|
|
1520
|
|
1521 case ngx_smtp_auth_plain:
|
|
1522 arg = s->args.elts;
|
|
1523
|
|
1524 rc = ngx_mail_decode_auth_plain(s, &arg[0]);
|
|
1525
|
|
1526 if (rc == NGX_OK) {
|
|
1527 ngx_mail_do_auth(s);
|
|
1528 return;
|
|
1529 }
|
|
1530
|
|
1531 if (rc == NGX_ERROR) {
|
|
1532 ngx_mail_session_internal_server_error(s);
|
|
1533 return;
|
|
1534 }
|
|
1535
|
|
1536 /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */
|
|
1537
|
|
1538 break;
|
|
1539
|
|
1540 case ngx_smtp_auth_cram_md5:
|
|
1541 arg = s->args.elts;
|
|
1542
|
|
1543 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1544 "smtp auth cram-md5: \"%V\"", &arg[0]);
|
|
1545
|
|
1546 s->login.data = ngx_palloc(c->pool,
|
|
1547 ngx_base64_decoded_length(arg[0].len));
|
|
1548 if (s->login.data == NULL){
|
|
1549 ngx_mail_session_internal_server_error(s);
|
|
1550 return;
|
|
1551 }
|
|
1552
|
|
1553 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
1554 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1555 "client sent invalid base64 encoding "
|
|
1556 "in AUTH CRAM-MD5 command");
|
|
1557 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1558 break;
|
|
1559 }
|
|
1560
|
|
1561 p = s->login.data;
|
|
1562 last = p + s->login.len;
|
|
1563
|
|
1564 while (p < last) {
|
|
1565 if (*p++ == ' ') {
|
|
1566 s->login.len = p - s->login.data - 1;
|
|
1567 s->passwd.len = last - p;
|
|
1568 s->passwd.data = p;
|
|
1569 break;
|
|
1570 }
|
|
1571 }
|
|
1572
|
|
1573 if (s->passwd.len != 32) {
|
|
1574 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1575 "client sent invalid CRAM-MD5 hash "
|
|
1576 "in AUTH CRAM-MD5 command");
|
|
1577 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1578 break;
|
|
1579 }
|
|
1580
|
|
1581 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1582 "smtp auth cram-md5: \"%V\" \"%V\"",
|
|
1583 &s->login, &s->passwd);
|
|
1584
|
|
1585 s->auth_method = NGX_MAIL_AUTH_CRAM_MD5;
|
|
1586
|
|
1587 ngx_mail_do_auth(s);
|
|
1588 return;
|
|
1589 }
|
|
1590 }
|
|
1591
|
|
1592 if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
|
|
1593 s->mail_state = ngx_smtp_start;
|
|
1594 s->state = 0;
|
|
1595 text = smtp_invalid_command;
|
|
1596 size = sizeof(smtp_invalid_command) - 1;
|
|
1597 }
|
|
1598
|
|
1599 s->args.nelts = 0;
|
|
1600 s->buffer->pos = s->buffer->start;
|
|
1601 s->buffer->last = s->buffer->start;
|
|
1602
|
|
1603 if (s->state) {
|
|
1604 s->arg_start = s->buffer->start;
|
|
1605 }
|
|
1606
|
|
1607 s->out.data = text;
|
|
1608 s->out.len = size;
|
|
1609
|
|
1610 ngx_mail_send(c->write);
|
|
1611 }
|
|
1612
|
|
1613
|
|
1614 static ngx_int_t
|
|
1615 ngx_mail_decode_auth_plain(ngx_mail_session_t *s, ngx_str_t *encoded)
|
|
1616 {
|
|
1617 u_char *p, *last;
|
|
1618 ngx_str_t plain;
|
|
1619
|
|
1620 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
1621 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
|
|
1622 "mail auth plain: \"%V\"", encoded);
|
|
1623 #endif
|
|
1624
|
|
1625 plain.data = ngx_palloc(s->connection->pool,
|
|
1626 ngx_base64_decoded_length(encoded->len));
|
|
1627 if (plain.data == NULL){
|
|
1628 return NGX_ERROR;
|
|
1629 }
|
|
1630
|
|
1631 if (ngx_decode_base64(&plain, encoded) != NGX_OK) {
|
|
1632 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1633 "client sent invalid base64 encoding "
|
|
1634 "in AUTH PLAIN command");
|
|
1635 return NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1636 }
|
|
1637
|
|
1638 p = plain.data;
|
|
1639 last = p + plain.len;
|
|
1640
|
|
1641 while (p < last && *p++) { /* void */ }
|
|
1642
|
|
1643 if (p == last) {
|
|
1644 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1645 "client sent invalid login in AUTH PLAIN command");
|
|
1646 return NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1647 }
|
|
1648
|
|
1649 s->login.data = p;
|
|
1650
|
|
1651 while (p < last && *p) { p++; }
|
|
1652
|
|
1653 if (p == last) {
|
|
1654 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1655 "client sent invalid password in AUTH PLAIN command");
|
|
1656 return NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1657 }
|
|
1658
|
|
1659 s->login.len = p++ - s->login.data;
|
|
1660
|
|
1661 s->passwd.len = last - p;
|
|
1662 s->passwd.data = p;
|
|
1663
|
|
1664 #if (NGX_DEBUG_MAIL_PASSWD)
|
|
1665 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
|
|
1666 "mail auth plain: \"%V\" \"%V\"",
|
|
1667 &s->login, &s->passwd);
|
|
1668 #endif
|
|
1669
|
|
1670 return NGX_OK;
|
|
1671 }
|
|
1672
|
|
1673
|
|
1674 static void
|
|
1675 ngx_mail_do_auth(ngx_mail_session_t *s)
|
|
1676 {
|
|
1677 s->args.nelts = 0;
|
|
1678 s->buffer->pos = s->buffer->start;
|
|
1679 s->buffer->last = s->buffer->start;
|
|
1680 s->state = 0;
|
|
1681
|
|
1682 if (s->connection->read->timer_set) {
|
|
1683 ngx_del_timer(s->connection->read);
|
|
1684 }
|
|
1685
|
|
1686 s->login_attempt++;
|
|
1687
|
|
1688 ngx_mail_auth_http_init(s);
|
|
1689 }
|
|
1690
|
|
1691
|
|
1692 static ngx_int_t
|
|
1693 ngx_mail_read_command(ngx_mail_session_t *s)
|
|
1694 {
|
|
1695 ssize_t n;
|
|
1696 ngx_int_t rc;
|
|
1697 ngx_str_t l;
|
|
1698
|
|
1699 n = s->connection->recv(s->connection, s->buffer->last,
|
|
1700 s->buffer->end - s->buffer->last);
|
|
1701
|
|
1702 if (n == NGX_ERROR || n == 0) {
|
|
1703 ngx_mail_close_connection(s->connection);
|
|
1704 return NGX_ERROR;
|
|
1705 }
|
|
1706
|
|
1707 if (n > 0) {
|
|
1708 s->buffer->last += n;
|
|
1709 }
|
|
1710
|
|
1711 if (n == NGX_AGAIN) {
|
|
1712 if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) {
|
|
1713 ngx_mail_session_internal_server_error(s);
|
|
1714 return NGX_ERROR;
|
|
1715 }
|
|
1716
|
|
1717 return NGX_AGAIN;
|
|
1718 }
|
|
1719
|
|
1720 switch (s->protocol) {
|
|
1721 case NGX_MAIL_POP3_PROTOCOL:
|
|
1722 rc = ngx_pop3_parse_command(s);
|
|
1723 break;
|
|
1724
|
|
1725 case NGX_MAIL_IMAP_PROTOCOL:
|
|
1726 rc = ngx_imap_parse_command(s);
|
|
1727 break;
|
|
1728
|
|
1729 default: /* NGX_MAIL_SMTP_PROTOCOL */
|
|
1730 rc = ngx_smtp_parse_command(s);
|
|
1731 break;
|
|
1732 }
|
|
1733
|
|
1734 if (rc == NGX_AGAIN) {
|
|
1735
|
|
1736 if (s->buffer->last < s->buffer->end) {
|
|
1737 return rc;
|
|
1738 }
|
|
1739
|
|
1740 l.len = s->buffer->last - s->buffer->start;
|
|
1741 l.data = s->buffer->start;
|
|
1742
|
|
1743 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1744 "client sent too long command \"%V\"", &l);
|
|
1745
|
|
1746 s->quit = 1;
|
|
1747
|
|
1748 return NGX_MAIL_PARSE_INVALID_COMMAND;
|
|
1749 }
|
|
1750
|
|
1751 if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
|
|
1752 return rc;
|
|
1753 }
|
|
1754
|
|
1755 if (rc == NGX_ERROR) {
|
|
1756 ngx_mail_close_connection(s->connection);
|
|
1757 return NGX_ERROR;
|
|
1758 }
|
|
1759
|
|
1760 return NGX_OK;
|
|
1761 }
|
|
1762
|
|
1763
|
|
1764 void
|
|
1765 ngx_mail_session_internal_server_error(ngx_mail_session_t *s)
|
|
1766 {
|
|
1767 s->out = internal_server_errors[s->protocol];
|
|
1768 s->quit = 1;
|
|
1769
|
|
1770 ngx_mail_send(s->connection->write);
|
|
1771 }
|
|
1772
|
|
1773
|
|
1774 void
|
|
1775 ngx_mail_close_connection(ngx_connection_t *c)
|
|
1776 {
|
|
1777 ngx_pool_t *pool;
|
|
1778
|
|
1779 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
|
|
1780 "close mail connection: %d", c->fd);
|
|
1781
|
|
1782 #if (NGX_MAIL_SSL)
|
|
1783
|
|
1784 if (c->ssl) {
|
|
1785 if (ngx_ssl_shutdown(c) == NGX_AGAIN) {
|
|
1786 c->ssl->handler = ngx_mail_close_connection;
|
|
1787 return;
|
|
1788 }
|
|
1789 }
|
|
1790
|
|
1791 #endif
|
|
1792
|
|
1793 c->destroyed = 1;
|
|
1794
|
|
1795 pool = c->pool;
|
|
1796
|
|
1797 ngx_close_connection(c);
|
|
1798
|
|
1799 ngx_destroy_pool(pool);
|
|
1800 }
|
|
1801
|
|
1802
|
|
1803 static u_char *
|
|
1804 ngx_mail_log_error(ngx_log_t *log, u_char *buf, size_t len)
|
|
1805 {
|
|
1806 u_char *p;
|
|
1807 ngx_mail_session_t *s;
|
|
1808 ngx_mail_log_ctx_t *ctx;
|
|
1809
|
|
1810 if (log->action) {
|
|
1811 p = ngx_snprintf(buf, len, " while %s", log->action);
|
|
1812 len -= p - buf;
|
|
1813 buf = p;
|
|
1814 }
|
|
1815
|
|
1816 ctx = log->data;
|
|
1817
|
|
1818 p = ngx_snprintf(buf, len, ", client: %V", ctx->client);
|
|
1819 len -= p - buf;
|
|
1820 buf = p;
|
|
1821
|
|
1822 s = ctx->session;
|
|
1823
|
|
1824 if (s == NULL) {
|
|
1825 return p;
|
|
1826 }
|
|
1827
|
|
1828 p = ngx_snprintf(buf, len, ", server: %V", s->addr_text);
|
|
1829 len -= p - buf;
|
|
1830 buf = p;
|
|
1831
|
|
1832 if (s->login.len == 0) {
|
|
1833 return p;
|
|
1834 }
|
|
1835
|
|
1836 p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login);
|
|
1837 len -= p - buf;
|
|
1838 buf = p;
|
|
1839
|
|
1840 if (s->proxy == NULL) {
|
|
1841 return p;
|
|
1842 }
|
|
1843
|
|
1844 p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name);
|
|
1845
|
|
1846 return p;
|
|
1847 }
|