Mercurial > hg > nginx-ranges

diff src/imap/ngx_imap_auth_http_module.c @ 250:fbf2b2f66c9f NGINX_0_4_10

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.4.10 *) Feature: the POP3 proxy supports the APOP command. *) Bugfix: if the select, poll or /dev/poll methods were used, then while waiting authentication server response the IMAP/POP3 proxy hogged CPU. *) Bugfix: a segmentation fault might occur if the $server_addr variable was used in the "map" directive. *) Bugfix: the ngx_http_flv_module did not support the byte ranges for full responses; bug appeared in 0.4.7. *) Bugfix: nginx could not be built on Debian amd64; bug appeared in 0.4.9.
author Igor Sysoev <http://sysoev.ru>
date Mon, 23 Oct 2006 00:00:00 +0400
parents 13710a1813ad
children 644510700914
line wrap: on
line diff
--- a/src/imap/ngx_imap_auth_http_module.c
+++ b/src/imap/ngx_imap_auth_http_module.c
@@ -131,7 +131,10 @@ ngx_module_t  ngx_imap_auth_http_module 
 };
 
 
-static char *ngx_imap_auth_http_protocol[] = { "pop3", "imap" };
+static char       *ngx_imap_auth_http_protocol[] = { "pop3", "imap" };
+static ngx_str_t   ngx_imap_auth_http_method[] = {
+    ngx_string("plain"), ngx_string("apop")
+};
 
 
 void
@@ -250,6 +253,12 @@ ngx_imap_auth_http_write_handler(ngx_eve
                 ngx_del_timer(wev);
             }
 
+            if (ngx_handle_write_event(wev, 0) == NGX_ERROR) {
+                ngx_close_connection(ctx->peer.connection);
+                ngx_destroy_pool(ctx->pool);
+                ngx_imap_session_internal_server_error(s);
+            }
+
             return;
         }
     }
@@ -552,6 +561,25 @@ ngx_imap_auth_http_process_headers(ngx_i
                 continue;
             }
 
+            if (len == sizeof("Auth-Pass") - 1
+                && ngx_strncasecmp(ctx->header_name_start, "Auth-Pass",
+                                   sizeof("Auth-Pass") - 1) == 0)
+            {
+                s->passwd.len = ctx->header_end - ctx->header_start;
+
+                s->passwd.data = ngx_palloc(s->connection->pool, s->passwd.len);
+                if (s->passwd.data == NULL) {
+                    ngx_close_connection(ctx->peer.connection);
+                    ngx_destroy_pool(ctx->pool);
+                    ngx_imap_session_internal_server_error(s);
+                    return;
+                }
+
+                ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len);
+
+                continue;
+            }
+
             if (len == sizeof("Auth-Wait") - 1
                 && ngx_strncasecmp(ctx->header_name_start, "Auth-Wait",
                                    sizeof("Auth-Wait") - 1) == 0)
@@ -608,6 +636,15 @@ ngx_imap_auth_http_process_headers(ngx_i
                 return;
             }
 
+            if (s->passwd.data == NULL) {
+                ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
+                              "auth http server %V did not send password",
+                              &ctx->peer.peers->peer[0].name);
+                ngx_destroy_pool(ctx->pool);
+                ngx_imap_session_internal_server_error(s);
+                return;
+            }
+
             peers = ngx_pcalloc(s->connection->pool, sizeof(ngx_peers_t));
             if (peers == NULL) {
                 ngx_destroy_pool(ctx->pool);
@@ -725,6 +762,8 @@ ngx_imap_auth_sleep_handler(ngx_event_t 
             s->connection->read->handler = ngx_imap_auth_state;
         }
 
+        s->auth_method = NGX_IMAP_AUTH_PLAIN;
+
         c->log->action = "in auth state";
 
         ngx_imap_send(s->connection->write);
@@ -1001,6 +1040,7 @@ ngx_imap_auth_http_create_request(ngx_im
           + sizeof("Auth-Method: plain" CRLF) - 1
           + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1
           + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1
+          + sizeof("Auth-Salt: ") - 1 + s->salt.len
           + sizeof("Auth-Protocol: imap" CRLF) - 1
           + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN
                 + sizeof(CRLF) - 1
@@ -1023,8 +1063,12 @@ ngx_imap_auth_http_create_request(ngx_im
                          ahcf->host_header.len);
     *b->last++ = CR; *b->last++ = LF;
 
-    b->last = ngx_cpymem(b->last, "Auth-Method: plain" CRLF,
-                         sizeof("Auth-Method: plain" CRLF) - 1);
+    b->last = ngx_cpymem(b->last, "Auth-Method: ",
+                         sizeof("Auth-Method: ") - 1);
+    b->last = ngx_cpymem(b->last,
+                         ngx_imap_auth_http_method[s->auth_method].data,
+                         ngx_imap_auth_http_method[s->auth_method].len);
+    *b->last++ = CR; *b->last++ = LF;
 
     b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1);
     b->last = ngx_copy(b->last, login.data, login.len);
@@ -1034,6 +1078,13 @@ ngx_imap_auth_http_create_request(ngx_im
     b->last = ngx_copy(b->last, passwd.data, passwd.len);
     *b->last++ = CR; *b->last++ = LF;
 
+    if (s->salt.len) {
+        b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1);
+        b->last = ngx_copy(b->last, s->salt.data, s->salt.len);
+
+        s->passwd.data = NULL;
+    }
+
     b->last = ngx_cpymem(b->last, "Auth-Protocol: ",
                          sizeof("Auth-Protocol: ") - 1);
     b->last = ngx_cpymem(b->last, ngx_imap_auth_http_protocol[s->protocol],