76
|
1
|
|
2 /*
|
|
3 * Copyright (C) Igor Sysoev
|
|
4 */
|
|
5
|
|
6
|
|
7 #include <ngx_config.h>
|
|
8 #include <ngx_core.h>
|
|
9 #include <ngx_event.h>
|
|
10 #include <ngx_imap.h>
|
|
11
|
|
12
|
96
|
13 static void ngx_imap_init_session(ngx_connection_t *c);
|
90
|
14 static void ngx_imap_init_protocol(ngx_event_t *rev);
|
262
|
15 static ngx_int_t ngx_imap_decode_auth_plain(ngx_imap_session_t *s,
|
|
16 ngx_str_t *encoded);
|
258
|
17 static void ngx_imap_do_auth(ngx_imap_session_t *s);
|
76
|
18 static ngx_int_t ngx_imap_read_command(ngx_imap_session_t *s);
|
90
|
19 static u_char *ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len);
|
76
|
20
|
88
|
21 #if (NGX_IMAP_SSL)
|
132
|
22 static void ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c);
|
96
|
23 static void ngx_imap_ssl_handshake_handler(ngx_connection_t *c);
|
88
|
24 #endif
|
|
25
|
76
|
26
|
|
27 static ngx_str_t greetings[] = {
|
|
28 ngx_string("+OK POP3 ready" CRLF),
|
78
|
29 ngx_string("* OK IMAP4 ready" CRLF)
|
76
|
30 };
|
|
31
|
|
32 static ngx_str_t internal_server_errors[] = {
|
|
33 ngx_string("-ERR internal server error" CRLF),
|
|
34 ngx_string("* BAD internal server error" CRLF),
|
|
35 };
|
|
36
|
|
37 static u_char pop3_ok[] = "+OK" CRLF;
|
252
|
38 static u_char pop3_next[] = "+ " CRLF;
|
|
39 static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF;
|
|
40 static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF;
|
76
|
41 static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF;
|
|
42
|
92
|
43 static u_char imap_star[] = "* ";
|
78
|
44 static u_char imap_ok[] = "OK completed" CRLF;
|
76
|
45 static u_char imap_next[] = "+ OK" CRLF;
|
|
46 static u_char imap_bye[] = "* BYE" CRLF;
|
|
47 static u_char imap_invalid_command[] = "BAD invalid command" CRLF;
|
|
48
|
|
49
|
|
50 void
|
|
51 ngx_imap_init_connection(ngx_connection_t *c)
|
|
52 {
|
190
|
53 in_addr_t in_addr;
|
|
54 socklen_t len;
|
|
55 ngx_uint_t i;
|
|
56 struct sockaddr_in sin;
|
|
57 ngx_imap_log_ctx_t *ctx;
|
|
58 ngx_imap_in_port_t *imip;
|
|
59 ngx_imap_in_addr_t *imia;
|
|
60 ngx_imap_session_t *s;
|
92
|
61 #if (NGX_IMAP_SSL)
|
132
|
62 ngx_imap_ssl_conf_t *sslcf;
|
92
|
63 #endif
|
90
|
64
|
190
|
65
|
|
66 /* find the server configuration for the address:port */
|
|
67
|
|
68 /* AF_INET only */
|
|
69
|
|
70 imip = c->listening->servers;
|
|
71 imia = imip->addrs;
|
|
72
|
|
73 i = 0;
|
|
74
|
|
75 if (imip->naddrs > 1) {
|
|
76
|
|
77 /*
|
|
78 * There are several addresses on this port and one of them
|
|
79 * is the "*:port" wildcard so getsockname() is needed to determine
|
|
80 * the server address.
|
|
81 *
|
|
82 * AcceptEx() already gave this address.
|
|
83 */
|
|
84
|
|
85 #if (NGX_WIN32)
|
|
86 if (c->local_sockaddr) {
|
|
87 in_addr =
|
|
88 ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr;
|
90
|
89
|
190
|
90 } else
|
|
91 #endif
|
|
92 {
|
|
93 len = sizeof(struct sockaddr_in);
|
|
94 if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) {
|
|
95 ngx_connection_error(c, ngx_socket_errno,
|
|
96 "getsockname() failed");
|
|
97 ngx_imap_close_connection(c);
|
|
98 return;
|
|
99 }
|
|
100
|
|
101 in_addr = sin.sin_addr.s_addr;
|
|
102 }
|
|
103
|
|
104 /* the last address is "*" */
|
|
105
|
|
106 for ( /* void */ ; i < imip->naddrs - 1; i++) {
|
|
107 if (in_addr == imia[i].addr) {
|
|
108 break;
|
|
109 }
|
|
110 }
|
|
111 }
|
|
112
|
|
113
|
|
114 s = ngx_pcalloc(c->pool, sizeof(ngx_imap_session_t));
|
|
115 if (s == NULL) {
|
90
|
116 ngx_imap_close_connection(c);
|
|
117 return;
|
126
|
118 }
|
90
|
119
|
190
|
120 s->main_conf = imia[i].ctx->main_conf;
|
|
121 s->srv_conf = imia[i].ctx->srv_conf;
|
|
122
|
|
123 s->addr_text = &imia[i].addr_text;
|
|
124
|
|
125 c->data = s;
|
|
126 s->connection = c;
|
|
127
|
|
128 ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V",
|
|
129 c->number, &c->addr_text, s->addr_text);
|
|
130
|
|
131 ctx = ngx_palloc(c->pool, sizeof(ngx_imap_log_ctx_t));
|
|
132 if (ctx == NULL) {
|
|
133 ngx_imap_close_connection(c);
|
|
134 return;
|
|
135 }
|
|
136
|
|
137 ctx->client = &c->addr_text;
|
|
138 ctx->session = s;
|
90
|
139
|
|
140 c->log->connection = c->number;
|
|
141 c->log->handler = ngx_imap_log_error;
|
190
|
142 c->log->data = ctx;
|
90
|
143 c->log->action = "sending client greeting line";
|
|
144
|
|
145 c->log_error = NGX_ERROR_INFO;
|
|
146
|
92
|
147 #if (NGX_IMAP_SSL)
|
|
148
|
190
|
149 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
92
|
150
|
|
151 if (sslcf->enable) {
|
132
|
152 ngx_imap_ssl_init_connection(&sslcf->ssl, c);
|
96
|
153 return;
|
92
|
154 }
|
|
155
|
|
156 #endif
|
|
157
|
96
|
158 ngx_imap_init_session(c);
|
90
|
159 }
|
|
160
|
|
161
|
96
|
162 #if (NGX_IMAP_SSL)
|
|
163
|
90
|
164 static void
|
132
|
165 ngx_imap_starttls_handler(ngx_event_t *rev)
|
|
166 {
|
|
167 ngx_connection_t *c;
|
|
168 ngx_imap_session_t *s;
|
|
169 ngx_imap_ssl_conf_t *sslcf;
|
|
170
|
|
171 c = rev->data;
|
|
172 s = c->data;
|
190
|
173 s->starttls = 1;
|
132
|
174
|
|
175 c->log->action = "in starttls state";
|
|
176
|
|
177 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
178
|
|
179 ngx_imap_ssl_init_connection(&sslcf->ssl, c);
|
|
180 }
|
|
181
|
|
182
|
|
183 static void
|
|
184 ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c)
|
|
185 {
|
190
|
186 ngx_imap_session_t *s;
|
132
|
187 ngx_imap_core_srv_conf_t *cscf;
|
|
188
|
|
189 if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) {
|
|
190 ngx_imap_close_connection(c);
|
|
191 return;
|
|
192 }
|
|
193
|
|
194 if (ngx_ssl_handshake(c) == NGX_AGAIN) {
|
|
195
|
190
|
196 s = c->data;
|
|
197
|
|
198 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
199
|
|
200 ngx_add_timer(c->read, cscf->timeout);
|
|
201
|
|
202 c->ssl->handler = ngx_imap_ssl_handshake_handler;
|
|
203
|
|
204 return;
|
|
205 }
|
|
206
|
|
207 ngx_imap_ssl_handshake_handler(c);
|
|
208 }
|
|
209
|
|
210
|
|
211 static void
|
96
|
212 ngx_imap_ssl_handshake_handler(ngx_connection_t *c)
|
126
|
213 {
|
190
|
214 ngx_imap_session_t *s;
|
|
215
|
96
|
216 if (c->ssl->handshaked) {
|
132
|
217
|
190
|
218 s = c->data;
|
|
219
|
|
220 if (s->starttls) {
|
132
|
221 c->read->handler = ngx_imap_init_protocol;
|
|
222 c->write->handler = ngx_imap_send;
|
|
223
|
|
224 ngx_imap_init_protocol(c->read);
|
|
225
|
|
226 return;
|
|
227 }
|
|
228
|
96
|
229 ngx_imap_init_session(c);
|
|
230 return;
|
|
231 }
|
|
232
|
|
233 ngx_imap_close_connection(c);
|
|
234 }
|
|
235
|
|
236 #endif
|
|
237
|
|
238
|
|
239 static void
|
|
240 ngx_imap_init_session(ngx_connection_t *c)
|
90
|
241 {
|
250
|
242 u_char *p;
|
88
|
243 ngx_imap_session_t *s;
|
90
|
244 ngx_imap_core_srv_conf_t *cscf;
|
76
|
245
|
96
|
246 c->read->handler = ngx_imap_init_protocol;
|
|
247 c->write->handler = ngx_imap_send;
|
88
|
248
|
190
|
249 s = c->data;
|
76
|
250
|
190
|
251 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
88
|
252
|
|
253 s->protocol = cscf->protocol;
|
|
254
|
|
255 s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_imap_max_module);
|
|
256 if (s->ctx == NULL) {
|
|
257 ngx_imap_session_internal_server_error(s);
|
|
258 return;
|
|
259 }
|
|
260
|
|
261 s->out = greetings[s->protocol];
|
|
262
|
250
|
263 if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
|
|
264 && s->protocol == NGX_IMAP_POP3_PROTOCOL)
|
|
265 {
|
|
266 s->salt.data = ngx_palloc(c->pool,
|
|
267 sizeof(" <18446744073709551616.@>" CRLF) - 1
|
|
268 + NGX_TIME_T_LEN
|
|
269 + cscf->server_name.len);
|
|
270 if (s->salt.data == NULL) {
|
|
271 ngx_imap_session_internal_server_error(s);
|
|
272 return;
|
|
273 }
|
|
274
|
|
275 s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF,
|
|
276 ngx_random(), ngx_time(), &cscf->server_name)
|
|
277 - s->salt.data;
|
|
278
|
|
279 s->out.data = ngx_palloc(c->pool, greetings[0].len + 1 + s->salt.len);
|
|
280 if (s->out.data == NULL) {
|
|
281 ngx_imap_session_internal_server_error(s);
|
|
282 return;
|
|
283 }
|
|
284
|
|
285 p = ngx_cpymem(s->out.data, greetings[0].data, greetings[0].len - 2);
|
|
286 *p++ = ' ';
|
|
287 p = ngx_cpymem(p, s->salt.data, s->salt.len);
|
|
288
|
|
289 s->out.len = p - s->out.data;
|
|
290 }
|
|
291
|
96
|
292 ngx_add_timer(c->read, cscf->timeout);
|
76
|
293
|
96
|
294 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
|
76
|
295 ngx_imap_close_connection(c);
|
|
296 }
|
88
|
297
|
|
298 ngx_imap_send(c->write);
|
|
299 }
|
|
300
|
|
301
|
|
302 void
|
|
303 ngx_imap_send(ngx_event_t *wev)
|
|
304 {
|
90
|
305 ngx_int_t n;
|
|
306 ngx_connection_t *c;
|
|
307 ngx_imap_session_t *s;
|
|
308 ngx_imap_core_srv_conf_t *cscf;
|
88
|
309
|
|
310 c = wev->data;
|
|
311 s = c->data;
|
|
312
|
|
313 if (wev->timedout) {
|
|
314 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
315 c->timedout = 1;
|
88
|
316 ngx_imap_close_connection(c);
|
|
317 return;
|
|
318 }
|
|
319
|
|
320 if (s->out.len == 0) {
|
|
321 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
322 ngx_imap_close_connection(c);
|
|
323 }
|
|
324
|
|
325 return;
|
|
326 }
|
|
327
|
|
328 n = c->send(c, s->out.data, s->out.len);
|
|
329
|
|
330 if (n > 0) {
|
|
331 s->out.len -= n;
|
|
332
|
90
|
333 if (wev->timer_set) {
|
|
334 ngx_del_timer(wev);
|
|
335 }
|
|
336
|
88
|
337 if (s->quit) {
|
|
338 ngx_imap_close_connection(c);
|
|
339 return;
|
|
340 }
|
|
341
|
|
342 if (s->blocked) {
|
|
343 c->read->handler(c->read);
|
|
344 }
|
|
345
|
|
346 return;
|
|
347 }
|
|
348
|
|
349 if (n == NGX_ERROR) {
|
|
350 ngx_imap_close_connection(c);
|
|
351 return;
|
|
352 }
|
|
353
|
|
354 /* n == NGX_AGAIN */
|
|
355
|
90
|
356 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
357
|
|
358 ngx_add_timer(c->write, cscf->timeout);
|
|
359
|
88
|
360 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
|
|
361 ngx_imap_close_connection(c);
|
|
362 return;
|
|
363 }
|
76
|
364 }
|
|
365
|
|
366
|
|
367 static void
|
90
|
368 ngx_imap_init_protocol(ngx_event_t *rev)
|
76
|
369 {
|
|
370 size_t size;
|
|
371 ngx_connection_t *c;
|
|
372 ngx_imap_session_t *s;
|
|
373 ngx_imap_core_srv_conf_t *cscf;
|
|
374
|
|
375 c = rev->data;
|
|
376
|
90
|
377 c->log->action = "in auth state";
|
|
378
|
76
|
379 if (rev->timedout) {
|
|
380 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
381 c->timedout = 1;
|
76
|
382 ngx_imap_close_connection(c);
|
|
383 return;
|
|
384 }
|
|
385
|
88
|
386 s = c->data;
|
76
|
387
|
88
|
388 if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
|
76
|
389 size = 128;
|
|
390 s->imap_state = ngx_pop3_start;
|
|
391 c->read->handler = ngx_pop3_auth_state;
|
|
392
|
|
393 } else {
|
88
|
394 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
76
|
395 size = cscf->imap_client_buffer_size;
|
|
396 s->imap_state = ngx_imap_start;
|
|
397 c->read->handler = ngx_imap_auth_state;
|
|
398 }
|
|
399
|
|
400 if (s->buffer == NULL) {
|
132
|
401 if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t))
|
|
402 == NGX_ERROR)
|
|
403 {
|
|
404 ngx_imap_session_internal_server_error(s);
|
|
405 return;
|
|
406 }
|
|
407
|
|
408 s->buffer = ngx_create_temp_buf(c->pool, size);
|
|
409 if (s->buffer == NULL) {
|
|
410 ngx_imap_session_internal_server_error(s);
|
|
411 return;
|
|
412 }
|
76
|
413 }
|
|
414
|
|
415 c->read->handler(rev);
|
|
416 }
|
|
417
|
|
418
|
|
419 void
|
|
420 ngx_imap_auth_state(ngx_event_t *rev)
|
|
421 {
|
92
|
422 u_char *text, *last, *p, *dst, *src, *end;
|
88
|
423 ssize_t text_len, last_len;
|
76
|
424 ngx_str_t *arg;
|
|
425 ngx_int_t rc;
|
92
|
426 ngx_uint_t tag, i;
|
76
|
427 ngx_connection_t *c;
|
|
428 ngx_imap_session_t *s;
|
|
429 ngx_imap_core_srv_conf_t *cscf;
|
132
|
430 #if (NGX_IMAP_SSL)
|
|
431 ngx_imap_ssl_conf_t *sslcf;
|
|
432 #endif
|
76
|
433
|
|
434 c = rev->data;
|
|
435 s = c->data;
|
|
436
|
|
437 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth state");
|
|
438
|
|
439 if (rev->timedout) {
|
|
440 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
441 c->timedout = 1;
|
76
|
442 ngx_imap_close_connection(c);
|
|
443 return;
|
|
444 }
|
|
445
|
88
|
446 if (s->out.len) {
|
|
447 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
|
|
448 s->blocked = 1;
|
|
449 return;
|
|
450 }
|
|
451
|
|
452 s->blocked = 0;
|
|
453
|
76
|
454 rc = ngx_imap_read_command(s);
|
|
455
|
|
456 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth: %i", rc);
|
|
457
|
|
458 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
459 return;
|
|
460 }
|
|
461
|
|
462 tag = 1;
|
|
463
|
|
464 text = NULL;
|
|
465 text_len = 0;
|
|
466
|
|
467 last = imap_ok;
|
|
468 last_len = sizeof(imap_ok) - 1;
|
|
469
|
|
470 if (rc == NGX_OK) {
|
|
471
|
|
472 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth command: %i",
|
|
473 s->command);
|
|
474
|
92
|
475 if (s->backslash) {
|
|
476
|
|
477 arg = s->args.elts;
|
|
478
|
|
479 for (i = 0; i < s->args.nelts; i++) {
|
|
480 dst = arg[i].data;
|
|
481 end = dst + arg[i].len;
|
|
482
|
|
483 for (src = dst; src < end; dst++) {
|
|
484 *dst = *src;
|
|
485 if (*src++ == '\\') {
|
|
486 *dst = *src++;
|
|
487 }
|
|
488 }
|
|
489
|
|
490 arg[i].len = dst - arg[i].data;
|
|
491 }
|
|
492
|
|
493 s->backslash = 0;
|
|
494 }
|
|
495
|
76
|
496 switch (s->command) {
|
|
497
|
|
498 case NGX_IMAP_LOGIN:
|
132
|
499
|
|
500 #if (NGX_IMAP_SSL)
|
|
501
|
|
502 if (c->ssl == NULL) {
|
|
503 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
504
|
|
505 if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
|
|
506 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
507 break;
|
|
508 }
|
|
509 }
|
|
510 #endif
|
|
511
|
118
|
512 arg = s->args.elts;
|
76
|
513
|
118
|
514 if (s->args.nelts == 2 && arg[0].len) {
|
76
|
515
|
|
516 s->login.len = arg[0].len;
|
|
517 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
518 if (s->login.data == NULL) {
|
|
519 ngx_imap_session_internal_server_error(s);
|
|
520 return;
|
|
521 }
|
|
522
|
|
523 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
524
|
|
525 s->passwd.len = arg[1].len;
|
|
526 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
527 if (s->passwd.data == NULL) {
|
|
528 ngx_imap_session_internal_server_error(s);
|
|
529 return;
|
|
530 }
|
|
531
|
|
532 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
533
|
96
|
534 #if (NGX_DEBUG_IMAP_PASSWD)
|
76
|
535 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
536 "imap login:\"%V\" passwd:\"%V\"",
|
|
537 &s->login, &s->passwd);
|
96
|
538 #else
|
|
539 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
540 "imap login:\"%V\"", &s->login);
|
|
541 #endif
|
76
|
542
|
258
|
543 ngx_imap_do_auth(s);
|
76
|
544 return;
|
|
545 }
|
|
546
|
252
|
547 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
548 break;
|
|
549
|
|
550 case NGX_IMAP_CAPABILITY:
|
|
551 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
552
|
|
553 #if (NGX_IMAP_SSL)
|
|
554
|
|
555 if (c->ssl == NULL) {
|
|
556 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
557
|
|
558 if (sslcf->starttls == NGX_IMAP_STARTTLS_ON) {
|
|
559 text_len = cscf->imap_starttls_capability.len;
|
|
560 text = cscf->imap_starttls_capability.data;
|
|
561 break;
|
|
562 }
|
|
563
|
|
564 if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
|
|
565 text_len = cscf->imap_starttls_only_capability.len;
|
|
566 text = cscf->imap_starttls_only_capability.data;
|
|
567 break;
|
|
568 }
|
|
569 }
|
|
570 #endif
|
|
571
|
|
572 text_len = cscf->imap_capability.len;
|
|
573 text = cscf->imap_capability.data;
|
76
|
574 break;
|
|
575
|
|
576 case NGX_IMAP_LOGOUT:
|
88
|
577 s->quit = 1;
|
76
|
578 text = imap_bye;
|
|
579 text_len = sizeof(imap_bye) - 1;
|
|
580 break;
|
|
581
|
|
582 case NGX_IMAP_NOOP:
|
|
583 break;
|
|
584
|
132
|
585 #if (NGX_IMAP_SSL)
|
|
586
|
|
587 case NGX_IMAP_STARTTLS:
|
|
588 if (c->ssl == NULL) {
|
|
589 sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
|
|
590 if (sslcf->starttls) {
|
|
591 c->read->handler = ngx_imap_starttls_handler;
|
|
592 break;
|
|
593 }
|
|
594 }
|
|
595
|
|
596 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
597 break;
|
|
598 #endif
|
|
599
|
76
|
600 default:
|
|
601 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
602 break;
|
|
603 }
|
|
604
|
|
605 } else if (rc == NGX_IMAP_NEXT) {
|
|
606 last = imap_next;
|
|
607 last_len = sizeof(imap_next) - 1;
|
|
608 tag = 0;
|
|
609 }
|
|
610
|
|
611 if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
|
|
612 last = imap_invalid_command;
|
|
613 last_len = sizeof(imap_invalid_command) - 1;
|
|
614 }
|
|
615
|
|
616 if (tag) {
|
92
|
617 if (s->tag.len == 0) {
|
|
618 s->tag.len = sizeof(imap_star) - 1;
|
|
619 s->tag.data = (u_char *) imap_star;
|
|
620 }
|
|
621
|
88
|
622 if (s->tagged_line.len < s->tag.len + text_len + last_len) {
|
|
623 s->tagged_line.len = s->tag.len + text_len + last_len;
|
|
624 s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len);
|
|
625 if (s->tagged_line.data == NULL) {
|
76
|
626 ngx_imap_close_connection(c);
|
|
627 return;
|
|
628 }
|
|
629 }
|
|
630
|
88
|
631 s->out.data = s->tagged_line.data;
|
|
632 s->out.len = s->tag.len + text_len + last_len;
|
|
633
|
|
634 p = s->out.data;
|
76
|
635
|
|
636 if (text) {
|
|
637 p = ngx_cpymem(p, text, text_len);
|
|
638 }
|
|
639 p = ngx_cpymem(p, s->tag.data, s->tag.len);
|
|
640 ngx_memcpy(p, last, last_len);
|
|
641
|
|
642
|
|
643 } else {
|
88
|
644 s->out.data = last;
|
|
645 s->out.len = last_len;
|
76
|
646 }
|
|
647
|
88
|
648 if (rc != NGX_IMAP_NEXT) {
|
|
649 s->args.nelts = 0;
|
|
650 s->buffer->pos = s->buffer->start;
|
|
651 s->buffer->last = s->buffer->start;
|
|
652 s->tag.len = 0;
|
76
|
653 }
|
|
654
|
88
|
655 ngx_imap_send(c->write);
|
76
|
656 }
|
|
657
|
|
658
|
|
659 void
|
|
660 ngx_pop3_auth_state(ngx_event_t *rev)
|
|
661 {
|
252
|
662 u_char *text, *p, *last;
|
76
|
663 ssize_t size;
|
|
664 ngx_int_t rc;
|
262
|
665 ngx_str_t *arg, salt;
|
76
|
666 ngx_connection_t *c;
|
|
667 ngx_imap_session_t *s;
|
|
668 ngx_imap_core_srv_conf_t *cscf;
|
132
|
669 #if (NGX_IMAP_SSL)
|
|
670 ngx_imap_ssl_conf_t *sslcf;
|
|
671 #endif
|
76
|
672
|
|
673 c = rev->data;
|
|
674 s = c->data;
|
|
675
|
|
676 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth state");
|
|
677
|
|
678 if (rev->timedout) {
|
|
679 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
|
126
|
680 c->timedout = 1;
|
76
|
681 ngx_imap_close_connection(c);
|
|
682 return;
|
|
683 }
|
|
684
|
88
|
685 if (s->out.len) {
|
|
686 ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
|
|
687 s->blocked = 1;
|
|
688 return;
|
|
689 }
|
|
690
|
|
691 s->blocked = 0;
|
|
692
|
76
|
693 rc = ngx_imap_read_command(s);
|
|
694
|
|
695 if (rc == NGX_AGAIN || rc == NGX_ERROR) {
|
|
696 return;
|
|
697 }
|
|
698
|
|
699 text = pop3_ok;
|
|
700 size = sizeof(pop3_ok) - 1;
|
|
701
|
|
702 if (rc == NGX_OK) {
|
|
703 switch (s->imap_state) {
|
|
704
|
|
705 case ngx_pop3_start:
|
|
706
|
|
707 switch (s->command) {
|
|
708
|
|
709 case NGX_POP3_USER:
|
|
710 if (s->args.nelts == 1) {
|
|
711 s->imap_state = ngx_pop3_user;
|
|
712
|
|
713 arg = s->args.elts;
|
|
714 s->login.len = arg[0].len;
|
|
715 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
716 if (s->login.data == NULL) {
|
|
717 ngx_imap_session_internal_server_error(s);
|
|
718 return;
|
|
719 }
|
|
720
|
|
721 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
722
|
|
723 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
724 "pop3 login: \"%V\"", &s->login);
|
|
725
|
252
|
726 break;
|
76
|
727 }
|
|
728
|
252
|
729 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
730 break;
|
|
731
|
|
732 case NGX_POP3_CAPA:
|
|
733 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
734
|
|
735 #if (NGX_IMAP_SSL)
|
|
736
|
|
737 if (c->ssl == NULL) {
|
|
738 sslcf = ngx_imap_get_module_srv_conf(s,
|
|
739 ngx_imap_ssl_module);
|
|
740 if (sslcf->starttls) {
|
|
741 size = cscf->pop3_starttls_capability.len;
|
|
742 text = cscf->pop3_starttls_capability.data;
|
|
743 break;
|
|
744 }
|
|
745 }
|
|
746 #endif
|
|
747
|
|
748 size = cscf->pop3_capability.len;
|
|
749 text = cscf->pop3_capability.data;
|
76
|
750 break;
|
|
751
|
250
|
752 case NGX_POP3_APOP:
|
|
753 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
754
|
|
755 if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
|
|
756 && s->args.nelts == 2)
|
|
757 {
|
|
758 arg = s->args.elts;
|
|
759
|
|
760 s->login.len = arg[0].len;
|
|
761 s->login.data = ngx_palloc(c->pool, s->login.len);
|
|
762 if (s->login.data == NULL) {
|
|
763 ngx_imap_session_internal_server_error(s);
|
|
764 return;
|
|
765 }
|
|
766
|
|
767 ngx_memcpy(s->login.data, arg[0].data, s->login.len);
|
|
768
|
|
769 s->passwd.len = arg[1].len;
|
|
770 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
771 if (s->passwd.data == NULL) {
|
|
772 ngx_imap_session_internal_server_error(s);
|
|
773 return;
|
|
774 }
|
|
775
|
|
776 ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
|
|
777
|
|
778 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
779 "pop3 apop: \"%V\" \"%V\"",
|
|
780 &s->login, &s->passwd);
|
|
781
|
|
782 s->auth_method = NGX_IMAP_AUTH_APOP;
|
|
783
|
258
|
784 ngx_imap_do_auth(s);
|
250
|
785 return;
|
252
|
786 }
|
250
|
787
|
252
|
788 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
789 break;
|
|
790
|
|
791 case NGX_POP3_AUTH:
|
|
792 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
|
793
|
|
794 if (s->args.nelts == 0) {
|
|
795 size = cscf->pop3_auth_capability.len;
|
|
796 text = cscf->pop3_auth_capability.data;
|
|
797 s->state = 0;
|
|
798 break;
|
|
799 }
|
|
800
|
|
801 arg = s->args.elts;
|
|
802
|
|
803 if (arg[0].len == 5) {
|
|
804
|
286
|
805 if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5)
|
|
806 == 0)
|
|
807 {
|
262
|
808
|
|
809 if (s->args.nelts != 1) {
|
|
810 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
811 break;
|
|
812 }
|
|
813
|
252
|
814 s->imap_state = ngx_pop3_auth_login_username;
|
|
815
|
|
816 size = sizeof(pop3_username) - 1;
|
|
817 text = pop3_username;
|
|
818
|
|
819 break;
|
|
820
|
286
|
821 } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN",
|
|
822 5)
|
|
823 == 0)
|
|
824 {
|
262
|
825
|
|
826 if (s->args.nelts == 1) {
|
|
827 s->imap_state = ngx_pop3_auth_plain;
|
|
828
|
|
829 size = sizeof(pop3_next) - 1;
|
|
830 text = pop3_next;
|
|
831
|
|
832 break;
|
|
833 }
|
|
834
|
|
835 if (s->args.nelts == 2) {
|
|
836
|
|
837 /*
|
|
838 * workaround for Eudora for Mac: it sends
|
|
839 * AUTH PLAIN [base64 encoded]
|
|
840 */
|
252
|
841
|
262
|
842 rc = ngx_imap_decode_auth_plain(s, &arg[1]);
|
|
843
|
|
844 if (rc == NGX_OK) {
|
|
845 ngx_imap_do_auth(s);
|
|
846 return;
|
|
847 }
|
252
|
848
|
262
|
849 if (rc == NGX_ERROR) {
|
|
850 ngx_imap_session_internal_server_error(s);
|
|
851 return;
|
|
852 }
|
|
853
|
|
854 /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
|
|
855
|
|
856 break;
|
|
857 }
|
|
858
|
|
859 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
252
|
860 break;
|
|
861 }
|
|
862
|
|
863 } else if (arg[0].len == 8
|
286
|
864 && ngx_strncasecmp(arg[0].data,
|
|
865 (u_char *) "CRAM-MD5", 8)
|
|
866 == 0)
|
252
|
867 {
|
|
868 s->imap_state = ngx_pop3_auth_cram_md5;
|
|
869
|
|
870 text = ngx_palloc(c->pool,
|
|
871 sizeof("+ " CRLF) - 1
|
|
872 + ngx_base64_encoded_length(s->salt.len));
|
|
873 if (text == NULL) {
|
|
874 ngx_imap_session_internal_server_error(s);
|
|
875 return;
|
|
876 }
|
|
877
|
|
878 text[0] = '+'; text[1]= ' ';
|
|
879 salt.data = &text[2];
|
|
880 s->salt.len -= 2;
|
|
881
|
|
882 ngx_encode_base64(&salt, &s->salt);
|
|
883
|
|
884 s->salt.len += 2;
|
|
885 size = 2 + salt.len;
|
|
886 text[size++] = CR; text[size++] = LF;
|
|
887
|
|
888 break;
|
|
889 }
|
|
890
|
|
891 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
250
|
892 break;
|
|
893
|
76
|
894 case NGX_POP3_QUIT:
|
88
|
895 s->quit = 1;
|
76
|
896 break;
|
|
897
|
|
898 case NGX_POP3_NOOP:
|
|
899 break;
|
|
900
|
132
|
901 #if (NGX_IMAP_SSL)
|
|
902
|
|
903 case NGX_POP3_STLS:
|
|
904 if (c->ssl == NULL) {
|
|
905 sslcf = ngx_imap_get_module_srv_conf(s,
|
|
906 ngx_imap_ssl_module);
|
|
907 if (sslcf->starttls) {
|
|
908 c->read->handler = ngx_imap_starttls_handler;
|
|
909 break;
|
|
910 }
|
|
911 }
|
|
912
|
|
913 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
914 break;
|
|
915 #endif
|
|
916
|
76
|
917 default:
|
|
918 s->imap_state = ngx_pop3_start;
|
|
919 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
920 break;
|
|
921 }
|
|
922
|
|
923 break;
|
|
924
|
|
925 case ngx_pop3_user:
|
|
926
|
|
927 switch (s->command) {
|
|
928
|
|
929 case NGX_POP3_PASS:
|
|
930 if (s->args.nelts == 1) {
|
|
931 arg = s->args.elts;
|
|
932 s->passwd.len = arg[0].len;
|
|
933 s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
|
|
934 if (s->passwd.data == NULL) {
|
|
935 ngx_imap_session_internal_server_error(s);
|
|
936 return;
|
|
937 }
|
|
938
|
|
939 ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len);
|
|
940
|
96
|
941 #if (NGX_DEBUG_IMAP_PASSWD)
|
76
|
942 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
943 "pop3 passwd: \"%V\"", &s->passwd);
|
96
|
944 #endif
|
76
|
945
|
258
|
946 ngx_imap_do_auth(s);
|
76
|
947 return;
|
|
948 }
|
|
949
|
252
|
950 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
76
|
951 break;
|
|
952
|
|
953 case NGX_POP3_CAPA:
|
|
954 cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
|
132
|
955 size = cscf->pop3_capability.len;
|
|
956 text = cscf->pop3_capability.data;
|
76
|
957 break;
|
|
958
|
|
959 case NGX_POP3_QUIT:
|
88
|
960 s->quit = 1;
|
76
|
961 break;
|
|
962
|
|
963 case NGX_POP3_NOOP:
|
|
964 break;
|
|
965
|
|
966 default:
|
|
967 s->imap_state = ngx_pop3_start;
|
|
968 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
969 break;
|
|
970 }
|
|
971
|
|
972 break;
|
|
973
|
|
974 /* suppress warinings */
|
|
975 case ngx_pop3_passwd:
|
|
976 break;
|
252
|
977
|
|
978 case ngx_pop3_auth_login_username:
|
|
979 arg = s->args.elts;
|
|
980 s->imap_state = ngx_pop3_auth_login_password;
|
|
981
|
|
982 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
983 "pop3 auth login username: \"%V\"", &arg[0]);
|
|
984
|
|
985 s->login.data = ngx_palloc(c->pool,
|
|
986 ngx_base64_decoded_length(arg[0].len));
|
|
987 if (s->login.data == NULL){
|
|
988 ngx_imap_session_internal_server_error(s);
|
|
989 return;
|
|
990 }
|
|
991
|
|
992 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
993 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
994 "client sent invalid base64 encoding "
|
|
995 "in AUTH LOGIN command");
|
|
996 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
997 break;
|
|
998 }
|
|
999
|
|
1000 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1001 "pop3 auth login username: \"%V\"", &s->login);
|
|
1002
|
|
1003 size = sizeof(pop3_password) - 1;
|
|
1004 text = pop3_password;
|
|
1005
|
|
1006 break;
|
|
1007
|
|
1008 case ngx_pop3_auth_login_password:
|
|
1009 arg = s->args.elts;
|
|
1010
|
|
1011 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1012 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1013 "pop3 auth login password: \"%V\"", &arg[0]);
|
|
1014 #endif
|
|
1015
|
|
1016 s->passwd.data = ngx_palloc(c->pool,
|
|
1017 ngx_base64_decoded_length(arg[0].len));
|
|
1018 if (s->passwd.data == NULL){
|
|
1019 ngx_imap_session_internal_server_error(s);
|
|
1020 return;
|
|
1021 }
|
|
1022
|
|
1023 if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
|
|
1024 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1025 "client sent invalid base64 encoding "
|
|
1026 "in AUTH LOGIN command");
|
|
1027 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1028 break;
|
|
1029 }
|
|
1030
|
|
1031 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1032 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1033 "pop3 auth login password: \"%V\"", &s->passwd);
|
|
1034 #endif
|
|
1035
|
258
|
1036 ngx_imap_do_auth(s);
|
252
|
1037 return;
|
|
1038
|
|
1039 case ngx_pop3_auth_plain:
|
|
1040 arg = s->args.elts;
|
|
1041
|
262
|
1042 rc = ngx_imap_decode_auth_plain(s, &arg[0]);
|
252
|
1043
|
262
|
1044 if (rc == NGX_OK) {
|
|
1045 ngx_imap_do_auth(s);
|
|
1046 return;
|
|
1047 }
|
|
1048
|
|
1049 if (rc == NGX_ERROR) {
|
252
|
1050 ngx_imap_session_internal_server_error(s);
|
|
1051 return;
|
|
1052 }
|
|
1053
|
262
|
1054 /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
|
252
|
1055
|
262
|
1056 break;
|
252
|
1057
|
|
1058 case ngx_pop3_auth_cram_md5:
|
|
1059 arg = s->args.elts;
|
|
1060
|
|
1061 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1062 "pop3 auth cram-md5: \"%V\"", &arg[0]);
|
|
1063
|
|
1064 s->login.data = ngx_palloc(c->pool,
|
|
1065 ngx_base64_decoded_length(arg[0].len));
|
|
1066 if (s->login.data == NULL){
|
|
1067 ngx_imap_session_internal_server_error(s);
|
|
1068 return;
|
|
1069 }
|
|
1070
|
|
1071 if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
|
|
1072 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1073 "client sent invalid base64 encoding "
|
|
1074 "in AUTH CRAM-MD5 command");
|
|
1075 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1076 break;
|
|
1077 }
|
|
1078
|
|
1079 p = s->login.data;
|
|
1080 last = p + s->login.len;
|
|
1081
|
|
1082 while (p < last) {
|
|
1083 if (*p++ == ' ') {
|
|
1084 s->login.len = p - s->login.data - 1;
|
|
1085 s->passwd.len = last - p;
|
|
1086 s->passwd.data = p;
|
|
1087 break;
|
|
1088 }
|
|
1089 }
|
|
1090
|
|
1091 if (s->passwd.len != 32) {
|
|
1092 ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
|
1093 "client sent invalid CRAM-MD5 hash "
|
|
1094 "in AUTH CRAM-MD5 command");
|
|
1095 rc = NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1096 break;
|
|
1097 }
|
|
1098
|
|
1099 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1100 "pop3 auth cram-md5: \"%V\" \"%V\"",
|
|
1101 &s->login, &s->passwd);
|
|
1102
|
|
1103 s->auth_method = NGX_IMAP_AUTH_CRAM_MD5;
|
|
1104
|
258
|
1105 ngx_imap_do_auth(s);
|
252
|
1106 return;
|
76
|
1107 }
|
|
1108 }
|
|
1109
|
|
1110 if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
|
252
|
1111 s->imap_state = ngx_pop3_start;
|
|
1112 s->state = 0;
|
76
|
1113 text = pop3_invalid_command;
|
|
1114 size = sizeof(pop3_invalid_command) - 1;
|
|
1115 }
|
|
1116
|
|
1117 s->args.nelts = 0;
|
|
1118 s->buffer->pos = s->buffer->start;
|
|
1119 s->buffer->last = s->buffer->start;
|
88
|
1120
|
252
|
1121 if (s->state) {
|
|
1122 s->arg_start = s->buffer->start;
|
|
1123 }
|
|
1124
|
88
|
1125 s->out.data = text;
|
|
1126 s->out.len = size;
|
|
1127
|
|
1128 ngx_imap_send(c->write);
|
76
|
1129 }
|
|
1130
|
|
1131
|
262
|
1132 static ngx_int_t
|
|
1133 ngx_imap_decode_auth_plain(ngx_imap_session_t *s, ngx_str_t *encoded)
|
|
1134 {
|
|
1135 u_char *p, *last;
|
|
1136 ngx_str_t plain;
|
|
1137
|
|
1138 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1139 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
|
|
1140 "pop3 auth plain: \"%V\"", encoded);
|
|
1141 #endif
|
|
1142
|
|
1143 plain.data = ngx_palloc(s->connection->pool,
|
|
1144 ngx_base64_decoded_length(encoded->len));
|
|
1145 if (plain.data == NULL){
|
|
1146 return NGX_ERROR;
|
|
1147 }
|
|
1148
|
|
1149 if (ngx_decode_base64(&plain, encoded) != NGX_OK) {
|
|
1150 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1151 "client sent invalid base64 encoding "
|
|
1152 "in AUTH PLAIN command");
|
|
1153 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1154 }
|
|
1155
|
|
1156 p = plain.data;
|
|
1157 last = p + plain.len;
|
|
1158
|
|
1159 while (p < last && *p++) { /* void */ }
|
|
1160
|
|
1161 if (p == last) {
|
|
1162 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1163 "client sent invalid login in AUTH PLAIN command");
|
|
1164 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1165 }
|
|
1166
|
|
1167 s->login.data = p;
|
|
1168
|
|
1169 while (p < last && *p) { p++; }
|
|
1170
|
|
1171 if (p == last) {
|
|
1172 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1173 "client sent invalid password in AUTH PLAIN command");
|
|
1174 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1175 }
|
|
1176
|
|
1177 s->login.len = p++ - s->login.data;
|
|
1178
|
|
1179 s->passwd.len = last - p;
|
|
1180 s->passwd.data = p;
|
|
1181
|
|
1182 #if (NGX_DEBUG_IMAP_PASSWD)
|
|
1183 ngx_log_debug2(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
|
|
1184 "pop3 auth plain: \"%V\" \"%V\"",
|
|
1185 &s->login, &s->passwd);
|
|
1186 #endif
|
|
1187
|
|
1188 return NGX_OK;
|
|
1189 }
|
|
1190
|
|
1191
|
258
|
1192 static void
|
|
1193 ngx_imap_do_auth(ngx_imap_session_t *s)
|
|
1194 {
|
|
1195 s->args.nelts = 0;
|
|
1196 s->buffer->pos = s->buffer->start;
|
|
1197 s->buffer->last = s->buffer->start;
|
|
1198 s->state = 0;
|
|
1199
|
|
1200 if (s->connection->read->timer_set) {
|
274
|
1201 ngx_del_timer(s->connection->read);
|
258
|
1202 }
|
|
1203
|
|
1204 s->login_attempt++;
|
|
1205
|
|
1206 ngx_imap_auth_http_init(s);
|
|
1207 }
|
|
1208
|
|
1209
|
76
|
1210 static ngx_int_t
|
|
1211 ngx_imap_read_command(ngx_imap_session_t *s)
|
|
1212 {
|
|
1213 ssize_t n;
|
|
1214 ngx_int_t rc;
|
286
|
1215 ngx_str_t l;
|
76
|
1216
|
88
|
1217 n = s->connection->recv(s->connection, s->buffer->last,
|
|
1218 s->buffer->end - s->buffer->last);
|
76
|
1219
|
|
1220 if (n == NGX_ERROR || n == 0) {
|
|
1221 ngx_imap_close_connection(s->connection);
|
|
1222 return NGX_ERROR;
|
|
1223 }
|
|
1224
|
|
1225 if (n > 0) {
|
|
1226 s->buffer->last += n;
|
|
1227 }
|
|
1228
|
|
1229 if (n == NGX_AGAIN) {
|
|
1230 if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) {
|
|
1231 ngx_imap_session_internal_server_error(s);
|
|
1232 return NGX_ERROR;
|
|
1233 }
|
|
1234
|
|
1235 return NGX_AGAIN;
|
|
1236 }
|
|
1237
|
|
1238 if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
|
|
1239 rc = ngx_pop3_parse_command(s);
|
|
1240 } else {
|
|
1241 rc = ngx_imap_parse_command(s);
|
|
1242 }
|
|
1243
|
286
|
1244 if (rc == NGX_AGAIN) {
|
|
1245
|
|
1246 if (s->buffer->last < s->buffer->end) {
|
|
1247 return rc;
|
|
1248 }
|
|
1249
|
|
1250 l.len = s->buffer->last - s->buffer->start;
|
|
1251 l.data = s->buffer->start;
|
|
1252
|
|
1253 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
|
|
1254 "client sent too long command \"%V\"", &l);
|
|
1255
|
|
1256 s->quit = 1;
|
|
1257
|
|
1258 return NGX_IMAP_PARSE_INVALID_COMMAND;
|
|
1259 }
|
|
1260
|
|
1261 if (rc == NGX_IMAP_NEXT || rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
|
76
|
1262 return rc;
|
|
1263 }
|
|
1264
|
|
1265 if (rc == NGX_ERROR) {
|
|
1266 ngx_imap_close_connection(s->connection);
|
|
1267 return NGX_ERROR;
|
|
1268 }
|
|
1269
|
|
1270 return NGX_OK;
|
|
1271 }
|
|
1272
|
|
1273
|
|
1274 void
|
|
1275 ngx_imap_session_internal_server_error(ngx_imap_session_t *s)
|
|
1276 {
|
88
|
1277 s->out = internal_server_errors[s->protocol];
|
|
1278 s->quit = 1;
|
76
|
1279
|
88
|
1280 ngx_imap_send(s->connection->write);
|
76
|
1281 }
|
|
1282
|
|
1283
|
|
1284 void
|
|
1285 ngx_imap_close_connection(ngx_connection_t *c)
|
|
1286 {
|
|
1287 ngx_pool_t *pool;
|
|
1288
|
|
1289 ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
|
|
1290 "close imap connection: %d", c->fd);
|
|
1291
|
88
|
1292 #if (NGX_IMAP_SSL)
|
|
1293
|
|
1294 if (c->ssl) {
|
|
1295 if (ngx_ssl_shutdown(c) == NGX_AGAIN) {
|
126
|
1296 c->ssl->handler = ngx_imap_close_connection;
|
88
|
1297 return;
|
|
1298 }
|
|
1299 }
|
|
1300
|
|
1301 #endif
|
|
1302
|
132
|
1303 c->destroyed = 1;
|
92
|
1304
|
76
|
1305 pool = c->pool;
|
|
1306
|
|
1307 ngx_close_connection(c);
|
|
1308
|
|
1309 ngx_destroy_pool(pool);
|
|
1310 }
|
88
|
1311
|
|
1312
|
90
|
1313 static u_char *
|
|
1314 ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len)
|
|
1315 {
|
116
|
1316 u_char *p;
|
|
1317 ngx_imap_session_t *s;
|
|
1318 ngx_imap_log_ctx_t *ctx;
|
90
|
1319
|
|
1320 if (log->action) {
|
|
1321 p = ngx_snprintf(buf, len, " while %s", log->action);
|
|
1322 len -= p - buf;
|
|
1323 buf = p;
|
|
1324 }
|
126
|
1325
|
90
|
1326 ctx = log->data;
|
|
1327
|
|
1328 p = ngx_snprintf(buf, len, ", client: %V", ctx->client);
|
|
1329 len -= p - buf;
|
|
1330 buf = p;
|
|
1331
|
|
1332 s = ctx->session;
|
|
1333
|
|
1334 if (s == NULL) {
|
|
1335 return p;
|
|
1336 }
|
|
1337
|
190
|
1338 p = ngx_snprintf(buf, len, ", server: %V", s->addr_text);
|
90
|
1339 len -= p - buf;
|
|
1340 buf = p;
|
|
1341
|
|
1342 if (s->login.len == 0) {
|
|
1343 return p;
|
|
1344 }
|
|
1345
|
|
1346 p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login);
|
|
1347 len -= p - buf;
|
|
1348 buf = p;
|
|
1349
|
|
1350 if (s->proxy == NULL) {
|
|
1351 return p;
|
|
1352 }
|
|
1353
|
260
|
1354 p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name);
|
90
|
1355
|
|
1356 return p;
|
|
1357 }
|