Mercurial > hg > nginx
annotate src/mail/ngx_mail_auth_http_module.c @ 9295:c5623963c29e
Upstream: fixed proxy_no_cache when caching errors.
Caching errors, notably intercepted errors and internally generated
502/504 errors, as well as handling of cache revalidation with 304,
did not take into account u->conf->no_cache predicates configured.
As a result, an error might be cached even if configuration explicitly
says not to. Fix is to check u->conf->no_cache in these cases.
To simplify usage in multiple places, checking u->conf->no_cache is now
done in a separate function. As a minor optimization, u->conf->no_cache
is only checked if u->cacheable is set.
As a side effect, this change also fixes caching errors after
proxy_cache_bypass. Also, during cache revalidation u->cacheable is
now tested, so 304 responses which disable caching won't extend
cacheability of stored responses.
Additionally, when caching internally generated 502/504 errors
u->cacheable is now explicitly updated from u->headers_in.no_cache and
u->headers_in.expired, restoring the behaviour before 8041:0784ab86ad08
(1.23.0) when an error happens while reading the response headers.
Reported by Kirill A. Korinsky,
https://freenginx.org/pipermail/nginx/2024-April/000082.html
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 25 Jun 2024 21:44:50 +0300 |
parents | 4538c1ffb0f8 |
children | 03cdd806c0f2 |
rev | line source |
---|---|
521 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
521 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_event.h> | |
11 #include <ngx_event_connect.h> | |
1136 | 12 #include <ngx_mail.h> |
521 | 13 |
14 | |
15 typedef struct { | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
16 ngx_addr_t *peer; |
521 | 17 |
527 | 18 ngx_msec_t timeout; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
19 ngx_flag_t pass_client_cert; |
521 | 20 |
527 | 21 ngx_str_t host_header; |
22 ngx_str_t uri; | |
573 | 23 ngx_str_t header; |
24 | |
25 ngx_array_t *headers; | |
1392 | 26 |
27 u_char *file; | |
28 ngx_uint_t line; | |
1136 | 29 } ngx_mail_auth_http_conf_t; |
521 | 30 |
31 | |
1136 | 32 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; |
527 | 33 |
1136 | 34 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, |
35 ngx_mail_auth_http_ctx_t *ctx); | |
527 | 36 |
1136 | 37 struct ngx_mail_auth_http_ctx_s { |
527 | 38 ngx_buf_t *request; |
39 ngx_buf_t *response; | |
40 ngx_peer_connection_t peer; | |
41 | |
1136 | 42 ngx_mail_auth_http_handler_pt handler; |
527 | 43 |
44 ngx_uint_t state; | |
45 | |
46 u_char *header_name_start; | |
47 u_char *header_name_end; | |
48 u_char *header_start; | |
49 u_char *header_end; | |
50 | |
51 ngx_str_t addr; | |
52 ngx_str_t port; | |
53 ngx_str_t err; | |
567 | 54 ngx_str_t errmsg; |
1136 | 55 ngx_str_t errcode; |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
56 ngx_str_t errsasl; |
527 | 57 |
547 | 58 time_t sleep; |
527 | 59 |
547 | 60 ngx_pool_t *pool; |
527 | 61 }; |
521 | 62 |
63 | |
1136 | 64 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); |
65 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); | |
66 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, | |
67 ngx_mail_auth_http_ctx_t *ctx); | |
68 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, | |
69 ngx_mail_auth_http_ctx_t *ctx); | |
70 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
71 static void ngx_mail_auth_send_error(ngx_mail_session_t *s); |
1136 | 72 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
73 ngx_mail_auth_http_ctx_t *ctx); | |
74 static void ngx_mail_auth_http_block_read(ngx_event_t *rev); | |
75 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); | |
76 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, | |
77 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); | |
78 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, | |
633 | 79 ngx_str_t *escaped); |
521 | 80 |
1136 | 81 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); |
82 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | |
521 | 83 void *child); |
1136 | 84 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
85 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
573 | 86 void *conf); |
521 | 87 |
88 | |
1136 | 89 static ngx_command_t ngx_mail_auth_http_commands[] = { |
521 | 90 |
91 { ngx_string("auth_http"), | |
1136 | 92 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
93 ngx_mail_auth_http, | |
94 NGX_MAIL_SRV_CONF_OFFSET, | |
521 | 95 0, |
96 NULL }, | |
97 | |
98 { ngx_string("auth_http_timeout"), | |
1136 | 99 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
521 | 100 ngx_conf_set_msec_slot, |
1136 | 101 NGX_MAIL_SRV_CONF_OFFSET, |
102 offsetof(ngx_mail_auth_http_conf_t, timeout), | |
521 | 103 NULL }, |
104 | |
573 | 105 { ngx_string("auth_http_header"), |
1136 | 106 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, |
107 ngx_mail_auth_http_header, | |
108 NGX_MAIL_SRV_CONF_OFFSET, | |
573 | 109 0, |
110 NULL }, | |
111 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
112 { ngx_string("auth_http_pass_client_cert"), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
113 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
114 ngx_conf_set_flag_slot, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
115 NGX_MAIL_SRV_CONF_OFFSET, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
116 offsetof(ngx_mail_auth_http_conf_t, pass_client_cert), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
117 NULL }, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
118 |
521 | 119 ngx_null_command |
120 }; | |
121 | |
122 | |
1136 | 123 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
124 NULL, /* protocol */ |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
125 |
521 | 126 NULL, /* create main configuration */ |
127 NULL, /* init main configuration */ | |
128 | |
1136 | 129 ngx_mail_auth_http_create_conf, /* create server configuration */ |
130 ngx_mail_auth_http_merge_conf /* merge server configuration */ | |
521 | 131 }; |
132 | |
133 | |
1136 | 134 ngx_module_t ngx_mail_auth_http_module = { |
521 | 135 NGX_MODULE_V1, |
1136 | 136 &ngx_mail_auth_http_module_ctx, /* module context */ |
137 ngx_mail_auth_http_commands, /* module directives */ | |
138 NGX_MAIL_MODULE, /* module type */ | |
541 | 139 NULL, /* init master */ |
521 | 140 NULL, /* init module */ |
541 | 141 NULL, /* init process */ |
142 NULL, /* init thread */ | |
143 NULL, /* exit thread */ | |
144 NULL, /* exit process */ | |
145 NULL, /* exit master */ | |
146 NGX_MODULE_V1_PADDING | |
521 | 147 }; |
148 | |
149 | |
1136 | 150 static ngx_str_t ngx_mail_auth_http_method[] = { |
151 ngx_string("plain"), | |
809 | 152 ngx_string("plain"), |
2748
2477b28eaccb
fix Auth-Method, the bug has been introduced in r2496
Igor Sysoev <igor@sysoev.ru>
parents:
2388
diff
changeset
|
153 ngx_string("plain"), |
809 | 154 ngx_string("apop"), |
2309 | 155 ngx_string("cram-md5"), |
6774
bcb107bb89cd
Mail: support SASL EXTERNAL (RFC 4422).
Rob N ★ <robn@fastmail.com>
parents:
6597
diff
changeset
|
156 ngx_string("external"), |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
157 ngx_string("xoauth2"), |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
158 ngx_string("oauthbearer"), |
2309 | 159 ngx_string("none") |
800 | 160 }; |
521 | 161 |
1136 | 162 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
521 | 163 |
1477 | 164 |
521 | 165 void |
1136 | 166 ngx_mail_auth_http_init(ngx_mail_session_t *s) |
521 | 167 { |
168 ngx_int_t rc; | |
547 | 169 ngx_pool_t *pool; |
1136 | 170 ngx_mail_auth_http_ctx_t *ctx; |
171 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 172 |
541 | 173 s->connection->log->action = "in http auth state"; |
174 | |
547 | 175 pool = ngx_create_pool(2048, s->connection->log); |
176 if (pool == NULL) { | |
1136 | 177 ngx_mail_session_internal_server_error(s); |
521 | 178 return; |
179 } | |
180 | |
1136 | 181 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); |
547 | 182 if (ctx == NULL) { |
183 ngx_destroy_pool(pool); | |
1136 | 184 ngx_mail_session_internal_server_error(s); |
547 | 185 return; |
186 } | |
187 | |
188 ctx->pool = pool; | |
189 | |
1136 | 190 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 191 |
1136 | 192 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); |
521 | 193 if (ctx->request == NULL) { |
547 | 194 ngx_destroy_pool(ctx->pool); |
1136 | 195 ngx_mail_session_internal_server_error(s); |
521 | 196 return; |
197 } | |
198 | |
1136 | 199 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); |
521 | 200 |
884 | 201 ctx->peer.sockaddr = ahcf->peer->sockaddr; |
202 ctx->peer.socklen = ahcf->peer->socklen; | |
203 ctx->peer.name = &ahcf->peer->name; | |
204 ctx->peer.get = ngx_event_get_peer; | |
521 | 205 ctx->peer.log = s->connection->log; |
206 ctx->peer.log_error = NGX_ERROR_ERR; | |
207 | |
208 rc = ngx_event_connect_peer(&ctx->peer); | |
209 | |
543 | 210 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { |
862
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
211 if (ctx->peer.connection) { |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
212 ngx_close_connection(ctx->peer.connection); |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
213 } |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
214 |
547 | 215 ngx_destroy_pool(ctx->pool); |
1136 | 216 ngx_mail_session_internal_server_error(s); |
521 | 217 return; |
218 } | |
219 | |
220 ctx->peer.connection->data = s; | |
221 ctx->peer.connection->pool = s->connection->pool; | |
222 | |
1136 | 223 s->connection->read->handler = ngx_mail_auth_http_block_read; |
224 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; | |
225 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; | |
521 | 226 |
1136 | 227 ctx->handler = ngx_mail_auth_http_ignore_status_line; |
527 | 228 |
541 | 229 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); |
230 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); | |
231 | |
521 | 232 if (rc == NGX_OK) { |
1136 | 233 ngx_mail_auth_http_write_handler(ctx->peer.connection->write); |
521 | 234 return; |
235 } | |
236 } | |
237 | |
238 | |
239 static void | |
1136 | 240 ngx_mail_auth_http_write_handler(ngx_event_t *wev) |
521 | 241 { |
242 ssize_t n, size; | |
243 ngx_connection_t *c; | |
1136 | 244 ngx_mail_session_t *s; |
245 ngx_mail_auth_http_ctx_t *ctx; | |
246 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 247 |
248 c = wev->data; | |
249 s = c->data; | |
250 | |
1136 | 251 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 252 |
1136 | 253 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, |
254 "mail auth http write handler"); | |
521 | 255 |
577 | 256 if (wev->timedout) { |
521 | 257 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, |
884 | 258 "auth http server %V timed out", ctx->peer.name); |
1478 | 259 ngx_close_connection(c); |
547 | 260 ngx_destroy_pool(ctx->pool); |
1136 | 261 ngx_mail_session_internal_server_error(s); |
521 | 262 return; |
263 } | |
264 | |
265 size = ctx->request->last - ctx->request->pos; | |
266 | |
267 n = ngx_send(c, ctx->request->pos, size); | |
268 | |
269 if (n == NGX_ERROR) { | |
1478 | 270 ngx_close_connection(c); |
547 | 271 ngx_destroy_pool(ctx->pool); |
1136 | 272 ngx_mail_session_internal_server_error(s); |
521 | 273 return; |
274 } | |
275 | |
276 if (n > 0) { | |
277 ctx->request->pos += n; | |
278 | |
279 if (n == size) { | |
1136 | 280 wev->handler = ngx_mail_auth_http_dummy_handler; |
521 | 281 |
282 if (wev->timer_set) { | |
283 ngx_del_timer(wev); | |
284 } | |
285 | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
286 if (ngx_handle_write_event(wev, 0) != NGX_OK) { |
1478 | 287 ngx_close_connection(c); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
288 ngx_destroy_pool(ctx->pool); |
1136 | 289 ngx_mail_session_internal_server_error(s); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
290 } |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
291 |
521 | 292 return; |
293 } | |
294 } | |
295 | |
296 if (!wev->timer_set) { | |
1136 | 297 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 298 ngx_add_timer(wev, ahcf->timeout); |
299 } | |
300 } | |
301 | |
302 | |
303 static void | |
1136 | 304 ngx_mail_auth_http_read_handler(ngx_event_t *rev) |
521 | 305 { |
525 | 306 ssize_t n, size; |
521 | 307 ngx_connection_t *c; |
1136 | 308 ngx_mail_session_t *s; |
309 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 310 |
311 c = rev->data; | |
312 s = c->data; | |
313 | |
1136 | 314 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
315 "mail auth http read handler"); | |
521 | 316 |
1136 | 317 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
525 | 318 |
577 | 319 if (rev->timedout) { |
525 | 320 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, |
884 | 321 "auth http server %V timed out", ctx->peer.name); |
1478 | 322 ngx_close_connection(c); |
547 | 323 ngx_destroy_pool(ctx->pool); |
1136 | 324 ngx_mail_session_internal_server_error(s); |
525 | 325 return; |
326 } | |
327 | |
328 if (ctx->response == NULL) { | |
547 | 329 ctx->response = ngx_create_temp_buf(ctx->pool, 1024); |
525 | 330 if (ctx->response == NULL) { |
1478 | 331 ngx_close_connection(c); |
547 | 332 ngx_destroy_pool(ctx->pool); |
1136 | 333 ngx_mail_session_internal_server_error(s); |
525 | 334 return; |
335 } | |
336 } | |
337 | |
527 | 338 size = ctx->response->end - ctx->response->last; |
525 | 339 |
340 n = ngx_recv(c, ctx->response->pos, size); | |
341 | |
527 | 342 if (n > 0) { |
343 ctx->response->last += n; | |
344 | |
345 ctx->handler(s, ctx); | |
346 return; | |
347 } | |
348 | |
349 if (n == NGX_AGAIN) { | |
525 | 350 return; |
351 } | |
352 | |
1478 | 353 ngx_close_connection(c); |
547 | 354 ngx_destroy_pool(ctx->pool); |
1136 | 355 ngx_mail_session_internal_server_error(s); |
527 | 356 } |
525 | 357 |
358 | |
527 | 359 static void |
1136 | 360 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, |
361 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 362 { |
363 u_char *p, ch; | |
364 enum { | |
365 sw_start = 0, | |
366 sw_H, | |
367 sw_HT, | |
368 sw_HTT, | |
369 sw_HTTP, | |
370 sw_skip, | |
371 sw_almost_done | |
372 } state; | |
373 | |
1136 | 374 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
375 "mail auth http process status line"); | |
527 | 376 |
377 state = ctx->state; | |
378 | |
379 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
380 ch = *p; | |
381 | |
382 switch (state) { | |
383 | |
384 /* "HTTP/" */ | |
385 case sw_start: | |
386 if (ch == 'H') { | |
387 state = sw_H; | |
388 break; | |
389 } | |
390 goto next; | |
391 | |
392 case sw_H: | |
393 if (ch == 'T') { | |
394 state = sw_HT; | |
395 break; | |
396 } | |
397 goto next; | |
398 | |
399 case sw_HT: | |
400 if (ch == 'T') { | |
401 state = sw_HTT; | |
402 break; | |
403 } | |
404 goto next; | |
405 | |
406 case sw_HTT: | |
407 if (ch == 'P') { | |
408 state = sw_HTTP; | |
409 break; | |
410 } | |
411 goto next; | |
412 | |
413 case sw_HTTP: | |
414 if (ch == '/') { | |
415 state = sw_skip; | |
416 break; | |
417 } | |
418 goto next; | |
419 | |
420 /* any text until end of line */ | |
421 case sw_skip: | |
422 switch (ch) { | |
423 case CR: | |
424 state = sw_almost_done; | |
425 | |
426 break; | |
577 | 427 case LF: |
527 | 428 goto done; |
429 } | |
430 break; | |
431 | |
432 /* end of status line */ | |
433 case sw_almost_done: | |
434 if (ch == LF) { | |
435 goto done; | |
436 } | |
437 | |
438 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
6480 | 439 "auth http server %V sent invalid response", |
884 | 440 ctx->peer.name); |
527 | 441 ngx_close_connection(ctx->peer.connection); |
547 | 442 ngx_destroy_pool(ctx->pool); |
1136 | 443 ngx_mail_session_internal_server_error(s); |
527 | 444 return; |
445 } | |
446 } | |
447 | |
448 ctx->response->pos = p; | |
449 ctx->state = state; | |
450 | |
451 return; | |
452 | |
453 next: | |
454 | |
455 p = ctx->response->start - 1; | |
456 | |
457 done: | |
458 | |
459 ctx->response->pos = p + 1; | |
460 ctx->state = 0; | |
1136 | 461 ctx->handler = ngx_mail_auth_http_process_headers; |
527 | 462 ctx->handler(s, ctx); |
463 } | |
525 | 464 |
465 | |
527 | 466 static void |
1136 | 467 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, |
468 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 469 { |
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
470 u_char *p; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
471 time_t timer; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
472 size_t len, size; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
473 ngx_int_t rc, port, n; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
474 ngx_addr_t *peer; |
525 | 475 |
1136 | 476 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
477 "mail auth http process headers"); | |
527 | 478 |
479 for ( ;; ) { | |
1136 | 480 rc = ngx_mail_auth_http_parse_header_line(s, ctx); |
527 | 481 |
482 if (rc == NGX_OK) { | |
483 | |
484 #if (NGX_DEBUG) | |
485 { | |
486 ngx_str_t key, value; | |
487 | |
488 key.len = ctx->header_name_end - ctx->header_name_start; | |
489 key.data = ctx->header_name_start; | |
490 value.len = ctx->header_end - ctx->header_start; | |
491 value.data = ctx->header_start; | |
492 | |
1136 | 493 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
494 "mail auth http header: \"%V: %V\"", | |
527 | 495 &key, &value); |
496 } | |
497 #endif | |
498 | |
499 len = ctx->header_name_end - ctx->header_name_start; | |
500 | |
501 if (len == sizeof("Auth-Status") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
502 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
503 (u_char *) "Auth-Status", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
504 sizeof("Auth-Status") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
505 == 0) |
527 | 506 { |
507 len = ctx->header_end - ctx->header_start; | |
508 | |
509 if (len == 2 | |
510 && ctx->header_start[0] == 'O' | |
511 && ctx->header_start[1] == 'K') | |
512 { | |
513 continue; | |
514 } | |
515 | |
883 | 516 if (len == 4 |
517 && ctx->header_start[0] == 'W' | |
518 && ctx->header_start[1] == 'A' | |
519 && ctx->header_start[2] == 'I' | |
520 && ctx->header_start[3] == 'T') | |
521 { | |
522 s->auth_wait = 1; | |
523 continue; | |
524 } | |
525 | |
567 | 526 ctx->errmsg.len = len; |
527 ctx->errmsg.data = ctx->header_start; | |
528 | |
1136 | 529 switch (s->protocol) { |
530 | |
531 case NGX_MAIL_POP3_PROTOCOL: | |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
532 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; |
1136 | 533 break; |
527 | 534 |
1136 | 535 case NGX_MAIL_IMAP_PROTOCOL: |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
536 size = s->tag.len + sizeof("NO ") - 1 + len |
527 | 537 + sizeof(CRLF) - 1; |
1136 | 538 break; |
539 | |
540 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
541 ctx->err = ctx->errmsg; | |
542 continue; | |
527 | 543 } |
544 | |
2061
b0a1c84725cf
change useless ngx_pcalloc() to ngx_pnalloc()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
545 p = ngx_pnalloc(s->connection->pool, size); |
527 | 546 if (p == NULL) { |
543 | 547 ngx_close_connection(ctx->peer.connection); |
547 | 548 ngx_destroy_pool(ctx->pool); |
1136 | 549 ngx_mail_session_internal_server_error(s); |
527 | 550 return; |
551 } | |
552 | |
553 ctx->err.data = p; | |
554 | |
1136 | 555 switch (s->protocol) { |
527 | 556 |
1136 | 557 case NGX_MAIL_POP3_PROTOCOL: |
558 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; | |
559 break; | |
560 | |
561 case NGX_MAIL_IMAP_PROTOCOL: | |
527 | 562 p = ngx_cpymem(p, s->tag.data, s->tag.len); |
1136 | 563 *p++ = 'N'; *p++ = 'O'; *p++ = ' '; |
564 break; | |
565 | |
566 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
567 break; | |
527 | 568 } |
569 | |
570 p = ngx_cpymem(p, ctx->header_start, len); | |
571 *p++ = CR; *p++ = LF; | |
572 | |
573 ctx->err.len = p - ctx->err.data; | |
574 | |
575 continue; | |
576 } | |
577 | |
578 if (len == sizeof("Auth-Server") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
579 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
580 (u_char *) "Auth-Server", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
581 sizeof("Auth-Server") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
582 == 0) |
527 | 583 { |
584 ctx->addr.len = ctx->header_end - ctx->header_start; | |
585 ctx->addr.data = ctx->header_start; | |
586 | |
587 continue; | |
588 } | |
589 | |
590 if (len == sizeof("Auth-Port") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
591 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
592 (u_char *) "Auth-Port", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
593 sizeof("Auth-Port") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
594 == 0) |
527 | 595 { |
596 ctx->port.len = ctx->header_end - ctx->header_start; | |
597 ctx->port.data = ctx->header_start; | |
598 | |
599 continue; | |
600 } | |
601 | |
602 if (len == sizeof("Auth-User") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
603 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
604 (u_char *) "Auth-User", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
605 sizeof("Auth-User") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
606 == 0) |
527 | 607 { |
608 s->login.len = ctx->header_end - ctx->header_start; | |
567 | 609 |
2049 | 610 s->login.data = ngx_pnalloc(s->connection->pool, s->login.len); |
567 | 611 if (s->login.data == NULL) { |
612 ngx_close_connection(ctx->peer.connection); | |
613 ngx_destroy_pool(ctx->pool); | |
1136 | 614 ngx_mail_session_internal_server_error(s); |
567 | 615 return; |
616 } | |
617 | |
618 ngx_memcpy(s->login.data, ctx->header_start, s->login.len); | |
527 | 619 |
620 continue; | |
621 } | |
622 | |
800 | 623 if (len == sizeof("Auth-Pass") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
624 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
625 (u_char *) "Auth-Pass", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
626 sizeof("Auth-Pass") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
627 == 0) |
800 | 628 { |
629 s->passwd.len = ctx->header_end - ctx->header_start; | |
630 | |
2049 | 631 s->passwd.data = ngx_pnalloc(s->connection->pool, |
632 s->passwd.len); | |
800 | 633 if (s->passwd.data == NULL) { |
634 ngx_close_connection(ctx->peer.connection); | |
635 ngx_destroy_pool(ctx->pool); | |
1136 | 636 ngx_mail_session_internal_server_error(s); |
800 | 637 return; |
638 } | |
639 | |
640 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); | |
641 | |
642 continue; | |
643 } | |
644 | |
527 | 645 if (len == sizeof("Auth-Wait") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
646 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
647 (u_char *) "Auth-Wait", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
648 sizeof("Auth-Wait") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
649 == 0) |
527 | 650 { |
651 n = ngx_atoi(ctx->header_start, | |
652 ctx->header_end - ctx->header_start); | |
653 | |
654 if (n != NGX_ERROR) { | |
655 ctx->sleep = n; | |
656 } | |
657 | |
658 continue; | |
659 } | |
660 | |
1136 | 661 if (len == sizeof("Auth-Error-Code") - 1 |
662 && ngx_strncasecmp(ctx->header_name_start, | |
663 (u_char *) "Auth-Error-Code", | |
664 sizeof("Auth-Error-Code") - 1) | |
665 == 0) | |
666 { | |
667 ctx->errcode.len = ctx->header_end - ctx->header_start; | |
668 | |
2049 | 669 ctx->errcode.data = ngx_pnalloc(s->connection->pool, |
670 ctx->errcode.len); | |
1136 | 671 if (ctx->errcode.data == NULL) { |
672 ngx_close_connection(ctx->peer.connection); | |
673 ngx_destroy_pool(ctx->pool); | |
674 ngx_mail_session_internal_server_error(s); | |
675 return; | |
676 } | |
677 | |
678 ngx_memcpy(ctx->errcode.data, ctx->header_start, | |
679 ctx->errcode.len); | |
680 | |
681 continue; | |
682 } | |
683 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
684 if (len == sizeof("Auth-Error-SASL") - 1 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
685 && ngx_strncasecmp(ctx->header_name_start, |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
686 (u_char *) "Auth-Error-SASL", |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
687 sizeof("Auth-Error-SASL") - 1) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
688 == 0) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
689 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
690 if (s->auth_method != NGX_MAIL_AUTH_XOAUTH2 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
691 && s->auth_method != NGX_MAIL_AUTH_OAUTHBEARER) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
692 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
693 continue; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
694 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
695 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
696 len = ctx->header_end - ctx->header_start; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
697 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
698 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
699 size = len + sizeof("334 " CRLF) - 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
700 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
701 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
702 size = len + sizeof("+ " CRLF) - 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
703 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
704 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
705 p = ngx_pnalloc(s->connection->pool, size); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
706 if (p == NULL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
707 ngx_close_connection(ctx->peer.connection); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
708 ngx_destroy_pool(ctx->pool); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
709 ngx_mail_session_internal_server_error(s); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
710 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
711 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
712 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
713 ctx->errsasl.len = size; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
714 ctx->errsasl.data = p; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
715 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
716 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
717 *p++ = '3'; *p++ = '3'; *p++ = '4'; *p++ = ' '; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
718 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
719 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
720 *p++ = '+'; *p++ = ' '; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
721 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
722 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
723 p = ngx_cpymem(p, ctx->header_start, len); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
724 *p++ = CR; *p = LF; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
725 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
726 continue; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
727 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
728 |
527 | 729 /* ignore other headers */ |
730 | |
731 continue; | |
732 } | |
733 | |
734 if (rc == NGX_DONE) { | |
1136 | 735 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
736 "mail auth http header done"); | |
527 | 737 |
738 ngx_close_connection(ctx->peer.connection); | |
739 | |
740 if (ctx->err.len) { | |
1136 | 741 |
567 | 742 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, |
743 "client login failed: \"%V\"", &ctx->errmsg); | |
744 | |
1136 | 745 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
746 | |
747 if (ctx->errcode.len == 0) { | |
748 ctx->errcode = ngx_mail_smtp_errcode; | |
749 } | |
750 | |
751 ctx->err.len = ctx->errcode.len + ctx->errmsg.len | |
752 + sizeof(" " CRLF) - 1; | |
753 | |
2049 | 754 p = ngx_pnalloc(s->connection->pool, ctx->err.len); |
1166 | 755 if (p == NULL) { |
756 ngx_destroy_pool(ctx->pool); | |
757 ngx_mail_session_internal_server_error(s); | |
758 return; | |
759 } | |
1136 | 760 |
1166 | 761 ctx->err.data = p; |
1136 | 762 |
1166 | 763 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); |
1136 | 764 *p++ = ' '; |
1166 | 765 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); |
1136 | 766 *p++ = CR; *p = LF; |
767 } | |
768 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
769 s->out = ctx->errsasl; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
770 s->auth_err = ctx->err; |
547 | 771 timer = ctx->sleep; |
527 | 772 |
547 | 773 ngx_destroy_pool(ctx->pool); |
774 | |
775 if (timer == 0) { | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
776 s->auth_quit = 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
777 ngx_mail_auth_send_error(s); |
541 | 778 return; |
779 } | |
539 | 780 |
1640 | 781 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
527 | 782 |
1136 | 783 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
527 | 784 |
785 return; | |
786 } | |
787 | |
883 | 788 if (s->auth_wait) { |
789 timer = ctx->sleep; | |
790 | |
791 ngx_destroy_pool(ctx->pool); | |
792 | |
793 if (timer == 0) { | |
1136 | 794 ngx_mail_auth_http_init(s); |
883 | 795 return; |
796 } | |
797 | |
1640 | 798 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
883 | 799 |
1136 | 800 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
883 | 801 |
802 return; | |
803 } | |
804 | |
527 | 805 if (ctx->addr.len == 0 || ctx->port.len == 0) { |
806 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 807 "auth http server %V did not send server or port", |
884 | 808 ctx->peer.name); |
547 | 809 ngx_destroy_pool(ctx->pool); |
1136 | 810 ngx_mail_session_internal_server_error(s); |
527 | 811 return; |
812 } | |
813 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
814 if (s->passwd.data == NULL |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
815 && s->protocol != NGX_MAIL_SMTP_PROTOCOL) |
1136 | 816 { |
800 | 817 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
818 "auth http server %V did not send password", | |
884 | 819 ctx->peer.name); |
800 | 820 ngx_destroy_pool(ctx->pool); |
1136 | 821 ngx_mail_session_internal_server_error(s); |
800 | 822 return; |
823 } | |
824 | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
825 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_addr_t)); |
884 | 826 if (peer == NULL) { |
547 | 827 ngx_destroy_pool(ctx->pool); |
1136 | 828 ngx_mail_session_internal_server_error(s); |
527 | 829 return; |
830 } | |
831 | |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
832 rc = ngx_parse_addr(s->connection->pool, peer, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
833 ctx->addr.data, ctx->addr.len); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
834 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
835 switch (rc) { |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
836 case NGX_OK: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
837 break; |
2855
a96a8c916b0c
mail proxy listen IPv6 support
Igor Sysoev <igor@sysoev.ru>
parents:
2748
diff
changeset
|
838 |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
839 case NGX_DECLINED: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
840 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
841 "auth http server %V sent invalid server " |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
842 "address:\"%V\"", |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
843 ctx->peer.name, &ctx->addr); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
844 /* fall through */ |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
845 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
846 default: |
547 | 847 ngx_destroy_pool(ctx->pool); |
1136 | 848 ngx_mail_session_internal_server_error(s); |
527 | 849 return; |
850 } | |
851 | |
852 port = ngx_atoi(ctx->port.data, ctx->port.len); | |
4227 | 853 if (port == NGX_ERROR || port < 1 || port > 65535) { |
527 | 854 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
541 | 855 "auth http server %V sent invalid server " |
856 "port:\"%V\"", | |
884 | 857 ctx->peer.name, &ctx->port); |
547 | 858 ngx_destroy_pool(ctx->pool); |
1136 | 859 ngx_mail_session_internal_server_error(s); |
527 | 860 return; |
861 } | |
862 | |
6597 | 863 ngx_inet_set_port(peer->sockaddr, (in_port_t) port); |
527 | 864 |
865 len = ctx->addr.len + 1 + ctx->port.len; | |
866 | |
884 | 867 peer->name.len = len; |
527 | 868 |
2049 | 869 peer->name.data = ngx_pnalloc(s->connection->pool, len); |
884 | 870 if (peer->name.data == NULL) { |
547 | 871 ngx_destroy_pool(ctx->pool); |
1136 | 872 ngx_mail_session_internal_server_error(s); |
527 | 873 return; |
874 } | |
875 | |
876 len = ctx->addr.len; | |
877 | |
884 | 878 ngx_memcpy(peer->name.data, ctx->addr.data, len); |
527 | 879 |
884 | 880 peer->name.data[len++] = ':'; |
527 | 881 |
884 | 882 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); |
527 | 883 |
547 | 884 ngx_destroy_pool(ctx->pool); |
1136 | 885 ngx_mail_proxy_init(s, peer); |
527 | 886 |
887 return; | |
888 } | |
889 | |
890 if (rc == NGX_AGAIN ) { | |
891 return; | |
892 } | |
893 | |
894 /* rc == NGX_ERROR */ | |
895 | |
896 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 897 "auth http server %V sent invalid header in response", |
884 | 898 ctx->peer.name); |
527 | 899 ngx_close_connection(ctx->peer.connection); |
547 | 900 ngx_destroy_pool(ctx->pool); |
1136 | 901 ngx_mail_session_internal_server_error(s); |
527 | 902 |
903 return; | |
904 } | |
905 } | |
906 | |
521 | 907 |
527 | 908 static void |
1136 | 909 ngx_mail_auth_sleep_handler(ngx_event_t *rev) |
527 | 910 { |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
911 ngx_connection_t *c; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
912 ngx_mail_session_t *s; |
527 | 913 |
1136 | 914 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); |
527 | 915 |
916 c = rev->data; | |
917 s = c->data; | |
918 | |
919 if (rev->timedout) { | |
920 | |
921 rev->timedout = 0; | |
922 | |
883 | 923 if (s->auth_wait) { |
924 s->auth_wait = 0; | |
1136 | 925 ngx_mail_auth_http_init(s); |
883 | 926 return; |
927 } | |
928 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
929 ngx_mail_auth_send_error(s); |
527 | 930 return; |
931 } | |
932 | |
933 if (rev->active) { | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
934 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
1477 | 935 ngx_mail_close_connection(c); |
527 | 936 } |
937 } | |
938 } | |
939 | |
940 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
941 static void |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
942 ngx_mail_auth_send_error(ngx_mail_session_t *s) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
943 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
944 ngx_event_t *rev; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
945 ngx_connection_t *c; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
946 ngx_mail_core_srv_conf_t *cscf; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
947 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
948 c = s->connection; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
949 rev = c->read; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
950 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
951 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
952 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
953 rev->handler = cscf->protocol->auth_state; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
954 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
955 s->auth_method = NGX_MAIL_AUTH_PLAIN; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
956 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
957 c->log->action = "in auth state"; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
958 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
959 if (s->out.len == 0) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
960 s->out = s->auth_err; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
961 s->quit = s->auth_quit; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
962 ngx_str_null(&s->auth_err); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
963 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
964 s->state = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
965 s->mail_state = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
966 s->tag.len = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
967 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
968 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
969 s->auth_err.len -= s->tag.len; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
970 s->auth_err.data += s->tag.len; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
971 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
972 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
973 ngx_mail_send(c->write); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
974 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
975 if (c->destroyed) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
976 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
977 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
978 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
979 ngx_add_timer(rev, cscf->timeout); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
980 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
981 if (rev->ready) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
982 rev->handler(rev); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
983 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
984 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
985 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
986 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
987 ngx_mail_close_connection(c); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
988 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
989 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
990 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
991 |
527 | 992 static ngx_int_t |
1136 | 993 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
994 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 995 { |
996 u_char c, ch, *p; | |
997 enum { | |
998 sw_start = 0, | |
999 sw_name, | |
1000 sw_space_before_value, | |
1001 sw_value, | |
1002 sw_space_after_value, | |
577 | 1003 sw_almost_done, |
527 | 1004 sw_header_almost_done |
1005 } state; | |
1006 | |
577 | 1007 state = ctx->state; |
527 | 1008 |
1009 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
1010 ch = *p; | |
1011 | |
1012 switch (state) { | |
1013 | |
1014 /* first char */ | |
1015 case sw_start: | |
1016 | |
1017 switch (ch) { | |
1018 case CR: | |
577 | 1019 ctx->header_end = p; |
527 | 1020 state = sw_header_almost_done; |
1021 break; | |
577 | 1022 case LF: |
527 | 1023 ctx->header_end = p; |
1024 goto header_done; | |
1025 default: | |
1026 state = sw_name; | |
1027 ctx->header_name_start = p; | |
1028 | |
1029 c = (u_char) (ch | 0x20); | |
1030 if (c >= 'a' && c <= 'z') { | |
1031 break; | |
1032 } | |
1033 | |
1034 if (ch >= '0' && ch <= '9') { | |
1035 break; | |
1036 } | |
1037 | |
1038 return NGX_ERROR; | |
1039 } | |
1040 break; | |
1041 | |
1042 /* header name */ | |
1043 case sw_name: | |
1044 c = (u_char) (ch | 0x20); | |
1045 if (c >= 'a' && c <= 'z') { | |
1046 break; | |
1047 } | |
1048 | |
1049 if (ch == ':') { | |
1050 ctx->header_name_end = p; | |
1051 state = sw_space_before_value; | |
1052 break; | |
1053 } | |
1054 | |
1055 if (ch == '-') { | |
1056 break; | |
1057 } | |
1058 | |
1059 if (ch >= '0' && ch <= '9') { | |
1060 break; | |
1061 } | |
1062 | |
1063 if (ch == CR) { | |
1064 ctx->header_name_end = p; | |
1065 ctx->header_start = p; | |
1066 ctx->header_end = p; | |
1067 state = sw_almost_done; | |
1068 break; | |
1069 } | |
1070 | |
1071 if (ch == LF) { | |
1072 ctx->header_name_end = p; | |
1073 ctx->header_start = p; | |
1074 ctx->header_end = p; | |
1075 goto done; | |
1076 } | |
1077 | |
1078 return NGX_ERROR; | |
1079 | |
1080 /* space* before header value */ | |
1081 case sw_space_before_value: | |
1082 switch (ch) { | |
1083 case ' ': | |
1084 break; | |
1085 case CR: | |
1086 ctx->header_start = p; | |
1087 ctx->header_end = p; | |
1088 state = sw_almost_done; | |
1089 break; | |
1090 case LF: | |
1091 ctx->header_start = p; | |
1092 ctx->header_end = p; | |
1093 goto done; | |
1094 default: | |
1095 ctx->header_start = p; | |
1096 state = sw_value; | |
1097 break; | |
1098 } | |
1099 break; | |
1100 | |
1101 /* header value */ | |
1102 case sw_value: | |
1103 switch (ch) { | |
1104 case ' ': | |
1105 ctx->header_end = p; | |
1106 state = sw_space_after_value; | |
1107 break; | |
1108 case CR: | |
1109 ctx->header_end = p; | |
1110 state = sw_almost_done; | |
1111 break; | |
1112 case LF: | |
1113 ctx->header_end = p; | |
1114 goto done; | |
1115 } | |
1116 break; | |
1117 | |
1118 /* space* before end of header line */ | |
1119 case sw_space_after_value: | |
1120 switch (ch) { | |
1121 case ' ': | |
1122 break; | |
1123 case CR: | |
1124 state = sw_almost_done; | |
1125 break; | |
1126 case LF: | |
1127 goto done; | |
1128 default: | |
1129 state = sw_value; | |
1130 break; | |
1131 } | |
1132 break; | |
1133 | |
1134 /* end of header line */ | |
1135 case sw_almost_done: | |
1136 switch (ch) { | |
1137 case LF: | |
1138 goto done; | |
1139 default: | |
1140 return NGX_ERROR; | |
1141 } | |
1142 | |
1143 /* end of header */ | |
1144 case sw_header_almost_done: | |
1145 switch (ch) { | |
1146 case LF: | |
1147 goto header_done; | |
1148 default: | |
1149 return NGX_ERROR; | |
1150 } | |
1151 } | |
1152 } | |
1153 | |
1154 ctx->response->pos = p; | |
1155 ctx->state = state; | |
1156 | |
1157 return NGX_AGAIN; | |
1158 | |
1159 done: | |
1160 | |
1161 ctx->response->pos = p + 1; | |
1162 ctx->state = sw_start; | |
1163 | |
1164 return NGX_OK; | |
1165 | |
1166 header_done: | |
1167 | |
1168 ctx->response->pos = p + 1; | |
1169 ctx->state = sw_start; | |
1170 | |
1171 return NGX_DONE; | |
521 | 1172 } |
1173 | |
1174 | |
1175 static void | |
1136 | 1176 ngx_mail_auth_http_block_read(ngx_event_t *rev) |
521 | 1177 { |
1178 ngx_connection_t *c; | |
1136 | 1179 ngx_mail_session_t *s; |
1180 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 1181 |
1136 | 1182 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
1183 "mail auth http block read"); | |
521 | 1184 |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
1185 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
521 | 1186 c = rev->data; |
1187 s = c->data; | |
1188 | |
1136 | 1189 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 1190 |
525 | 1191 ngx_close_connection(ctx->peer.connection); |
547 | 1192 ngx_destroy_pool(ctx->pool); |
1136 | 1193 ngx_mail_session_internal_server_error(s); |
521 | 1194 } |
1195 } | |
1196 | |
1197 | |
1198 static void | |
1136 | 1199 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) |
521 | 1200 { |
1136 | 1201 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, |
1202 "mail auth http dummy handler"); | |
521 | 1203 } |
1204 | |
1205 | |
1206 static ngx_buf_t * | |
1136 | 1207 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, |
1208 ngx_mail_auth_http_conf_t *ahcf) | |
521 | 1209 { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1210 size_t len; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1211 ngx_buf_t *b; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1212 ngx_str_t login, passwd; |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1213 ngx_connection_t *c; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1214 #if (NGX_MAIL_SSL) |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1215 ngx_str_t protocol, cipher, verify, subject, issuer, |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1216 serial, fingerprint, raw_cert, cert; |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1217 ngx_mail_ssl_conf_t *sslcf; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1218 #endif |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1219 ngx_mail_core_srv_conf_t *cscf; |
633 | 1220 |
1136 | 1221 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { |
633 | 1222 return NULL; |
1223 } | |
1224 | |
1136 | 1225 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { |
633 | 1226 return NULL; |
1227 } | |
521 | 1228 |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1229 c = s->connection; |
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1230 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1231 #if (NGX_MAIL_SSL) |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1232 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1233 if (c->ssl) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1234 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1235 if (ngx_ssl_get_protocol(c, pool, &protocol) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1236 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1237 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1238 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1239 protocol.len = ngx_strlen(protocol.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1240 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1241 if (ngx_ssl_get_cipher_name(c, pool, &cipher) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1242 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1243 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1244 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1245 cipher.len = ngx_strlen(cipher.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1246 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1247 } else { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1248 ngx_str_null(&protocol); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1249 ngx_str_null(&cipher); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1250 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1251 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1252 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1253 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1254 if (c->ssl && sslcf->verify) { |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1255 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1256 /* certificate details */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1257 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1258 if (ngx_ssl_get_client_verify(c, pool, &verify) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1259 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1260 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1261 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1262 if (ngx_ssl_get_subject_dn(c, pool, &subject) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1263 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1264 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1265 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1266 if (ngx_ssl_get_issuer_dn(c, pool, &issuer) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1267 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1268 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1269 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1270 if (ngx_ssl_get_serial_number(c, pool, &serial) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1271 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1272 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1273 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1274 if (ngx_ssl_get_fingerprint(c, pool, &fingerprint) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1275 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1276 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1277 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1278 if (ahcf->pass_client_cert) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1279 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1280 /* certificate itself, if configured */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1281 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1282 if (ngx_ssl_get_raw_certificate(c, pool, &raw_cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1283 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1284 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1285 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1286 if (ngx_mail_auth_http_escape(pool, &raw_cert, &cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1287 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1288 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1289 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1290 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1291 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1292 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1293 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1294 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1295 ngx_str_null(&verify); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1296 ngx_str_null(&subject); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1297 ngx_str_null(&issuer); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1298 ngx_str_null(&serial); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1299 ngx_str_null(&fingerprint); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1300 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1301 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1302 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1303 #endif |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1304 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1305 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1306 |
521 | 1307 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 |
1308 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 | |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1309 + sizeof("Auth-Method: ") - 1 |
1136 | 1310 + ngx_mail_auth_http_method[s->auth_method].len |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1311 + sizeof(CRLF) - 1 |
633 | 1312 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 |
1313 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 | |
800 | 1314 + sizeof("Auth-Salt: ") - 1 + s->salt.len |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1315 + sizeof("Auth-Protocol: ") - 1 + cscf->protocol->name.len |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1316 + sizeof(CRLF) - 1 |
527 | 1317 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1318 + sizeof(CRLF) - 1 | |
521 | 1319 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1320 + sizeof(CRLF) - 1 | |
2309 | 1321 + sizeof("Client-Host: ") - 1 + s->host.len + sizeof(CRLF) - 1 |
1285
0c10dc6a8e74
fix memory allocation for auth_http_header
Igor Sysoev <igor@sysoev.ru>
parents:
1166
diff
changeset
|
1322 + ahcf->header.len |
521 | 1323 + sizeof(CRLF) - 1; |
1324 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1325 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1326 len += sizeof("Proxy-Protocol-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1327 + c->proxy_protocol->src_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1328 + sizeof("Proxy-Protocol-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1329 + sizeof("65535") - 1 + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1330 + sizeof("Proxy-Protocol-Server-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1331 + c->proxy_protocol->dst_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1332 + sizeof("Proxy-Protocol-Server-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1333 + sizeof("65535") - 1 + sizeof(CRLF) - 1; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1334 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1335 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1336 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1337 len += sizeof("Auth-SMTP-Helo: ") - 1 + s->smtp_helo.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1338 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1339 + sizeof("Auth-SMTP-From: ") - 1 + s->smtp_from.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1340 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1341 + sizeof("Auth-SMTP-To: ") - 1 + s->smtp_to.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1342 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1343 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1344 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1345 #if (NGX_MAIL_SSL) |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1346 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1347 if (c->ssl) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1348 len += sizeof("Auth-SSL: on" CRLF) - 1 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1349 + sizeof("Auth-SSL-Protocol: ") - 1 + protocol.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1350 + sizeof(CRLF) - 1 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1351 + sizeof("Auth-SSL-Cipher: ") - 1 + cipher.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1352 + sizeof(CRLF) - 1 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1353 + sizeof("Auth-SSL-Verify: ") - 1 + verify.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1354 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1355 + sizeof("Auth-SSL-Subject: ") - 1 + subject.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1356 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1357 + sizeof("Auth-SSL-Issuer: ") - 1 + issuer.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1358 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1359 + sizeof("Auth-SSL-Serial: ") - 1 + serial.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1360 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1361 + sizeof("Auth-SSL-Fingerprint: ") - 1 + fingerprint.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1362 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1363 + sizeof("Auth-SSL-Cert: ") - 1 + cert.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1364 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1365 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1366 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1367 #endif |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1368 |
547 | 1369 b = ngx_create_temp_buf(pool, len); |
521 | 1370 if (b == NULL) { |
1371 return NULL; | |
1372 } | |
1373 | |
1374 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | |
573 | 1375 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
521 | 1376 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
1377 sizeof(" HTTP/1.0" CRLF) - 1); | |
1378 | |
1379 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | |
573 | 1380 b->last = ngx_copy(b->last, ahcf->host_header.data, |
521 | 1381 ahcf->host_header.len); |
1382 *b->last++ = CR; *b->last++ = LF; | |
1383 | |
800 | 1384 b->last = ngx_cpymem(b->last, "Auth-Method: ", |
1385 sizeof("Auth-Method: ") - 1); | |
1386 b->last = ngx_cpymem(b->last, | |
1136 | 1387 ngx_mail_auth_http_method[s->auth_method].data, |
1388 ngx_mail_auth_http_method[s->auth_method].len); | |
800 | 1389 *b->last++ = CR; *b->last++ = LF; |
521 | 1390 |
1391 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | |
633 | 1392 b->last = ngx_copy(b->last, login.data, login.len); |
521 | 1393 *b->last++ = CR; *b->last++ = LF; |
1394 | |
1395 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | |
633 | 1396 b->last = ngx_copy(b->last, passwd.data, passwd.len); |
521 | 1397 *b->last++ = CR; *b->last++ = LF; |
1398 | |
1136 | 1399 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { |
800 | 1400 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); |
1401 b->last = ngx_copy(b->last, s->salt.data, s->salt.len); | |
1402 | |
1403 s->passwd.data = NULL; | |
1404 } | |
1405 | |
521 | 1406 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1407 sizeof("Auth-Protocol: ") - 1); | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1408 b->last = ngx_cpymem(b->last, cscf->protocol->name.data, |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1409 cscf->protocol->name.len); |
521 | 1410 *b->last++ = CR; *b->last++ = LF; |
1411 | |
527 | 1412 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1413 s->login_attempt); | |
1414 | |
521 | 1415 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
573 | 1416 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
2309 | 1417 s->connection->addr_text.len); |
521 | 1418 *b->last++ = CR; *b->last++ = LF; |
1419 | |
2309 | 1420 if (s->host.len) { |
1421 b->last = ngx_cpymem(b->last, "Client-Host: ", | |
1422 sizeof("Client-Host: ") - 1); | |
1423 b->last = ngx_copy(b->last, s->host.data, s->host.len); | |
1424 *b->last++ = CR; *b->last++ = LF; | |
1425 } | |
1426 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1427 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1428 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1429 sizeof("Proxy-Protocol-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1430 b->last = ngx_copy(b->last, c->proxy_protocol->src_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1431 c->proxy_protocol->src_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1432 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1433 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1434 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1435 c->proxy_protocol->src_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1436 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1437 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Server-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1438 sizeof("Proxy-Protocol-Server-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1439 b->last = ngx_copy(b->last, c->proxy_protocol->dst_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1440 c->proxy_protocol->dst_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1441 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1442 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1443 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Server-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1444 c->proxy_protocol->dst_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1445 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1446 |
2309 | 1447 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
1448 | |
1449 /* HELO, MAIL FROM, and RCPT TO can't contain CRLF, no need to escape */ | |
1450 | |
1451 b->last = ngx_cpymem(b->last, "Auth-SMTP-Helo: ", | |
1452 sizeof("Auth-SMTP-Helo: ") - 1); | |
1453 b->last = ngx_copy(b->last, s->smtp_helo.data, s->smtp_helo.len); | |
1454 *b->last++ = CR; *b->last++ = LF; | |
1455 | |
1456 b->last = ngx_cpymem(b->last, "Auth-SMTP-From: ", | |
1457 sizeof("Auth-SMTP-From: ") - 1); | |
1458 b->last = ngx_copy(b->last, s->smtp_from.data, s->smtp_from.len); | |
1459 *b->last++ = CR; *b->last++ = LF; | |
1460 | |
1461 b->last = ngx_cpymem(b->last, "Auth-SMTP-To: ", | |
1462 sizeof("Auth-SMTP-To: ") - 1); | |
1463 b->last = ngx_copy(b->last, s->smtp_to.data, s->smtp_to.len); | |
1464 *b->last++ = CR; *b->last++ = LF; | |
1465 | |
1466 } | |
1467 | |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1468 #if (NGX_MAIL_SSL) |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1469 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1470 if (c->ssl) { |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1471 b->last = ngx_cpymem(b->last, "Auth-SSL: on" CRLF, |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1472 sizeof("Auth-SSL: on" CRLF) - 1); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1473 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1474 if (protocol.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1475 b->last = ngx_cpymem(b->last, "Auth-SSL-Protocol: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1476 sizeof("Auth-SSL-Protocol: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1477 b->last = ngx_copy(b->last, protocol.data, protocol.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1478 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1479 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1480 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1481 if (cipher.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1482 b->last = ngx_cpymem(b->last, "Auth-SSL-Cipher: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1483 sizeof("Auth-SSL-Cipher: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1484 b->last = ngx_copy(b->last, cipher.data, cipher.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1485 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1486 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1487 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1488 if (verify.len) { |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1489 b->last = ngx_cpymem(b->last, "Auth-SSL-Verify: ", |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1490 sizeof("Auth-SSL-Verify: ") - 1); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1491 b->last = ngx_copy(b->last, verify.data, verify.len); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1492 *b->last++ = CR; *b->last++ = LF; |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1493 } |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1494 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1495 if (subject.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1496 b->last = ngx_cpymem(b->last, "Auth-SSL-Subject: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1497 sizeof("Auth-SSL-Subject: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1498 b->last = ngx_copy(b->last, subject.data, subject.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1499 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1500 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1501 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1502 if (issuer.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1503 b->last = ngx_cpymem(b->last, "Auth-SSL-Issuer: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1504 sizeof("Auth-SSL-Issuer: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1505 b->last = ngx_copy(b->last, issuer.data, issuer.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1506 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1507 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1508 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1509 if (serial.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1510 b->last = ngx_cpymem(b->last, "Auth-SSL-Serial: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1511 sizeof("Auth-SSL-Serial: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1512 b->last = ngx_copy(b->last, serial.data, serial.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1513 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1514 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1515 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1516 if (fingerprint.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1517 b->last = ngx_cpymem(b->last, "Auth-SSL-Fingerprint: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1518 sizeof("Auth-SSL-Fingerprint: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1519 b->last = ngx_copy(b->last, fingerprint.data, fingerprint.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1520 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1521 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1522 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1523 if (cert.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1524 b->last = ngx_cpymem(b->last, "Auth-SSL-Cert: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1525 sizeof("Auth-SSL-Cert: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1526 b->last = ngx_copy(b->last, cert.data, cert.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1527 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1528 } |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1529 } |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1530 |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1531 #endif |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1532 |
573 | 1533 if (ahcf->header.len) { |
1534 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1535 } | |
1536 | |
521 | 1537 /* add "\r\n" at the header end */ |
1538 *b->last++ = CR; *b->last++ = LF; | |
1539 | |
1136 | 1540 #if (NGX_DEBUG_MAIL_PASSWD) |
6001
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1541 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1542 "mail auth http header:%N\"%*s\"", |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1543 (size_t) (b->last - b->pos), b->pos); |
521 | 1544 #endif |
1545 | |
1546 return b; | |
1547 } | |
1548 | |
1549 | |
633 | 1550 static ngx_int_t |
1136 | 1551 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) |
633 | 1552 { |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1553 u_char *p; |
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1554 uintptr_t n; |
633 | 1555 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1556 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1557 |
1558 if (n == 0) { | |
1559 *escaped = *text; | |
1560 return NGX_OK; | |
1561 } | |
1562 | |
1563 escaped->len = text->len + n * 2; | |
1564 | |
2049 | 1565 p = ngx_pnalloc(pool, escaped->len); |
633 | 1566 if (p == NULL) { |
1567 return NGX_ERROR; | |
1568 } | |
1569 | |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1570 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1571 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1572 escaped->data = p; |
633 | 1573 |
1574 return NGX_OK; | |
1575 } | |
1576 | |
1577 | |
521 | 1578 static void * |
1136 | 1579 ngx_mail_auth_http_create_conf(ngx_conf_t *cf) |
577 | 1580 { |
1136 | 1581 ngx_mail_auth_http_conf_t *ahcf; |
577 | 1582 |
1136 | 1583 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); |
521 | 1584 if (ahcf == NULL) { |
2912
c7d57b539248
return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents:
2855
diff
changeset
|
1585 return NULL; |
521 | 1586 } |
1587 | |
1588 ahcf->timeout = NGX_CONF_UNSET_MSEC; | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1589 ahcf->pass_client_cert = NGX_CONF_UNSET; |
521 | 1590 |
1392 | 1591 ahcf->file = cf->conf_file->file.name.data; |
1592 ahcf->line = cf->conf_file->line; | |
1593 | |
521 | 1594 return ahcf; |
1595 } | |
1596 | |
1597 | |
1598 static char * | |
1136 | 1599 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
521 | 1600 { |
1136 | 1601 ngx_mail_auth_http_conf_t *prev = parent; |
1602 ngx_mail_auth_http_conf_t *conf = child; | |
521 | 1603 |
573 | 1604 u_char *p; |
1605 size_t len; | |
1606 ngx_uint_t i; | |
1607 ngx_table_elt_t *header; | |
1608 | |
884 | 1609 if (conf->peer == NULL) { |
1610 conf->peer = prev->peer; | |
521 | 1611 conf->host_header = prev->host_header; |
1612 conf->uri = prev->uri; | |
1392 | 1613 |
1614 if (conf->peer == NULL) { | |
1615 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4812
785ae4de268b
Corrected the directive name in the ngx_mail_auth_http_module error message.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
1616 "no \"auth_http\" is defined for server in %s:%ui", |
1392 | 1617 conf->file, conf->line); |
1618 | |
1619 return NGX_CONF_ERROR; | |
1620 } | |
521 | 1621 } |
1622 | |
1623 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | |
1624 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1625 ngx_conf_merge_value(conf->pass_client_cert, prev->pass_client_cert, 0); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1626 |
573 | 1627 if (conf->headers == NULL) { |
1628 conf->headers = prev->headers; | |
1629 conf->header = prev->header; | |
1630 } | |
1631 | |
1632 if (conf->headers && conf->header.len == 0) { | |
1633 len = 0; | |
1634 header = conf->headers->elts; | |
1635 for (i = 0; i < conf->headers->nelts; i++) { | |
1636 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1637 } | |
1638 | |
2049 | 1639 p = ngx_pnalloc(cf->pool, len); |
573 | 1640 if (p == NULL) { |
1641 return NGX_CONF_ERROR; | |
1642 } | |
1643 | |
1644 conf->header.len = len; | |
1645 conf->header.data = p; | |
1646 | |
1647 for (i = 0; i < conf->headers->nelts; i++) { | |
1648 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1649 *p++ = ':'; *p++ = ' '; | |
1650 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1651 *p++ = CR; *p++ = LF; | |
1652 } | |
1653 } | |
1654 | |
521 | 1655 return NGX_CONF_OK; |
1656 } | |
1657 | |
1658 | |
1659 static char * | |
1136 | 1660 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1661 { |
1136 | 1662 ngx_mail_auth_http_conf_t *ahcf = conf; |
521 | 1663 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1664 ngx_str_t *value; |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1665 ngx_url_t u; |
573 | 1666 |
521 | 1667 value = cf->args->elts; |
1668 | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1669 ngx_memzero(&u, sizeof(ngx_url_t)); |
521 | 1670 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1671 u.url = value[1]; |
906 | 1672 u.default_port = 80; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1673 u.uri_part = 1; |
577 | 1674 |
1391
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1675 if (ngx_strncmp(u.url.data, "http://", 7) == 0) { |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1676 u.url.len -= 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1677 u.url.data += 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1678 } |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1679 |
1559
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
1487
diff
changeset
|
1680 if (ngx_parse_url(cf->pool, &u) != NGX_OK) { |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1681 if (u.err) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1682 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1683 "%s in auth_http \"%V\"", u.err, &u.url); |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1684 } |
1390 | 1685 |
1686 return NGX_CONF_ERROR; | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1687 } |
521 | 1688 |
884 | 1689 ahcf->peer = u.addrs; |
521 | 1690 |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1691 if (u.family != AF_UNIX) { |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1692 ahcf->host_header = u.host; |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1693 |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1694 } else { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1695 ngx_str_set(&ahcf->host_header, "localhost"); |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1696 } |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1697 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1698 ahcf->uri = u.uri; |
521 | 1699 |
559 | 1700 if (ahcf->uri.len == 0) { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1701 ngx_str_set(&ahcf->uri, "/"); |
555 | 1702 } |
1703 | |
521 | 1704 return NGX_CONF_OK; |
1705 } | |
573 | 1706 |
1707 | |
1708 static char * | |
1136 | 1709 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1710 { |
1136 | 1711 ngx_mail_auth_http_conf_t *ahcf = conf; |
573 | 1712 |
1713 ngx_str_t *value; | |
1714 ngx_table_elt_t *header; | |
1715 | |
1716 if (ahcf->headers == NULL) { | |
1717 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1718 if (ahcf->headers == NULL) { | |
1719 return NGX_CONF_ERROR; | |
1720 } | |
1721 } | |
1722 | |
1723 header = ngx_array_push(ahcf->headers); | |
1724 if (header == NULL) { | |
1725 return NGX_CONF_ERROR; | |
1726 } | |
1727 | |
1728 value = cf->args->elts; | |
1729 | |
1730 header->key = value[1]; | |
1731 header->value = value[2]; | |
1732 | |
1733 return NGX_CONF_OK; | |
1734 } |