Mercurial > hg > nginx
comparison src/mail/ngx_mail.h @ 7938:dc955d274130
Mail: connections with wrong ALPN protocols are now rejected.
This is a recommended behavior by RFC 7301 and is useful
for mitigation of protocol confusion attacks [1].
For POP3 and IMAP protocols IANA-assigned ALPN IDs are used [2].
For the SMTP protocol "smtp" is used.
[1] https://alpaca-attack.com/
[2] https://www.iana.org/assignments/tls-extensiontype-values/
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 20 Oct 2021 09:45:34 +0300 |
| parents | ec1071830799 |
| children | d9a52ebb9b00 |
comparison
equal
deleted
inserted
replaced
| 7937:db6b630e6086 | 7938:dc955d274130 |
|---|---|
| 322 typedef ngx_int_t (*ngx_mail_parse_command_pt)(ngx_mail_session_t *s); | 322 typedef ngx_int_t (*ngx_mail_parse_command_pt)(ngx_mail_session_t *s); |
| 323 | 323 |
| 324 | 324 |
| 325 struct ngx_mail_protocol_s { | 325 struct ngx_mail_protocol_s { |
| 326 ngx_str_t name; | 326 ngx_str_t name; |
| 327 ngx_str_t alpn; | |
| 327 in_port_t port[4]; | 328 in_port_t port[4]; |
| 328 ngx_uint_t type; | 329 ngx_uint_t type; |
| 329 | 330 |
| 330 ngx_mail_init_session_pt init_session; | 331 ngx_mail_init_session_pt init_session; |
| 331 ngx_mail_init_protocol_pt init_protocol; | 332 ngx_mail_init_protocol_pt init_protocol; |