Mercurial > hg > nginx
comparison src/mail/ngx_mail.h @ 7938:dc955d274130
Mail: connections with wrong ALPN protocols are now rejected.
This is a recommended behavior by RFC 7301 and is useful
for mitigation of protocol confusion attacks [1].
For POP3 and IMAP protocols IANA-assigned ALPN IDs are used [2].
For the SMTP protocol "smtp" is used.
[1] https://alpaca-attack.com/
[2] https://www.iana.org/assignments/tls-extensiontype-values/
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 20 Oct 2021 09:45:34 +0300 |
parents | ec1071830799 |
children | d9a52ebb9b00 |
comparison
equal
deleted
inserted
replaced
7937:db6b630e6086 | 7938:dc955d274130 |
---|---|
322 typedef ngx_int_t (*ngx_mail_parse_command_pt)(ngx_mail_session_t *s); | 322 typedef ngx_int_t (*ngx_mail_parse_command_pt)(ngx_mail_session_t *s); |
323 | 323 |
324 | 324 |
325 struct ngx_mail_protocol_s { | 325 struct ngx_mail_protocol_s { |
326 ngx_str_t name; | 326 ngx_str_t name; |
327 ngx_str_t alpn; | |
327 in_port_t port[4]; | 328 in_port_t port[4]; |
328 ngx_uint_t type; | 329 ngx_uint_t type; |
329 | 330 |
330 ngx_mail_init_session_pt init_session; | 331 ngx_mail_init_session_pt init_session; |
331 ngx_mail_init_protocol_pt init_protocol; | 332 ngx_mail_init_protocol_pt init_protocol; |