Mercurial > hg > nginx
comparison src/mail/ngx_mail_smtp_module.c @ 7938:dc955d274130
Mail: connections with wrong ALPN protocols are now rejected.
This is a recommended behavior by RFC 7301 and is useful
for mitigation of protocol confusion attacks [1].
For POP3 and IMAP protocols IANA-assigned ALPN IDs are used [2].
For the SMTP protocol "smtp" is used.
[1] https://alpaca-attack.com/
[2] https://www.iana.org/assignments/tls-extensiontype-values/
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 20 Oct 2021 09:45:34 +0300 |
parents | f18c285c2e59 |
children |
comparison
equal
deleted
inserted
replaced
7937:db6b630e6086 | 7938:dc955d274130 |
---|---|
37 }; | 37 }; |
38 | 38 |
39 | 39 |
40 static ngx_mail_protocol_t ngx_mail_smtp_protocol = { | 40 static ngx_mail_protocol_t ngx_mail_smtp_protocol = { |
41 ngx_string("smtp"), | 41 ngx_string("smtp"), |
42 ngx_string("\x04smtp"), | |
42 { 25, 465, 587, 0 }, | 43 { 25, 465, 587, 0 }, |
43 NGX_MAIL_SMTP_PROTOCOL, | 44 NGX_MAIL_SMTP_PROTOCOL, |
44 | 45 |
45 ngx_mail_smtp_init_session, | 46 ngx_mail_smtp_init_session, |
46 ngx_mail_smtp_init_protocol, | 47 ngx_mail_smtp_init_protocol, |