comparison src/mail/ngx_mail_smtp_module.c @ 7938:dc955d274130

Mail: connections with wrong ALPN protocols are now rejected. This is a recommended behavior by RFC 7301 and is useful for mitigation of protocol confusion attacks [1]. For POP3 and IMAP protocols IANA-assigned ALPN IDs are used [2]. For the SMTP protocol "smtp" is used. [1] https://alpaca-attack.com/ [2] https://www.iana.org/assignments/tls-extensiontype-values/
author Vladimir Homutov <vl@nginx.com>
date Wed, 20 Oct 2021 09:45:34 +0300
parents f18c285c2e59
children
comparison
equal deleted inserted replaced
7937:db6b630e6086 7938:dc955d274130
37 }; 37 };
38 38
39 39
40 static ngx_mail_protocol_t ngx_mail_smtp_protocol = { 40 static ngx_mail_protocol_t ngx_mail_smtp_protocol = {
41 ngx_string("smtp"), 41 ngx_string("smtp"),
42 ngx_string("\x04smtp"),
42 { 25, 465, 587, 0 }, 43 { 25, 465, 587, 0 },
43 NGX_MAIL_SMTP_PROTOCOL, 44 NGX_MAIL_SMTP_PROTOCOL,
44 45
45 ngx_mail_smtp_init_session, 46 ngx_mail_smtp_init_session,
46 ngx_mail_smtp_init_protocol, 47 ngx_mail_smtp_init_protocol,