Mercurial > hg > nginx

diff src/mail/ngx_mail_core_module.c @ 9236:d9a52ebb9b00

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Mail: max_commands directive. The directive specifies the maximum number of commands allowed during authentication, after which the connection is closed. The default limit is 1000, which is not expected to affect any well-behaving clients, since authentication usually requires at most several commands, though will effectively stop malicious clients from flooding the server with with commands.
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 30 Mar 2024 05:05:53 +0300
parents 2af1287d2da7
children
line wrap: on
line diff
--- a/src/mail/ngx_mail_core_module.c
+++ b/src/mail/ngx_mail_core_module.c
@@ -92,6 +92,13 @@ static ngx_command_t  ngx_mail_core_comm
       offsetof(ngx_mail_core_srv_conf_t, max_errors),
       NULL },
 
+    { ngx_string("max_commands"),
+      NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
+      ngx_conf_set_num_slot,
+      NGX_MAIL_SRV_CONF_OFFSET,
+      offsetof(ngx_mail_core_srv_conf_t, max_commands),
+      NULL },
+
       ngx_null_command
 };
 
@@ -171,6 +178,7 @@ ngx_mail_core_create_srv_conf(ngx_conf_t
     cscf->resolver_timeout = NGX_CONF_UNSET_MSEC;
 
     cscf->max_errors = NGX_CONF_UNSET_UINT;
+    cscf->max_commands = NGX_CONF_UNSET_UINT;
 
     cscf->resolver = NGX_CONF_UNSET_PTR;
 
@@ -192,6 +200,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t 
                               30000);
 
     ngx_conf_merge_uint_value(conf->max_errors, prev->max_errors, 5);
+    ngx_conf_merge_uint_value(conf->max_commands, prev->max_commands, 1000);
 
     ngx_conf_merge_str_value(conf->server_name, prev->server_name, "");