Mercurial > hg > nginx

diff src/mail/ngx_mail.h @ 7938:dc955d274130

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Mail: connections with wrong ALPN protocols are now rejected. This is a recommended behavior by RFC 7301 and is useful for mitigation of protocol confusion attacks [1]. For POP3 and IMAP protocols IANA-assigned ALPN IDs are used [2]. For the SMTP protocol "smtp" is used. [1] https://alpaca-attack.com/ [2] https://www.iana.org/assignments/tls-extensiontype-values/
author Vladimir Homutov <vl@nginx.com>
date Wed, 20 Oct 2021 09:45:34 +0300
parents ec1071830799
children d9a52ebb9b00
line wrap: on
line diff
--- a/src/mail/ngx_mail.h
+++ b/src/mail/ngx_mail.h
@@ -324,6 +324,7 @@ typedef ngx_int_t (*ngx_mail_parse_comma
 
 struct ngx_mail_protocol_s {
     ngx_str_t                   name;
+    ngx_str_t                   alpn;
     in_port_t                   port[4];
     ngx_uint_t                  type;