Mercurial > hg > nginx
annotate src/mail/ngx_mail_auth_http_module.c @ 2329:435b689b61ea stable-0.6
r2315 merge:
fix compression pointer for big (>255) DNS responses
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Thu, 20 Nov 2008 17:24:16 +0000 |
parents | 02a22cd5282a |
children | 2a92804f4109 62c95a6b143b |
rev | line source |
---|---|
521 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4 */ | |
5 | |
6 | |
7 #include <ngx_config.h> | |
8 #include <ngx_core.h> | |
9 #include <ngx_event.h> | |
10 #include <ngx_event_connect.h> | |
1136 | 11 #include <ngx_mail.h> |
521 | 12 |
13 | |
14 typedef struct { | |
884 | 15 ngx_peer_addr_t *peer; |
521 | 16 |
527 | 17 ngx_msec_t timeout; |
521 | 18 |
527 | 19 ngx_str_t host_header; |
20 ngx_str_t uri; | |
573 | 21 ngx_str_t header; |
22 | |
23 ngx_array_t *headers; | |
1392 | 24 |
25 u_char *file; | |
26 ngx_uint_t line; | |
1136 | 27 } ngx_mail_auth_http_conf_t; |
521 | 28 |
29 | |
1136 | 30 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; |
527 | 31 |
1136 | 32 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, |
33 ngx_mail_auth_http_ctx_t *ctx); | |
527 | 34 |
1136 | 35 struct ngx_mail_auth_http_ctx_s { |
527 | 36 ngx_buf_t *request; |
37 ngx_buf_t *response; | |
38 ngx_peer_connection_t peer; | |
39 | |
1136 | 40 ngx_mail_auth_http_handler_pt handler; |
527 | 41 |
42 ngx_uint_t state; | |
43 ngx_uint_t hash; /* no needed ? */ | |
44 | |
45 u_char *header_name_start; | |
46 u_char *header_name_end; | |
47 u_char *header_start; | |
48 u_char *header_end; | |
49 | |
50 ngx_str_t addr; | |
51 ngx_str_t port; | |
52 ngx_str_t err; | |
567 | 53 ngx_str_t errmsg; |
1136 | 54 ngx_str_t errcode; |
527 | 55 |
547 | 56 time_t sleep; |
527 | 57 |
547 | 58 ngx_pool_t *pool; |
527 | 59 }; |
521 | 60 |
61 | |
1136 | 62 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); |
63 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); | |
64 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, | |
65 ngx_mail_auth_http_ctx_t *ctx); | |
66 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, | |
67 ngx_mail_auth_http_ctx_t *ctx); | |
68 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); | |
69 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, | |
70 ngx_mail_auth_http_ctx_t *ctx); | |
71 static void ngx_mail_auth_http_block_read(ngx_event_t *rev); | |
72 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); | |
73 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, | |
74 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); | |
75 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, | |
633 | 76 ngx_str_t *escaped); |
521 | 77 |
1136 | 78 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); |
79 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | |
521 | 80 void *child); |
1136 | 81 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
82 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
573 | 83 void *conf); |
521 | 84 |
85 | |
1136 | 86 static ngx_command_t ngx_mail_auth_http_commands[] = { |
521 | 87 |
88 { ngx_string("auth_http"), | |
1136 | 89 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
90 ngx_mail_auth_http, | |
91 NGX_MAIL_SRV_CONF_OFFSET, | |
521 | 92 0, |
93 NULL }, | |
94 | |
95 { ngx_string("auth_http_timeout"), | |
1136 | 96 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
521 | 97 ngx_conf_set_msec_slot, |
1136 | 98 NGX_MAIL_SRV_CONF_OFFSET, |
99 offsetof(ngx_mail_auth_http_conf_t, timeout), | |
521 | 100 NULL }, |
101 | |
573 | 102 { ngx_string("auth_http_header"), |
1136 | 103 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, |
104 ngx_mail_auth_http_header, | |
105 NGX_MAIL_SRV_CONF_OFFSET, | |
573 | 106 0, |
107 NULL }, | |
108 | |
521 | 109 ngx_null_command |
110 }; | |
111 | |
112 | |
1136 | 113 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
114 NULL, /* protocol */ |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
115 |
521 | 116 NULL, /* create main configuration */ |
117 NULL, /* init main configuration */ | |
118 | |
1136 | 119 ngx_mail_auth_http_create_conf, /* create server configuration */ |
120 ngx_mail_auth_http_merge_conf /* merge server configuration */ | |
521 | 121 }; |
122 | |
123 | |
1136 | 124 ngx_module_t ngx_mail_auth_http_module = { |
521 | 125 NGX_MODULE_V1, |
1136 | 126 &ngx_mail_auth_http_module_ctx, /* module context */ |
127 ngx_mail_auth_http_commands, /* module directives */ | |
128 NGX_MAIL_MODULE, /* module type */ | |
541 | 129 NULL, /* init master */ |
521 | 130 NULL, /* init module */ |
541 | 131 NULL, /* init process */ |
132 NULL, /* init thread */ | |
133 NULL, /* exit thread */ | |
134 NULL, /* exit process */ | |
135 NULL, /* exit master */ | |
136 NGX_MODULE_V1_PADDING | |
521 | 137 }; |
138 | |
139 | |
1136 | 140 static ngx_str_t ngx_mail_auth_http_method[] = { |
141 ngx_string("plain"), | |
809 | 142 ngx_string("plain"), |
143 ngx_string("apop"), | |
144 ngx_string("cram-md5") | |
800 | 145 }; |
521 | 146 |
1136 | 147 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
521 | 148 |
1477 | 149 |
521 | 150 void |
1136 | 151 ngx_mail_auth_http_init(ngx_mail_session_t *s) |
521 | 152 { |
153 ngx_int_t rc; | |
547 | 154 ngx_pool_t *pool; |
1136 | 155 ngx_mail_auth_http_ctx_t *ctx; |
156 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 157 |
541 | 158 s->connection->log->action = "in http auth state"; |
159 | |
547 | 160 pool = ngx_create_pool(2048, s->connection->log); |
161 if (pool == NULL) { | |
1136 | 162 ngx_mail_session_internal_server_error(s); |
521 | 163 return; |
164 } | |
165 | |
1136 | 166 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); |
547 | 167 if (ctx == NULL) { |
168 ngx_destroy_pool(pool); | |
1136 | 169 ngx_mail_session_internal_server_error(s); |
547 | 170 return; |
171 } | |
172 | |
173 ctx->pool = pool; | |
174 | |
1136 | 175 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 176 |
1136 | 177 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); |
521 | 178 if (ctx->request == NULL) { |
547 | 179 ngx_destroy_pool(ctx->pool); |
1136 | 180 ngx_mail_session_internal_server_error(s); |
521 | 181 return; |
182 } | |
183 | |
1136 | 184 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); |
521 | 185 |
884 | 186 ctx->peer.sockaddr = ahcf->peer->sockaddr; |
187 ctx->peer.socklen = ahcf->peer->socklen; | |
188 ctx->peer.name = &ahcf->peer->name; | |
189 ctx->peer.get = ngx_event_get_peer; | |
521 | 190 ctx->peer.log = s->connection->log; |
191 ctx->peer.log_error = NGX_ERROR_ERR; | |
192 | |
193 rc = ngx_event_connect_peer(&ctx->peer); | |
194 | |
543 | 195 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { |
862
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
196 if (ctx->peer.connection) { |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
197 ngx_close_connection(ctx->peer.connection); |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
198 } |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
199 |
547 | 200 ngx_destroy_pool(ctx->pool); |
1136 | 201 ngx_mail_session_internal_server_error(s); |
521 | 202 return; |
203 } | |
204 | |
205 ctx->peer.connection->data = s; | |
206 ctx->peer.connection->pool = s->connection->pool; | |
207 | |
1136 | 208 s->connection->read->handler = ngx_mail_auth_http_block_read; |
209 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; | |
210 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; | |
521 | 211 |
1136 | 212 ctx->handler = ngx_mail_auth_http_ignore_status_line; |
527 | 213 |
541 | 214 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); |
215 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); | |
216 | |
521 | 217 if (rc == NGX_OK) { |
1136 | 218 ngx_mail_auth_http_write_handler(ctx->peer.connection->write); |
521 | 219 return; |
220 } | |
221 } | |
222 | |
223 | |
224 static void | |
1136 | 225 ngx_mail_auth_http_write_handler(ngx_event_t *wev) |
521 | 226 { |
227 ssize_t n, size; | |
228 ngx_connection_t *c; | |
1136 | 229 ngx_mail_session_t *s; |
230 ngx_mail_auth_http_ctx_t *ctx; | |
231 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 232 |
233 c = wev->data; | |
234 s = c->data; | |
235 | |
1136 | 236 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 237 |
1136 | 238 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, |
239 "mail auth http write handler"); | |
521 | 240 |
577 | 241 if (wev->timedout) { |
521 | 242 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, |
884 | 243 "auth http server %V timed out", ctx->peer.name); |
1478 | 244 ngx_close_connection(c); |
547 | 245 ngx_destroy_pool(ctx->pool); |
1136 | 246 ngx_mail_session_internal_server_error(s); |
521 | 247 return; |
248 } | |
249 | |
250 size = ctx->request->last - ctx->request->pos; | |
251 | |
252 n = ngx_send(c, ctx->request->pos, size); | |
253 | |
254 if (n == NGX_ERROR) { | |
1478 | 255 ngx_close_connection(c); |
547 | 256 ngx_destroy_pool(ctx->pool); |
1136 | 257 ngx_mail_session_internal_server_error(s); |
521 | 258 return; |
259 } | |
260 | |
261 if (n > 0) { | |
262 ctx->request->pos += n; | |
263 | |
264 if (n == size) { | |
1136 | 265 wev->handler = ngx_mail_auth_http_dummy_handler; |
521 | 266 |
267 if (wev->timer_set) { | |
268 ngx_del_timer(wev); | |
269 } | |
270 | |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
271 if (ngx_handle_write_event(wev, 0) == NGX_ERROR) { |
1478 | 272 ngx_close_connection(c); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
273 ngx_destroy_pool(ctx->pool); |
1136 | 274 ngx_mail_session_internal_server_error(s); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
275 } |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
276 |
521 | 277 return; |
278 } | |
279 } | |
280 | |
281 if (!wev->timer_set) { | |
1136 | 282 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 283 ngx_add_timer(wev, ahcf->timeout); |
284 } | |
285 } | |
286 | |
287 | |
288 static void | |
1136 | 289 ngx_mail_auth_http_read_handler(ngx_event_t *rev) |
521 | 290 { |
525 | 291 ssize_t n, size; |
521 | 292 ngx_connection_t *c; |
1136 | 293 ngx_mail_session_t *s; |
294 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 295 |
296 c = rev->data; | |
297 s = c->data; | |
298 | |
1136 | 299 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
300 "mail auth http read handler"); | |
521 | 301 |
1136 | 302 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
525 | 303 |
577 | 304 if (rev->timedout) { |
525 | 305 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, |
884 | 306 "auth http server %V timed out", ctx->peer.name); |
1478 | 307 ngx_close_connection(c); |
547 | 308 ngx_destroy_pool(ctx->pool); |
1136 | 309 ngx_mail_session_internal_server_error(s); |
525 | 310 return; |
311 } | |
312 | |
313 if (ctx->response == NULL) { | |
547 | 314 ctx->response = ngx_create_temp_buf(ctx->pool, 1024); |
525 | 315 if (ctx->response == NULL) { |
1478 | 316 ngx_close_connection(c); |
547 | 317 ngx_destroy_pool(ctx->pool); |
1136 | 318 ngx_mail_session_internal_server_error(s); |
525 | 319 return; |
320 } | |
321 } | |
322 | |
527 | 323 size = ctx->response->end - ctx->response->last; |
525 | 324 |
325 n = ngx_recv(c, ctx->response->pos, size); | |
326 | |
527 | 327 if (n > 0) { |
328 ctx->response->last += n; | |
329 | |
330 ctx->handler(s, ctx); | |
331 return; | |
332 } | |
333 | |
334 if (n == NGX_AGAIN) { | |
525 | 335 return; |
336 } | |
337 | |
1478 | 338 ngx_close_connection(c); |
547 | 339 ngx_destroy_pool(ctx->pool); |
1136 | 340 ngx_mail_session_internal_server_error(s); |
527 | 341 } |
525 | 342 |
343 | |
527 | 344 static void |
1136 | 345 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, |
346 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 347 { |
348 u_char *p, ch; | |
349 enum { | |
350 sw_start = 0, | |
351 sw_H, | |
352 sw_HT, | |
353 sw_HTT, | |
354 sw_HTTP, | |
355 sw_skip, | |
356 sw_almost_done | |
357 } state; | |
358 | |
1136 | 359 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
360 "mail auth http process status line"); | |
527 | 361 |
362 state = ctx->state; | |
363 | |
364 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
365 ch = *p; | |
366 | |
367 switch (state) { | |
368 | |
369 /* "HTTP/" */ | |
370 case sw_start: | |
371 if (ch == 'H') { | |
372 state = sw_H; | |
373 break; | |
374 } | |
375 goto next; | |
376 | |
377 case sw_H: | |
378 if (ch == 'T') { | |
379 state = sw_HT; | |
380 break; | |
381 } | |
382 goto next; | |
383 | |
384 case sw_HT: | |
385 if (ch == 'T') { | |
386 state = sw_HTT; | |
387 break; | |
388 } | |
389 goto next; | |
390 | |
391 case sw_HTT: | |
392 if (ch == 'P') { | |
393 state = sw_HTTP; | |
394 break; | |
395 } | |
396 goto next; | |
397 | |
398 case sw_HTTP: | |
399 if (ch == '/') { | |
400 state = sw_skip; | |
401 break; | |
402 } | |
403 goto next; | |
404 | |
405 /* any text until end of line */ | |
406 case sw_skip: | |
407 switch (ch) { | |
408 case CR: | |
409 state = sw_almost_done; | |
410 | |
411 break; | |
577 | 412 case LF: |
527 | 413 goto done; |
414 } | |
415 break; | |
416 | |
417 /* end of status line */ | |
418 case sw_almost_done: | |
419 if (ch == LF) { | |
420 goto done; | |
421 } | |
422 | |
423 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 424 "auth http server &V sent invalid response", |
884 | 425 ctx->peer.name); |
527 | 426 ngx_close_connection(ctx->peer.connection); |
547 | 427 ngx_destroy_pool(ctx->pool); |
1136 | 428 ngx_mail_session_internal_server_error(s); |
527 | 429 return; |
430 } | |
431 } | |
432 | |
433 ctx->response->pos = p; | |
434 ctx->state = state; | |
435 | |
436 return; | |
437 | |
438 next: | |
439 | |
440 p = ctx->response->start - 1; | |
441 | |
442 done: | |
443 | |
444 ctx->response->pos = p + 1; | |
445 ctx->state = 0; | |
1136 | 446 ctx->handler = ngx_mail_auth_http_process_headers; |
527 | 447 ctx->handler(s, ctx); |
448 } | |
525 | 449 |
450 | |
527 | 451 static void |
1136 | 452 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, |
453 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 454 { |
455 u_char *p; | |
547 | 456 time_t timer; |
527 | 457 size_t len, size; |
458 ngx_int_t rc, port, n; | |
884 | 459 ngx_peer_addr_t *peer; |
527 | 460 struct sockaddr_in *sin; |
525 | 461 |
1136 | 462 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
463 "mail auth http process headers"); | |
527 | 464 |
465 for ( ;; ) { | |
1136 | 466 rc = ngx_mail_auth_http_parse_header_line(s, ctx); |
527 | 467 |
468 if (rc == NGX_OK) { | |
469 | |
470 #if (NGX_DEBUG) | |
471 { | |
472 ngx_str_t key, value; | |
473 | |
474 key.len = ctx->header_name_end - ctx->header_name_start; | |
475 key.data = ctx->header_name_start; | |
476 value.len = ctx->header_end - ctx->header_start; | |
477 value.data = ctx->header_start; | |
478 | |
1136 | 479 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
480 "mail auth http header: \"%V: %V\"", | |
527 | 481 &key, &value); |
482 } | |
483 #endif | |
484 | |
485 len = ctx->header_name_end - ctx->header_name_start; | |
486 | |
487 if (len == sizeof("Auth-Status") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
488 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
489 (u_char *) "Auth-Status", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
490 sizeof("Auth-Status") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
491 == 0) |
527 | 492 { |
493 len = ctx->header_end - ctx->header_start; | |
494 | |
495 if (len == 2 | |
496 && ctx->header_start[0] == 'O' | |
497 && ctx->header_start[1] == 'K') | |
498 { | |
499 continue; | |
500 } | |
501 | |
883 | 502 if (len == 4 |
503 && ctx->header_start[0] == 'W' | |
504 && ctx->header_start[1] == 'A' | |
505 && ctx->header_start[2] == 'I' | |
506 && ctx->header_start[3] == 'T') | |
507 { | |
508 s->auth_wait = 1; | |
509 continue; | |
510 } | |
511 | |
567 | 512 ctx->errmsg.len = len; |
513 ctx->errmsg.data = ctx->header_start; | |
514 | |
1136 | 515 switch (s->protocol) { |
516 | |
517 case NGX_MAIL_POP3_PROTOCOL: | |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
518 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; |
1136 | 519 break; |
527 | 520 |
1136 | 521 case NGX_MAIL_IMAP_PROTOCOL: |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
522 size = s->tag.len + sizeof("NO ") - 1 + len |
527 | 523 + sizeof(CRLF) - 1; |
1136 | 524 break; |
525 | |
526 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
527 ctx->err = ctx->errmsg; | |
528 continue; | |
527 | 529 } |
530 | |
531 p = ngx_pcalloc(s->connection->pool, size); | |
532 if (p == NULL) { | |
543 | 533 ngx_close_connection(ctx->peer.connection); |
547 | 534 ngx_destroy_pool(ctx->pool); |
1136 | 535 ngx_mail_session_internal_server_error(s); |
527 | 536 return; |
537 } | |
538 | |
539 ctx->err.data = p; | |
540 | |
1136 | 541 switch (s->protocol) { |
527 | 542 |
1136 | 543 case NGX_MAIL_POP3_PROTOCOL: |
544 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; | |
545 break; | |
546 | |
547 case NGX_MAIL_IMAP_PROTOCOL: | |
527 | 548 p = ngx_cpymem(p, s->tag.data, s->tag.len); |
1136 | 549 *p++ = 'N'; *p++ = 'O'; *p++ = ' '; |
550 break; | |
551 | |
552 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
553 break; | |
527 | 554 } |
555 | |
556 p = ngx_cpymem(p, ctx->header_start, len); | |
557 *p++ = CR; *p++ = LF; | |
558 | |
559 ctx->err.len = p - ctx->err.data; | |
560 | |
561 continue; | |
562 } | |
563 | |
564 if (len == sizeof("Auth-Server") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
565 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
566 (u_char *) "Auth-Server", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
567 sizeof("Auth-Server") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
568 == 0) |
527 | 569 { |
570 ctx->addr.len = ctx->header_end - ctx->header_start; | |
571 ctx->addr.data = ctx->header_start; | |
572 | |
573 continue; | |
574 } | |
575 | |
576 if (len == sizeof("Auth-Port") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
577 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
578 (u_char *) "Auth-Port", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
579 sizeof("Auth-Port") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
580 == 0) |
527 | 581 { |
582 ctx->port.len = ctx->header_end - ctx->header_start; | |
583 ctx->port.data = ctx->header_start; | |
584 | |
585 continue; | |
586 } | |
587 | |
588 if (len == sizeof("Auth-User") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
589 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
590 (u_char *) "Auth-User", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
591 sizeof("Auth-User") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
592 == 0) |
527 | 593 { |
594 s->login.len = ctx->header_end - ctx->header_start; | |
567 | 595 |
596 s->login.data = ngx_palloc(s->connection->pool, s->login.len); | |
597 if (s->login.data == NULL) { | |
598 ngx_close_connection(ctx->peer.connection); | |
599 ngx_destroy_pool(ctx->pool); | |
1136 | 600 ngx_mail_session_internal_server_error(s); |
567 | 601 return; |
602 } | |
603 | |
604 ngx_memcpy(s->login.data, ctx->header_start, s->login.len); | |
527 | 605 |
606 continue; | |
607 } | |
608 | |
800 | 609 if (len == sizeof("Auth-Pass") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
610 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
611 (u_char *) "Auth-Pass", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
612 sizeof("Auth-Pass") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
613 == 0) |
800 | 614 { |
615 s->passwd.len = ctx->header_end - ctx->header_start; | |
616 | |
617 s->passwd.data = ngx_palloc(s->connection->pool, s->passwd.len); | |
618 if (s->passwd.data == NULL) { | |
619 ngx_close_connection(ctx->peer.connection); | |
620 ngx_destroy_pool(ctx->pool); | |
1136 | 621 ngx_mail_session_internal_server_error(s); |
800 | 622 return; |
623 } | |
624 | |
625 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); | |
626 | |
627 continue; | |
628 } | |
629 | |
527 | 630 if (len == sizeof("Auth-Wait") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
631 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
632 (u_char *) "Auth-Wait", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
633 sizeof("Auth-Wait") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
634 == 0) |
527 | 635 { |
636 n = ngx_atoi(ctx->header_start, | |
637 ctx->header_end - ctx->header_start); | |
638 | |
639 if (n != NGX_ERROR) { | |
640 ctx->sleep = n; | |
641 } | |
642 | |
643 continue; | |
644 } | |
645 | |
1136 | 646 if (len == sizeof("Auth-Error-Code") - 1 |
647 && ngx_strncasecmp(ctx->header_name_start, | |
648 (u_char *) "Auth-Error-Code", | |
649 sizeof("Auth-Error-Code") - 1) | |
650 == 0) | |
651 { | |
652 ctx->errcode.len = ctx->header_end - ctx->header_start; | |
653 | |
654 ctx->errcode.data = ngx_palloc(s->connection->pool, | |
655 ctx->errcode.len); | |
656 if (ctx->errcode.data == NULL) { | |
657 ngx_close_connection(ctx->peer.connection); | |
658 ngx_destroy_pool(ctx->pool); | |
659 ngx_mail_session_internal_server_error(s); | |
660 return; | |
661 } | |
662 | |
663 ngx_memcpy(ctx->errcode.data, ctx->header_start, | |
664 ctx->errcode.len); | |
665 | |
666 continue; | |
667 } | |
668 | |
527 | 669 /* ignore other headers */ |
670 | |
671 continue; | |
672 } | |
673 | |
674 if (rc == NGX_DONE) { | |
1136 | 675 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
676 "mail auth http header done"); | |
527 | 677 |
678 ngx_close_connection(ctx->peer.connection); | |
679 | |
680 if (ctx->err.len) { | |
1136 | 681 |
567 | 682 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, |
683 "client login failed: \"%V\"", &ctx->errmsg); | |
684 | |
1136 | 685 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
686 | |
687 if (ctx->errcode.len == 0) { | |
688 ctx->errcode = ngx_mail_smtp_errcode; | |
689 } | |
690 | |
691 ctx->err.len = ctx->errcode.len + ctx->errmsg.len | |
692 + sizeof(" " CRLF) - 1; | |
693 | |
1166 | 694 p = ngx_palloc(s->connection->pool, ctx->err.len); |
695 if (p == NULL) { | |
696 ngx_close_connection(ctx->peer.connection); | |
697 ngx_destroy_pool(ctx->pool); | |
698 ngx_mail_session_internal_server_error(s); | |
699 return; | |
700 } | |
1136 | 701 |
1166 | 702 ctx->err.data = p; |
1136 | 703 |
1166 | 704 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); |
1136 | 705 *p++ = ' '; |
1166 | 706 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); |
1136 | 707 *p++ = CR; *p = LF; |
708 } | |
709 | |
539 | 710 s->out = ctx->err; |
547 | 711 timer = ctx->sleep; |
527 | 712 |
547 | 713 ngx_destroy_pool(ctx->pool); |
714 | |
715 if (timer == 0) { | |
539 | 716 s->quit = 1; |
1136 | 717 ngx_mail_send(s->connection->write); |
541 | 718 return; |
719 } | |
539 | 720 |
1640 | 721 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
527 | 722 |
1136 | 723 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
527 | 724 |
725 return; | |
726 } | |
727 | |
883 | 728 if (s->auth_wait) { |
729 timer = ctx->sleep; | |
730 | |
731 ngx_destroy_pool(ctx->pool); | |
732 | |
733 if (timer == 0) { | |
1136 | 734 ngx_mail_auth_http_init(s); |
883 | 735 return; |
736 } | |
737 | |
1640 | 738 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
883 | 739 |
1136 | 740 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
883 | 741 |
742 return; | |
743 } | |
744 | |
527 | 745 if (ctx->addr.len == 0 || ctx->port.len == 0) { |
746 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 747 "auth http server %V did not send server or port", |
884 | 748 ctx->peer.name); |
547 | 749 ngx_destroy_pool(ctx->pool); |
1136 | 750 ngx_mail_session_internal_server_error(s); |
527 | 751 return; |
752 } | |
753 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
754 if (s->passwd.data == NULL |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
755 && s->protocol != NGX_MAIL_SMTP_PROTOCOL) |
1136 | 756 { |
800 | 757 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
758 "auth http server %V did not send password", | |
884 | 759 ctx->peer.name); |
800 | 760 ngx_destroy_pool(ctx->pool); |
1136 | 761 ngx_mail_session_internal_server_error(s); |
800 | 762 return; |
763 } | |
764 | |
884 | 765 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_peer_addr_t)); |
766 if (peer == NULL) { | |
547 | 767 ngx_destroy_pool(ctx->pool); |
1136 | 768 ngx_mail_session_internal_server_error(s); |
527 | 769 return; |
770 } | |
771 | |
772 sin = ngx_pcalloc(s->connection->pool, sizeof(struct sockaddr_in)); | |
773 if (sin == NULL) { | |
547 | 774 ngx_destroy_pool(ctx->pool); |
1136 | 775 ngx_mail_session_internal_server_error(s); |
527 | 776 return; |
777 } | |
778 | |
779 sin->sin_family = AF_INET; | |
780 | |
781 port = ngx_atoi(ctx->port.data, ctx->port.len); | |
782 if (port == NGX_ERROR || port < 1 || port > 65536) { | |
783 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 784 "auth http server %V sent invalid server " |
785 "port:\"%V\"", | |
884 | 786 ctx->peer.name, &ctx->port); |
547 | 787 ngx_destroy_pool(ctx->pool); |
1136 | 788 ngx_mail_session_internal_server_error(s); |
527 | 789 return; |
790 } | |
791 | |
792 sin->sin_port = htons((in_port_t) port); | |
793 | |
794 ctx->addr.data[ctx->addr.len] = '\0'; | |
795 sin->sin_addr.s_addr = inet_addr((char *) ctx->addr.data); | |
796 if (sin->sin_addr.s_addr == INADDR_NONE) { | |
797 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 798 "auth http server %V sent invalid server " |
799 "address:\"%V\"", | |
884 | 800 ctx->peer.name, &ctx->addr); |
547 | 801 ngx_destroy_pool(ctx->pool); |
1136 | 802 ngx_mail_session_internal_server_error(s); |
527 | 803 return; |
804 } | |
805 | |
884 | 806 peer->sockaddr = (struct sockaddr *) sin; |
807 peer->socklen = sizeof(struct sockaddr_in); | |
527 | 808 |
809 len = ctx->addr.len + 1 + ctx->port.len; | |
810 | |
884 | 811 peer->name.len = len; |
527 | 812 |
884 | 813 peer->name.data = ngx_palloc(s->connection->pool, len); |
814 if (peer->name.data == NULL) { | |
547 | 815 ngx_destroy_pool(ctx->pool); |
1136 | 816 ngx_mail_session_internal_server_error(s); |
527 | 817 return; |
818 } | |
819 | |
820 len = ctx->addr.len; | |
821 | |
884 | 822 ngx_memcpy(peer->name.data, ctx->addr.data, len); |
527 | 823 |
884 | 824 peer->name.data[len++] = ':'; |
527 | 825 |
884 | 826 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); |
527 | 827 |
547 | 828 ngx_destroy_pool(ctx->pool); |
1136 | 829 ngx_mail_proxy_init(s, peer); |
527 | 830 |
831 return; | |
832 } | |
833 | |
834 if (rc == NGX_AGAIN ) { | |
835 return; | |
836 } | |
837 | |
838 /* rc == NGX_ERROR */ | |
839 | |
840 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 841 "auth http server %V sent invalid header in response", |
884 | 842 ctx->peer.name); |
527 | 843 ngx_close_connection(ctx->peer.connection); |
547 | 844 ngx_destroy_pool(ctx->pool); |
1136 | 845 ngx_mail_session_internal_server_error(s); |
527 | 846 |
847 return; | |
848 } | |
849 } | |
850 | |
521 | 851 |
527 | 852 static void |
1136 | 853 ngx_mail_auth_sleep_handler(ngx_event_t *rev) |
527 | 854 { |
543 | 855 ngx_connection_t *c; |
1136 | 856 ngx_mail_session_t *s; |
857 ngx_mail_core_srv_conf_t *cscf; | |
527 | 858 |
1136 | 859 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); |
527 | 860 |
861 c = rev->data; | |
862 s = c->data; | |
863 | |
864 if (rev->timedout) { | |
865 | |
866 rev->timedout = 0; | |
867 | |
883 | 868 if (s->auth_wait) { |
869 s->auth_wait = 0; | |
1136 | 870 ngx_mail_auth_http_init(s); |
883 | 871 return; |
872 } | |
873 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
874 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
527 | 875 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
876 rev->handler = cscf->protocol->auth_state; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
877 |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
878 s->mail_state = 0; |
1136 | 879 s->auth_method = NGX_MAIL_AUTH_PLAIN; |
800 | 880 |
543 | 881 c->log->action = "in auth state"; |
882 | |
1477 | 883 ngx_mail_send(c->write); |
543 | 884 |
583 | 885 if (c->destroyed) { |
543 | 886 return; |
887 } | |
888 | |
889 ngx_add_timer(rev, cscf->timeout); | |
890 | |
527 | 891 if (rev->ready) { |
1477 | 892 rev->handler(rev); |
527 | 893 return; |
894 } | |
895 | |
896 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1477 | 897 ngx_mail_close_connection(c); |
527 | 898 } |
899 | |
900 return; | |
901 } | |
902 | |
903 if (rev->active) { | |
904 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1477 | 905 ngx_mail_close_connection(c); |
527 | 906 } |
907 } | |
908 } | |
909 | |
910 | |
911 static ngx_int_t | |
1136 | 912 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
913 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 914 { |
915 u_char c, ch, *p; | |
916 ngx_uint_t hash; | |
917 enum { | |
918 sw_start = 0, | |
919 sw_name, | |
920 sw_space_before_value, | |
921 sw_value, | |
922 sw_space_after_value, | |
577 | 923 sw_almost_done, |
527 | 924 sw_header_almost_done |
925 } state; | |
926 | |
577 | 927 state = ctx->state; |
527 | 928 hash = ctx->hash; |
929 | |
930 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
931 ch = *p; | |
932 | |
933 switch (state) { | |
934 | |
935 /* first char */ | |
936 case sw_start: | |
937 | |
938 switch (ch) { | |
939 case CR: | |
577 | 940 ctx->header_end = p; |
527 | 941 state = sw_header_almost_done; |
942 break; | |
577 | 943 case LF: |
527 | 944 ctx->header_end = p; |
945 goto header_done; | |
946 default: | |
947 state = sw_name; | |
948 ctx->header_name_start = p; | |
949 | |
950 c = (u_char) (ch | 0x20); | |
951 if (c >= 'a' && c <= 'z') { | |
952 hash = c; | |
953 break; | |
954 } | |
955 | |
956 if (ch >= '0' && ch <= '9') { | |
957 hash = ch; | |
958 break; | |
959 } | |
960 | |
961 return NGX_ERROR; | |
962 } | |
963 break; | |
964 | |
965 /* header name */ | |
966 case sw_name: | |
967 c = (u_char) (ch | 0x20); | |
968 if (c >= 'a' && c <= 'z') { | |
969 hash += c; | |
970 break; | |
971 } | |
972 | |
973 if (ch == ':') { | |
974 ctx->header_name_end = p; | |
975 state = sw_space_before_value; | |
976 break; | |
977 } | |
978 | |
979 if (ch == '-') { | |
980 hash += ch; | |
981 break; | |
982 } | |
983 | |
984 if (ch >= '0' && ch <= '9') { | |
985 hash += ch; | |
986 break; | |
987 } | |
988 | |
989 if (ch == CR) { | |
990 ctx->header_name_end = p; | |
991 ctx->header_start = p; | |
992 ctx->header_end = p; | |
993 state = sw_almost_done; | |
994 break; | |
995 } | |
996 | |
997 if (ch == LF) { | |
998 ctx->header_name_end = p; | |
999 ctx->header_start = p; | |
1000 ctx->header_end = p; | |
1001 goto done; | |
1002 } | |
1003 | |
1004 return NGX_ERROR; | |
1005 | |
1006 /* space* before header value */ | |
1007 case sw_space_before_value: | |
1008 switch (ch) { | |
1009 case ' ': | |
1010 break; | |
1011 case CR: | |
1012 ctx->header_start = p; | |
1013 ctx->header_end = p; | |
1014 state = sw_almost_done; | |
1015 break; | |
1016 case LF: | |
1017 ctx->header_start = p; | |
1018 ctx->header_end = p; | |
1019 goto done; | |
1020 default: | |
1021 ctx->header_start = p; | |
1022 state = sw_value; | |
1023 break; | |
1024 } | |
1025 break; | |
1026 | |
1027 /* header value */ | |
1028 case sw_value: | |
1029 switch (ch) { | |
1030 case ' ': | |
1031 ctx->header_end = p; | |
1032 state = sw_space_after_value; | |
1033 break; | |
1034 case CR: | |
1035 ctx->header_end = p; | |
1036 state = sw_almost_done; | |
1037 break; | |
1038 case LF: | |
1039 ctx->header_end = p; | |
1040 goto done; | |
1041 } | |
1042 break; | |
1043 | |
1044 /* space* before end of header line */ | |
1045 case sw_space_after_value: | |
1046 switch (ch) { | |
1047 case ' ': | |
1048 break; | |
1049 case CR: | |
1050 state = sw_almost_done; | |
1051 break; | |
1052 case LF: | |
1053 goto done; | |
1054 default: | |
1055 state = sw_value; | |
1056 break; | |
1057 } | |
1058 break; | |
1059 | |
1060 /* end of header line */ | |
1061 case sw_almost_done: | |
1062 switch (ch) { | |
1063 case LF: | |
1064 goto done; | |
1065 default: | |
1066 return NGX_ERROR; | |
1067 } | |
1068 | |
1069 /* end of header */ | |
1070 case sw_header_almost_done: | |
1071 switch (ch) { | |
1072 case LF: | |
1073 goto header_done; | |
1074 default: | |
1075 return NGX_ERROR; | |
1076 } | |
1077 } | |
1078 } | |
1079 | |
1080 ctx->response->pos = p; | |
1081 ctx->state = state; | |
1082 ctx->hash = hash; | |
1083 | |
1084 return NGX_AGAIN; | |
1085 | |
1086 done: | |
1087 | |
1088 ctx->response->pos = p + 1; | |
1089 ctx->state = sw_start; | |
1090 ctx->hash = hash; | |
1091 | |
1092 return NGX_OK; | |
1093 | |
1094 header_done: | |
1095 | |
1096 ctx->response->pos = p + 1; | |
1097 ctx->state = sw_start; | |
1098 | |
1099 return NGX_DONE; | |
521 | 1100 } |
1101 | |
1102 | |
1103 static void | |
1136 | 1104 ngx_mail_auth_http_block_read(ngx_event_t *rev) |
521 | 1105 { |
1106 ngx_connection_t *c; | |
1136 | 1107 ngx_mail_session_t *s; |
1108 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 1109 |
1136 | 1110 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
1111 "mail auth http block read"); | |
521 | 1112 |
1113 if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { | |
1114 c = rev->data; | |
1115 s = c->data; | |
1116 | |
1136 | 1117 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 1118 |
525 | 1119 ngx_close_connection(ctx->peer.connection); |
547 | 1120 ngx_destroy_pool(ctx->pool); |
1136 | 1121 ngx_mail_session_internal_server_error(s); |
521 | 1122 } |
1123 } | |
1124 | |
1125 | |
1126 static void | |
1136 | 1127 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) |
521 | 1128 { |
1136 | 1129 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, |
1130 "mail auth http dummy handler"); | |
521 | 1131 } |
1132 | |
1133 | |
1134 static ngx_buf_t * | |
1136 | 1135 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, |
1136 ngx_mail_auth_http_conf_t *ahcf) | |
521 | 1137 { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1138 size_t len; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1139 ngx_buf_t *b; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1140 ngx_str_t login, passwd; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1141 ngx_mail_core_srv_conf_t *cscf; |
633 | 1142 |
1136 | 1143 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { |
633 | 1144 return NULL; |
1145 } | |
1146 | |
1136 | 1147 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { |
633 | 1148 return NULL; |
1149 } | |
521 | 1150 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1151 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1152 |
521 | 1153 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 |
1154 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 | |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1155 + sizeof("Auth-Method: ") - 1 |
1136 | 1156 + ngx_mail_auth_http_method[s->auth_method].len |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1157 + sizeof(CRLF) - 1 |
633 | 1158 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 |
1159 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 | |
800 | 1160 + sizeof("Auth-Salt: ") - 1 + s->salt.len |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1161 + sizeof("Auth-Protocol: ") - 1 + cscf->protocol->name.len |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1162 + sizeof(CRLF) - 1 |
527 | 1163 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1164 + sizeof(CRLF) - 1 | |
521 | 1165 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1166 + sizeof(CRLF) - 1 | |
1285
0c10dc6a8e74
fix memory allocation for auth_http_header
Igor Sysoev <igor@sysoev.ru>
parents:
1166
diff
changeset
|
1167 + ahcf->header.len |
521 | 1168 + sizeof(CRLF) - 1; |
1169 | |
547 | 1170 b = ngx_create_temp_buf(pool, len); |
521 | 1171 if (b == NULL) { |
1172 return NULL; | |
1173 } | |
1174 | |
1175 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | |
573 | 1176 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
521 | 1177 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
1178 sizeof(" HTTP/1.0" CRLF) - 1); | |
1179 | |
1180 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | |
573 | 1181 b->last = ngx_copy(b->last, ahcf->host_header.data, |
521 | 1182 ahcf->host_header.len); |
1183 *b->last++ = CR; *b->last++ = LF; | |
1184 | |
800 | 1185 b->last = ngx_cpymem(b->last, "Auth-Method: ", |
1186 sizeof("Auth-Method: ") - 1); | |
1187 b->last = ngx_cpymem(b->last, | |
1136 | 1188 ngx_mail_auth_http_method[s->auth_method].data, |
1189 ngx_mail_auth_http_method[s->auth_method].len); | |
800 | 1190 *b->last++ = CR; *b->last++ = LF; |
521 | 1191 |
1192 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | |
633 | 1193 b->last = ngx_copy(b->last, login.data, login.len); |
521 | 1194 *b->last++ = CR; *b->last++ = LF; |
1195 | |
1196 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | |
633 | 1197 b->last = ngx_copy(b->last, passwd.data, passwd.len); |
521 | 1198 *b->last++ = CR; *b->last++ = LF; |
1199 | |
1136 | 1200 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { |
800 | 1201 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); |
1202 b->last = ngx_copy(b->last, s->salt.data, s->salt.len); | |
1203 | |
1204 s->passwd.data = NULL; | |
1205 } | |
1206 | |
521 | 1207 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1208 sizeof("Auth-Protocol: ") - 1); | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1209 b->last = ngx_cpymem(b->last, cscf->protocol->name.data, |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1210 cscf->protocol->name.len); |
521 | 1211 *b->last++ = CR; *b->last++ = LF; |
1212 | |
527 | 1213 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1214 s->login_attempt); | |
1215 | |
521 | 1216 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
573 | 1217 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
521 | 1218 s->connection->addr_text.len); |
1219 *b->last++ = CR; *b->last++ = LF; | |
1220 | |
573 | 1221 if (ahcf->header.len) { |
1222 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1223 } | |
1224 | |
521 | 1225 /* add "\r\n" at the header end */ |
1226 *b->last++ = CR; *b->last++ = LF; | |
1227 | |
1136 | 1228 #if (NGX_DEBUG_MAIL_PASSWD) |
521 | 1229 { |
1230 ngx_str_t l; | |
1231 | |
1232 l.len = b->last - b->pos; | |
1233 l.data = b->pos; | |
1136 | 1234 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
1235 "mail auth http header:\n\"%V\"", &l); | |
521 | 1236 } |
1237 #endif | |
1238 | |
1239 return b; | |
1240 } | |
1241 | |
1242 | |
633 | 1243 static ngx_int_t |
1136 | 1244 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) |
633 | 1245 { |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1246 u_char *p; |
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1247 uintptr_t n; |
633 | 1248 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1249 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1250 |
1251 if (n == 0) { | |
1252 *escaped = *text; | |
1253 return NGX_OK; | |
1254 } | |
1255 | |
1256 escaped->len = text->len + n * 2; | |
1257 | |
1258 p = ngx_palloc(pool, escaped->len); | |
1259 if (p == NULL) { | |
1260 return NGX_ERROR; | |
1261 } | |
1262 | |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1263 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1264 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1265 escaped->data = p; |
633 | 1266 |
1267 return NGX_OK; | |
1268 } | |
1269 | |
1270 | |
521 | 1271 static void * |
1136 | 1272 ngx_mail_auth_http_create_conf(ngx_conf_t *cf) |
577 | 1273 { |
1136 | 1274 ngx_mail_auth_http_conf_t *ahcf; |
577 | 1275 |
1136 | 1276 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); |
521 | 1277 if (ahcf == NULL) { |
1278 return NGX_CONF_ERROR; | |
1279 } | |
1280 | |
1281 ahcf->timeout = NGX_CONF_UNSET_MSEC; | |
1282 | |
1392 | 1283 ahcf->file = cf->conf_file->file.name.data; |
1284 ahcf->line = cf->conf_file->line; | |
1285 | |
521 | 1286 return ahcf; |
1287 } | |
1288 | |
1289 | |
1290 static char * | |
1136 | 1291 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
521 | 1292 { |
1136 | 1293 ngx_mail_auth_http_conf_t *prev = parent; |
1294 ngx_mail_auth_http_conf_t *conf = child; | |
521 | 1295 |
573 | 1296 u_char *p; |
1297 size_t len; | |
1298 ngx_uint_t i; | |
1299 ngx_table_elt_t *header; | |
1300 | |
884 | 1301 if (conf->peer == NULL) { |
1302 conf->peer = prev->peer; | |
521 | 1303 conf->host_header = prev->host_header; |
1304 conf->uri = prev->uri; | |
1392 | 1305 |
1306 if (conf->peer == NULL) { | |
1307 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
1308 "no \"http_auth\" is defined for server in %s:%ui", | |
1309 conf->file, conf->line); | |
1310 | |
1311 return NGX_CONF_ERROR; | |
1312 } | |
521 | 1313 } |
1314 | |
1315 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | |
1316 | |
573 | 1317 if (conf->headers == NULL) { |
1318 conf->headers = prev->headers; | |
1319 conf->header = prev->header; | |
1320 } | |
1321 | |
1322 if (conf->headers && conf->header.len == 0) { | |
1323 len = 0; | |
1324 header = conf->headers->elts; | |
1325 for (i = 0; i < conf->headers->nelts; i++) { | |
1326 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1327 } | |
1328 | |
1329 p = ngx_palloc(cf->pool, len); | |
1330 if (p == NULL) { | |
1331 return NGX_CONF_ERROR; | |
1332 } | |
1333 | |
1334 conf->header.len = len; | |
1335 conf->header.data = p; | |
1336 | |
1337 for (i = 0; i < conf->headers->nelts; i++) { | |
1338 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1339 *p++ = ':'; *p++ = ' '; | |
1340 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1341 *p++ = CR; *p++ = LF; | |
1342 } | |
1343 } | |
1344 | |
521 | 1345 return NGX_CONF_OK; |
1346 } | |
1347 | |
1348 | |
1349 static char * | |
1136 | 1350 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1351 { |
1136 | 1352 ngx_mail_auth_http_conf_t *ahcf = conf; |
521 | 1353 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1354 ngx_str_t *value; |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1355 ngx_url_t u; |
573 | 1356 |
521 | 1357 value = cf->args->elts; |
1358 | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1359 ngx_memzero(&u, sizeof(ngx_url_t)); |
521 | 1360 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1361 u.url = value[1]; |
906 | 1362 u.default_port = 80; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1363 u.uri_part = 1; |
884 | 1364 u.one_addr = 1; |
577 | 1365 |
1391
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1366 if (ngx_strncmp(u.url.data, "http://", 7) == 0) { |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1367 u.url.len -= 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1368 u.url.data += 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1369 } |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1370 |
1559
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
1487
diff
changeset
|
1371 if (ngx_parse_url(cf->pool, &u) != NGX_OK) { |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1372 if (u.err) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1373 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1374 "%s in auth_http \"%V\"", u.err, &u.url); |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1375 } |
1390 | 1376 |
1377 return NGX_CONF_ERROR; | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1378 } |
521 | 1379 |
884 | 1380 ahcf->peer = u.addrs; |
521 | 1381 |
906 | 1382 ahcf->host_header = u.host; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1383 ahcf->uri = u.uri; |
521 | 1384 |
559 | 1385 if (ahcf->uri.len == 0) { |
555 | 1386 ahcf->uri.len = sizeof("/") - 1; |
1387 ahcf->uri.data = (u_char *) "/"; | |
1388 } | |
1389 | |
521 | 1390 return NGX_CONF_OK; |
1391 } | |
573 | 1392 |
1393 | |
1394 static char * | |
1136 | 1395 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1396 { |
1136 | 1397 ngx_mail_auth_http_conf_t *ahcf = conf; |
573 | 1398 |
1399 ngx_str_t *value; | |
1400 ngx_table_elt_t *header; | |
1401 | |
1402 if (ahcf->headers == NULL) { | |
1403 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1404 if (ahcf->headers == NULL) { | |
1405 return NGX_CONF_ERROR; | |
1406 } | |
1407 } | |
1408 | |
1409 header = ngx_array_push(ahcf->headers); | |
1410 if (header == NULL) { | |
1411 return NGX_CONF_ERROR; | |
1412 } | |
1413 | |
1414 value = cf->args->elts; | |
1415 | |
1416 header->key = value[1]; | |
1417 header->value = value[2]; | |
1418 | |
1419 return NGX_CONF_OK; | |
1420 } |