Mercurial > hg > nginx
annotate src/mail/ngx_mail_auth_http_module.c @ 8945:e72db9162180 quic
QUIC: got rid of excessive "qsock" argument in ngx_quic_output.c.
The output is always sent to the active path, which is stored in the
quic connection. There is no need to pass it in arguments.
When output has to be send to to a specific path (in rare cases, such as
path probing), a separate method exists (ngx_quic_frame_sendto()).
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Mon, 27 Dec 2021 13:52:57 +0300 |
parents | 13d0c1d26d47 |
children | 46ecad404a29 |
rev | line source |
---|---|
521 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
521 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_event.h> | |
11 #include <ngx_event_connect.h> | |
1136 | 12 #include <ngx_mail.h> |
521 | 13 |
14 | |
15 typedef struct { | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
16 ngx_addr_t *peer; |
521 | 17 |
527 | 18 ngx_msec_t timeout; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
19 ngx_flag_t pass_client_cert; |
521 | 20 |
527 | 21 ngx_str_t host_header; |
22 ngx_str_t uri; | |
573 | 23 ngx_str_t header; |
24 | |
25 ngx_array_t *headers; | |
1392 | 26 |
27 u_char *file; | |
28 ngx_uint_t line; | |
1136 | 29 } ngx_mail_auth_http_conf_t; |
521 | 30 |
31 | |
1136 | 32 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; |
527 | 33 |
1136 | 34 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, |
35 ngx_mail_auth_http_ctx_t *ctx); | |
527 | 36 |
1136 | 37 struct ngx_mail_auth_http_ctx_s { |
527 | 38 ngx_buf_t *request; |
39 ngx_buf_t *response; | |
40 ngx_peer_connection_t peer; | |
41 | |
1136 | 42 ngx_mail_auth_http_handler_pt handler; |
527 | 43 |
44 ngx_uint_t state; | |
45 | |
46 u_char *header_name_start; | |
47 u_char *header_name_end; | |
48 u_char *header_start; | |
49 u_char *header_end; | |
50 | |
51 ngx_str_t addr; | |
52 ngx_str_t port; | |
53 ngx_str_t err; | |
567 | 54 ngx_str_t errmsg; |
1136 | 55 ngx_str_t errcode; |
527 | 56 |
547 | 57 time_t sleep; |
527 | 58 |
547 | 59 ngx_pool_t *pool; |
527 | 60 }; |
521 | 61 |
62 | |
1136 | 63 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); |
64 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); | |
65 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, | |
66 ngx_mail_auth_http_ctx_t *ctx); | |
67 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, | |
68 ngx_mail_auth_http_ctx_t *ctx); | |
69 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); | |
70 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, | |
71 ngx_mail_auth_http_ctx_t *ctx); | |
72 static void ngx_mail_auth_http_block_read(ngx_event_t *rev); | |
73 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); | |
74 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, | |
75 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); | |
76 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, | |
633 | 77 ngx_str_t *escaped); |
521 | 78 |
1136 | 79 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); |
80 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | |
521 | 81 void *child); |
1136 | 82 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
83 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
573 | 84 void *conf); |
521 | 85 |
86 | |
1136 | 87 static ngx_command_t ngx_mail_auth_http_commands[] = { |
521 | 88 |
89 { ngx_string("auth_http"), | |
1136 | 90 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
91 ngx_mail_auth_http, | |
92 NGX_MAIL_SRV_CONF_OFFSET, | |
521 | 93 0, |
94 NULL }, | |
95 | |
96 { ngx_string("auth_http_timeout"), | |
1136 | 97 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
521 | 98 ngx_conf_set_msec_slot, |
1136 | 99 NGX_MAIL_SRV_CONF_OFFSET, |
100 offsetof(ngx_mail_auth_http_conf_t, timeout), | |
521 | 101 NULL }, |
102 | |
573 | 103 { ngx_string("auth_http_header"), |
1136 | 104 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, |
105 ngx_mail_auth_http_header, | |
106 NGX_MAIL_SRV_CONF_OFFSET, | |
573 | 107 0, |
108 NULL }, | |
109 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
110 { ngx_string("auth_http_pass_client_cert"), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
111 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
112 ngx_conf_set_flag_slot, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
113 NGX_MAIL_SRV_CONF_OFFSET, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
114 offsetof(ngx_mail_auth_http_conf_t, pass_client_cert), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
115 NULL }, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
116 |
521 | 117 ngx_null_command |
118 }; | |
119 | |
120 | |
1136 | 121 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
122 NULL, /* protocol */ |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
123 |
521 | 124 NULL, /* create main configuration */ |
125 NULL, /* init main configuration */ | |
126 | |
1136 | 127 ngx_mail_auth_http_create_conf, /* create server configuration */ |
128 ngx_mail_auth_http_merge_conf /* merge server configuration */ | |
521 | 129 }; |
130 | |
131 | |
1136 | 132 ngx_module_t ngx_mail_auth_http_module = { |
521 | 133 NGX_MODULE_V1, |
1136 | 134 &ngx_mail_auth_http_module_ctx, /* module context */ |
135 ngx_mail_auth_http_commands, /* module directives */ | |
136 NGX_MAIL_MODULE, /* module type */ | |
541 | 137 NULL, /* init master */ |
521 | 138 NULL, /* init module */ |
541 | 139 NULL, /* init process */ |
140 NULL, /* init thread */ | |
141 NULL, /* exit thread */ | |
142 NULL, /* exit process */ | |
143 NULL, /* exit master */ | |
144 NGX_MODULE_V1_PADDING | |
521 | 145 }; |
146 | |
147 | |
1136 | 148 static ngx_str_t ngx_mail_auth_http_method[] = { |
149 ngx_string("plain"), | |
809 | 150 ngx_string("plain"), |
2748
2477b28eaccb
fix Auth-Method, the bug has been introduced in r2496
Igor Sysoev <igor@sysoev.ru>
parents:
2388
diff
changeset
|
151 ngx_string("plain"), |
809 | 152 ngx_string("apop"), |
2309 | 153 ngx_string("cram-md5"), |
6774
bcb107bb89cd
Mail: support SASL EXTERNAL (RFC 4422).
Rob N ★ <robn@fastmail.com>
parents:
6597
diff
changeset
|
154 ngx_string("external"), |
2309 | 155 ngx_string("none") |
800 | 156 }; |
521 | 157 |
1136 | 158 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
521 | 159 |
1477 | 160 |
521 | 161 void |
1136 | 162 ngx_mail_auth_http_init(ngx_mail_session_t *s) |
521 | 163 { |
164 ngx_int_t rc; | |
547 | 165 ngx_pool_t *pool; |
1136 | 166 ngx_mail_auth_http_ctx_t *ctx; |
167 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 168 |
541 | 169 s->connection->log->action = "in http auth state"; |
170 | |
547 | 171 pool = ngx_create_pool(2048, s->connection->log); |
172 if (pool == NULL) { | |
1136 | 173 ngx_mail_session_internal_server_error(s); |
521 | 174 return; |
175 } | |
176 | |
1136 | 177 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); |
547 | 178 if (ctx == NULL) { |
179 ngx_destroy_pool(pool); | |
1136 | 180 ngx_mail_session_internal_server_error(s); |
547 | 181 return; |
182 } | |
183 | |
184 ctx->pool = pool; | |
185 | |
1136 | 186 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 187 |
1136 | 188 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); |
521 | 189 if (ctx->request == NULL) { |
547 | 190 ngx_destroy_pool(ctx->pool); |
1136 | 191 ngx_mail_session_internal_server_error(s); |
521 | 192 return; |
193 } | |
194 | |
1136 | 195 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); |
521 | 196 |
884 | 197 ctx->peer.sockaddr = ahcf->peer->sockaddr; |
198 ctx->peer.socklen = ahcf->peer->socklen; | |
199 ctx->peer.name = &ahcf->peer->name; | |
200 ctx->peer.get = ngx_event_get_peer; | |
521 | 201 ctx->peer.log = s->connection->log; |
202 ctx->peer.log_error = NGX_ERROR_ERR; | |
203 | |
204 rc = ngx_event_connect_peer(&ctx->peer); | |
205 | |
543 | 206 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { |
862
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
207 if (ctx->peer.connection) { |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
208 ngx_close_connection(ctx->peer.connection); |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
209 } |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
210 |
547 | 211 ngx_destroy_pool(ctx->pool); |
1136 | 212 ngx_mail_session_internal_server_error(s); |
521 | 213 return; |
214 } | |
215 | |
216 ctx->peer.connection->data = s; | |
217 ctx->peer.connection->pool = s->connection->pool; | |
218 | |
1136 | 219 s->connection->read->handler = ngx_mail_auth_http_block_read; |
220 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; | |
221 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; | |
521 | 222 |
1136 | 223 ctx->handler = ngx_mail_auth_http_ignore_status_line; |
527 | 224 |
541 | 225 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); |
226 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); | |
227 | |
521 | 228 if (rc == NGX_OK) { |
1136 | 229 ngx_mail_auth_http_write_handler(ctx->peer.connection->write); |
521 | 230 return; |
231 } | |
232 } | |
233 | |
234 | |
235 static void | |
1136 | 236 ngx_mail_auth_http_write_handler(ngx_event_t *wev) |
521 | 237 { |
238 ssize_t n, size; | |
239 ngx_connection_t *c; | |
1136 | 240 ngx_mail_session_t *s; |
241 ngx_mail_auth_http_ctx_t *ctx; | |
242 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 243 |
244 c = wev->data; | |
245 s = c->data; | |
246 | |
1136 | 247 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 248 |
1136 | 249 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, |
250 "mail auth http write handler"); | |
521 | 251 |
577 | 252 if (wev->timedout) { |
521 | 253 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, |
884 | 254 "auth http server %V timed out", ctx->peer.name); |
1478 | 255 ngx_close_connection(c); |
547 | 256 ngx_destroy_pool(ctx->pool); |
1136 | 257 ngx_mail_session_internal_server_error(s); |
521 | 258 return; |
259 } | |
260 | |
261 size = ctx->request->last - ctx->request->pos; | |
262 | |
263 n = ngx_send(c, ctx->request->pos, size); | |
264 | |
265 if (n == NGX_ERROR) { | |
1478 | 266 ngx_close_connection(c); |
547 | 267 ngx_destroy_pool(ctx->pool); |
1136 | 268 ngx_mail_session_internal_server_error(s); |
521 | 269 return; |
270 } | |
271 | |
272 if (n > 0) { | |
273 ctx->request->pos += n; | |
274 | |
275 if (n == size) { | |
1136 | 276 wev->handler = ngx_mail_auth_http_dummy_handler; |
521 | 277 |
278 if (wev->timer_set) { | |
279 ngx_del_timer(wev); | |
280 } | |
281 | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
282 if (ngx_handle_write_event(wev, 0) != NGX_OK) { |
1478 | 283 ngx_close_connection(c); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
284 ngx_destroy_pool(ctx->pool); |
1136 | 285 ngx_mail_session_internal_server_error(s); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
286 } |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
287 |
521 | 288 return; |
289 } | |
290 } | |
291 | |
292 if (!wev->timer_set) { | |
1136 | 293 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 294 ngx_add_timer(wev, ahcf->timeout); |
295 } | |
296 } | |
297 | |
298 | |
299 static void | |
1136 | 300 ngx_mail_auth_http_read_handler(ngx_event_t *rev) |
521 | 301 { |
525 | 302 ssize_t n, size; |
521 | 303 ngx_connection_t *c; |
1136 | 304 ngx_mail_session_t *s; |
305 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 306 |
307 c = rev->data; | |
308 s = c->data; | |
309 | |
1136 | 310 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
311 "mail auth http read handler"); | |
521 | 312 |
1136 | 313 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
525 | 314 |
577 | 315 if (rev->timedout) { |
525 | 316 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, |
884 | 317 "auth http server %V timed out", ctx->peer.name); |
1478 | 318 ngx_close_connection(c); |
547 | 319 ngx_destroy_pool(ctx->pool); |
1136 | 320 ngx_mail_session_internal_server_error(s); |
525 | 321 return; |
322 } | |
323 | |
324 if (ctx->response == NULL) { | |
547 | 325 ctx->response = ngx_create_temp_buf(ctx->pool, 1024); |
525 | 326 if (ctx->response == NULL) { |
1478 | 327 ngx_close_connection(c); |
547 | 328 ngx_destroy_pool(ctx->pool); |
1136 | 329 ngx_mail_session_internal_server_error(s); |
525 | 330 return; |
331 } | |
332 } | |
333 | |
527 | 334 size = ctx->response->end - ctx->response->last; |
525 | 335 |
336 n = ngx_recv(c, ctx->response->pos, size); | |
337 | |
527 | 338 if (n > 0) { |
339 ctx->response->last += n; | |
340 | |
341 ctx->handler(s, ctx); | |
342 return; | |
343 } | |
344 | |
345 if (n == NGX_AGAIN) { | |
525 | 346 return; |
347 } | |
348 | |
1478 | 349 ngx_close_connection(c); |
547 | 350 ngx_destroy_pool(ctx->pool); |
1136 | 351 ngx_mail_session_internal_server_error(s); |
527 | 352 } |
525 | 353 |
354 | |
527 | 355 static void |
1136 | 356 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, |
357 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 358 { |
359 u_char *p, ch; | |
360 enum { | |
361 sw_start = 0, | |
362 sw_H, | |
363 sw_HT, | |
364 sw_HTT, | |
365 sw_HTTP, | |
366 sw_skip, | |
367 sw_almost_done | |
368 } state; | |
369 | |
1136 | 370 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
371 "mail auth http process status line"); | |
527 | 372 |
373 state = ctx->state; | |
374 | |
375 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
376 ch = *p; | |
377 | |
378 switch (state) { | |
379 | |
380 /* "HTTP/" */ | |
381 case sw_start: | |
382 if (ch == 'H') { | |
383 state = sw_H; | |
384 break; | |
385 } | |
386 goto next; | |
387 | |
388 case sw_H: | |
389 if (ch == 'T') { | |
390 state = sw_HT; | |
391 break; | |
392 } | |
393 goto next; | |
394 | |
395 case sw_HT: | |
396 if (ch == 'T') { | |
397 state = sw_HTT; | |
398 break; | |
399 } | |
400 goto next; | |
401 | |
402 case sw_HTT: | |
403 if (ch == 'P') { | |
404 state = sw_HTTP; | |
405 break; | |
406 } | |
407 goto next; | |
408 | |
409 case sw_HTTP: | |
410 if (ch == '/') { | |
411 state = sw_skip; | |
412 break; | |
413 } | |
414 goto next; | |
415 | |
416 /* any text until end of line */ | |
417 case sw_skip: | |
418 switch (ch) { | |
419 case CR: | |
420 state = sw_almost_done; | |
421 | |
422 break; | |
577 | 423 case LF: |
527 | 424 goto done; |
425 } | |
426 break; | |
427 | |
428 /* end of status line */ | |
429 case sw_almost_done: | |
430 if (ch == LF) { | |
431 goto done; | |
432 } | |
433 | |
434 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
6480 | 435 "auth http server %V sent invalid response", |
884 | 436 ctx->peer.name); |
527 | 437 ngx_close_connection(ctx->peer.connection); |
547 | 438 ngx_destroy_pool(ctx->pool); |
1136 | 439 ngx_mail_session_internal_server_error(s); |
527 | 440 return; |
441 } | |
442 } | |
443 | |
444 ctx->response->pos = p; | |
445 ctx->state = state; | |
446 | |
447 return; | |
448 | |
449 next: | |
450 | |
451 p = ctx->response->start - 1; | |
452 | |
453 done: | |
454 | |
455 ctx->response->pos = p + 1; | |
456 ctx->state = 0; | |
1136 | 457 ctx->handler = ngx_mail_auth_http_process_headers; |
527 | 458 ctx->handler(s, ctx); |
459 } | |
525 | 460 |
461 | |
527 | 462 static void |
1136 | 463 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, |
464 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 465 { |
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
466 u_char *p; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
467 time_t timer; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
468 size_t len, size; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
469 ngx_int_t rc, port, n; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
470 ngx_addr_t *peer; |
525 | 471 |
1136 | 472 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
473 "mail auth http process headers"); | |
527 | 474 |
475 for ( ;; ) { | |
1136 | 476 rc = ngx_mail_auth_http_parse_header_line(s, ctx); |
527 | 477 |
478 if (rc == NGX_OK) { | |
479 | |
480 #if (NGX_DEBUG) | |
481 { | |
482 ngx_str_t key, value; | |
483 | |
484 key.len = ctx->header_name_end - ctx->header_name_start; | |
485 key.data = ctx->header_name_start; | |
486 value.len = ctx->header_end - ctx->header_start; | |
487 value.data = ctx->header_start; | |
488 | |
1136 | 489 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
490 "mail auth http header: \"%V: %V\"", | |
527 | 491 &key, &value); |
492 } | |
493 #endif | |
494 | |
495 len = ctx->header_name_end - ctx->header_name_start; | |
496 | |
497 if (len == sizeof("Auth-Status") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
498 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
499 (u_char *) "Auth-Status", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
500 sizeof("Auth-Status") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
501 == 0) |
527 | 502 { |
503 len = ctx->header_end - ctx->header_start; | |
504 | |
505 if (len == 2 | |
506 && ctx->header_start[0] == 'O' | |
507 && ctx->header_start[1] == 'K') | |
508 { | |
509 continue; | |
510 } | |
511 | |
883 | 512 if (len == 4 |
513 && ctx->header_start[0] == 'W' | |
514 && ctx->header_start[1] == 'A' | |
515 && ctx->header_start[2] == 'I' | |
516 && ctx->header_start[3] == 'T') | |
517 { | |
518 s->auth_wait = 1; | |
519 continue; | |
520 } | |
521 | |
567 | 522 ctx->errmsg.len = len; |
523 ctx->errmsg.data = ctx->header_start; | |
524 | |
1136 | 525 switch (s->protocol) { |
526 | |
527 case NGX_MAIL_POP3_PROTOCOL: | |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
528 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; |
1136 | 529 break; |
527 | 530 |
1136 | 531 case NGX_MAIL_IMAP_PROTOCOL: |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
532 size = s->tag.len + sizeof("NO ") - 1 + len |
527 | 533 + sizeof(CRLF) - 1; |
1136 | 534 break; |
535 | |
536 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
537 ctx->err = ctx->errmsg; | |
538 continue; | |
527 | 539 } |
540 | |
2061
b0a1c84725cf
change useless ngx_pcalloc() to ngx_pnalloc()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
541 p = ngx_pnalloc(s->connection->pool, size); |
527 | 542 if (p == NULL) { |
543 | 543 ngx_close_connection(ctx->peer.connection); |
547 | 544 ngx_destroy_pool(ctx->pool); |
1136 | 545 ngx_mail_session_internal_server_error(s); |
527 | 546 return; |
547 } | |
548 | |
549 ctx->err.data = p; | |
550 | |
1136 | 551 switch (s->protocol) { |
527 | 552 |
1136 | 553 case NGX_MAIL_POP3_PROTOCOL: |
554 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; | |
555 break; | |
556 | |
557 case NGX_MAIL_IMAP_PROTOCOL: | |
527 | 558 p = ngx_cpymem(p, s->tag.data, s->tag.len); |
1136 | 559 *p++ = 'N'; *p++ = 'O'; *p++ = ' '; |
560 break; | |
561 | |
562 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
563 break; | |
527 | 564 } |
565 | |
566 p = ngx_cpymem(p, ctx->header_start, len); | |
567 *p++ = CR; *p++ = LF; | |
568 | |
569 ctx->err.len = p - ctx->err.data; | |
570 | |
571 continue; | |
572 } | |
573 | |
574 if (len == sizeof("Auth-Server") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
575 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
576 (u_char *) "Auth-Server", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
577 sizeof("Auth-Server") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
578 == 0) |
527 | 579 { |
580 ctx->addr.len = ctx->header_end - ctx->header_start; | |
581 ctx->addr.data = ctx->header_start; | |
582 | |
583 continue; | |
584 } | |
585 | |
586 if (len == sizeof("Auth-Port") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
587 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
588 (u_char *) "Auth-Port", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
589 sizeof("Auth-Port") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
590 == 0) |
527 | 591 { |
592 ctx->port.len = ctx->header_end - ctx->header_start; | |
593 ctx->port.data = ctx->header_start; | |
594 | |
595 continue; | |
596 } | |
597 | |
598 if (len == sizeof("Auth-User") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
599 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
600 (u_char *) "Auth-User", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
601 sizeof("Auth-User") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
602 == 0) |
527 | 603 { |
604 s->login.len = ctx->header_end - ctx->header_start; | |
567 | 605 |
2049 | 606 s->login.data = ngx_pnalloc(s->connection->pool, s->login.len); |
567 | 607 if (s->login.data == NULL) { |
608 ngx_close_connection(ctx->peer.connection); | |
609 ngx_destroy_pool(ctx->pool); | |
1136 | 610 ngx_mail_session_internal_server_error(s); |
567 | 611 return; |
612 } | |
613 | |
614 ngx_memcpy(s->login.data, ctx->header_start, s->login.len); | |
527 | 615 |
616 continue; | |
617 } | |
618 | |
800 | 619 if (len == sizeof("Auth-Pass") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
620 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
621 (u_char *) "Auth-Pass", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
622 sizeof("Auth-Pass") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
623 == 0) |
800 | 624 { |
625 s->passwd.len = ctx->header_end - ctx->header_start; | |
626 | |
2049 | 627 s->passwd.data = ngx_pnalloc(s->connection->pool, |
628 s->passwd.len); | |
800 | 629 if (s->passwd.data == NULL) { |
630 ngx_close_connection(ctx->peer.connection); | |
631 ngx_destroy_pool(ctx->pool); | |
1136 | 632 ngx_mail_session_internal_server_error(s); |
800 | 633 return; |
634 } | |
635 | |
636 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); | |
637 | |
638 continue; | |
639 } | |
640 | |
527 | 641 if (len == sizeof("Auth-Wait") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
642 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
643 (u_char *) "Auth-Wait", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
644 sizeof("Auth-Wait") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
645 == 0) |
527 | 646 { |
647 n = ngx_atoi(ctx->header_start, | |
648 ctx->header_end - ctx->header_start); | |
649 | |
650 if (n != NGX_ERROR) { | |
651 ctx->sleep = n; | |
652 } | |
653 | |
654 continue; | |
655 } | |
656 | |
1136 | 657 if (len == sizeof("Auth-Error-Code") - 1 |
658 && ngx_strncasecmp(ctx->header_name_start, | |
659 (u_char *) "Auth-Error-Code", | |
660 sizeof("Auth-Error-Code") - 1) | |
661 == 0) | |
662 { | |
663 ctx->errcode.len = ctx->header_end - ctx->header_start; | |
664 | |
2049 | 665 ctx->errcode.data = ngx_pnalloc(s->connection->pool, |
666 ctx->errcode.len); | |
1136 | 667 if (ctx->errcode.data == NULL) { |
668 ngx_close_connection(ctx->peer.connection); | |
669 ngx_destroy_pool(ctx->pool); | |
670 ngx_mail_session_internal_server_error(s); | |
671 return; | |
672 } | |
673 | |
674 ngx_memcpy(ctx->errcode.data, ctx->header_start, | |
675 ctx->errcode.len); | |
676 | |
677 continue; | |
678 } | |
679 | |
527 | 680 /* ignore other headers */ |
681 | |
682 continue; | |
683 } | |
684 | |
685 if (rc == NGX_DONE) { | |
1136 | 686 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
687 "mail auth http header done"); | |
527 | 688 |
689 ngx_close_connection(ctx->peer.connection); | |
690 | |
691 if (ctx->err.len) { | |
1136 | 692 |
567 | 693 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, |
694 "client login failed: \"%V\"", &ctx->errmsg); | |
695 | |
1136 | 696 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
697 | |
698 if (ctx->errcode.len == 0) { | |
699 ctx->errcode = ngx_mail_smtp_errcode; | |
700 } | |
701 | |
702 ctx->err.len = ctx->errcode.len + ctx->errmsg.len | |
703 + sizeof(" " CRLF) - 1; | |
704 | |
2049 | 705 p = ngx_pnalloc(s->connection->pool, ctx->err.len); |
1166 | 706 if (p == NULL) { |
707 ngx_destroy_pool(ctx->pool); | |
708 ngx_mail_session_internal_server_error(s); | |
709 return; | |
710 } | |
1136 | 711 |
1166 | 712 ctx->err.data = p; |
1136 | 713 |
1166 | 714 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); |
1136 | 715 *p++ = ' '; |
1166 | 716 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); |
1136 | 717 *p++ = CR; *p = LF; |
718 } | |
719 | |
539 | 720 s->out = ctx->err; |
547 | 721 timer = ctx->sleep; |
527 | 722 |
547 | 723 ngx_destroy_pool(ctx->pool); |
724 | |
725 if (timer == 0) { | |
539 | 726 s->quit = 1; |
1136 | 727 ngx_mail_send(s->connection->write); |
541 | 728 return; |
729 } | |
539 | 730 |
1640 | 731 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
527 | 732 |
1136 | 733 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
527 | 734 |
735 return; | |
736 } | |
737 | |
883 | 738 if (s->auth_wait) { |
739 timer = ctx->sleep; | |
740 | |
741 ngx_destroy_pool(ctx->pool); | |
742 | |
743 if (timer == 0) { | |
1136 | 744 ngx_mail_auth_http_init(s); |
883 | 745 return; |
746 } | |
747 | |
1640 | 748 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
883 | 749 |
1136 | 750 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
883 | 751 |
752 return; | |
753 } | |
754 | |
527 | 755 if (ctx->addr.len == 0 || ctx->port.len == 0) { |
756 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 757 "auth http server %V did not send server or port", |
884 | 758 ctx->peer.name); |
547 | 759 ngx_destroy_pool(ctx->pool); |
1136 | 760 ngx_mail_session_internal_server_error(s); |
527 | 761 return; |
762 } | |
763 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
764 if (s->passwd.data == NULL |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
765 && s->protocol != NGX_MAIL_SMTP_PROTOCOL) |
1136 | 766 { |
800 | 767 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
768 "auth http server %V did not send password", | |
884 | 769 ctx->peer.name); |
800 | 770 ngx_destroy_pool(ctx->pool); |
1136 | 771 ngx_mail_session_internal_server_error(s); |
800 | 772 return; |
773 } | |
774 | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
775 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_addr_t)); |
884 | 776 if (peer == NULL) { |
547 | 777 ngx_destroy_pool(ctx->pool); |
1136 | 778 ngx_mail_session_internal_server_error(s); |
527 | 779 return; |
780 } | |
781 | |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
782 rc = ngx_parse_addr(s->connection->pool, peer, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
783 ctx->addr.data, ctx->addr.len); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
784 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
785 switch (rc) { |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
786 case NGX_OK: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
787 break; |
2855
a96a8c916b0c
mail proxy listen IPv6 support
Igor Sysoev <igor@sysoev.ru>
parents:
2748
diff
changeset
|
788 |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
789 case NGX_DECLINED: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
790 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
791 "auth http server %V sent invalid server " |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
792 "address:\"%V\"", |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
793 ctx->peer.name, &ctx->addr); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
794 /* fall through */ |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
795 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
796 default: |
547 | 797 ngx_destroy_pool(ctx->pool); |
1136 | 798 ngx_mail_session_internal_server_error(s); |
527 | 799 return; |
800 } | |
801 | |
802 port = ngx_atoi(ctx->port.data, ctx->port.len); | |
4227 | 803 if (port == NGX_ERROR || port < 1 || port > 65535) { |
527 | 804 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
541 | 805 "auth http server %V sent invalid server " |
806 "port:\"%V\"", | |
884 | 807 ctx->peer.name, &ctx->port); |
547 | 808 ngx_destroy_pool(ctx->pool); |
1136 | 809 ngx_mail_session_internal_server_error(s); |
527 | 810 return; |
811 } | |
812 | |
6597 | 813 ngx_inet_set_port(peer->sockaddr, (in_port_t) port); |
527 | 814 |
815 len = ctx->addr.len + 1 + ctx->port.len; | |
816 | |
884 | 817 peer->name.len = len; |
527 | 818 |
2049 | 819 peer->name.data = ngx_pnalloc(s->connection->pool, len); |
884 | 820 if (peer->name.data == NULL) { |
547 | 821 ngx_destroy_pool(ctx->pool); |
1136 | 822 ngx_mail_session_internal_server_error(s); |
527 | 823 return; |
824 } | |
825 | |
826 len = ctx->addr.len; | |
827 | |
884 | 828 ngx_memcpy(peer->name.data, ctx->addr.data, len); |
527 | 829 |
884 | 830 peer->name.data[len++] = ':'; |
527 | 831 |
884 | 832 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); |
527 | 833 |
547 | 834 ngx_destroy_pool(ctx->pool); |
1136 | 835 ngx_mail_proxy_init(s, peer); |
527 | 836 |
837 return; | |
838 } | |
839 | |
840 if (rc == NGX_AGAIN ) { | |
841 return; | |
842 } | |
843 | |
844 /* rc == NGX_ERROR */ | |
845 | |
846 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 847 "auth http server %V sent invalid header in response", |
884 | 848 ctx->peer.name); |
527 | 849 ngx_close_connection(ctx->peer.connection); |
547 | 850 ngx_destroy_pool(ctx->pool); |
1136 | 851 ngx_mail_session_internal_server_error(s); |
527 | 852 |
853 return; | |
854 } | |
855 } | |
856 | |
521 | 857 |
527 | 858 static void |
1136 | 859 ngx_mail_auth_sleep_handler(ngx_event_t *rev) |
527 | 860 { |
543 | 861 ngx_connection_t *c; |
1136 | 862 ngx_mail_session_t *s; |
863 ngx_mail_core_srv_conf_t *cscf; | |
527 | 864 |
1136 | 865 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); |
527 | 866 |
867 c = rev->data; | |
868 s = c->data; | |
869 | |
870 if (rev->timedout) { | |
871 | |
872 rev->timedout = 0; | |
873 | |
883 | 874 if (s->auth_wait) { |
875 s->auth_wait = 0; | |
1136 | 876 ngx_mail_auth_http_init(s); |
883 | 877 return; |
878 } | |
879 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
880 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
527 | 881 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
882 rev->handler = cscf->protocol->auth_state; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
883 |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
884 s->mail_state = 0; |
1136 | 885 s->auth_method = NGX_MAIL_AUTH_PLAIN; |
800 | 886 |
543 | 887 c->log->action = "in auth state"; |
888 | |
1477 | 889 ngx_mail_send(c->write); |
543 | 890 |
583 | 891 if (c->destroyed) { |
543 | 892 return; |
893 } | |
894 | |
895 ngx_add_timer(rev, cscf->timeout); | |
896 | |
527 | 897 if (rev->ready) { |
1477 | 898 rev->handler(rev); |
527 | 899 return; |
900 } | |
901 | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
902 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
1477 | 903 ngx_mail_close_connection(c); |
527 | 904 } |
905 | |
906 return; | |
907 } | |
908 | |
909 if (rev->active) { | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
910 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
1477 | 911 ngx_mail_close_connection(c); |
527 | 912 } |
913 } | |
914 } | |
915 | |
916 | |
917 static ngx_int_t | |
1136 | 918 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
919 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 920 { |
921 u_char c, ch, *p; | |
922 enum { | |
923 sw_start = 0, | |
924 sw_name, | |
925 sw_space_before_value, | |
926 sw_value, | |
927 sw_space_after_value, | |
577 | 928 sw_almost_done, |
527 | 929 sw_header_almost_done |
930 } state; | |
931 | |
577 | 932 state = ctx->state; |
527 | 933 |
934 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
935 ch = *p; | |
936 | |
937 switch (state) { | |
938 | |
939 /* first char */ | |
940 case sw_start: | |
941 | |
942 switch (ch) { | |
943 case CR: | |
577 | 944 ctx->header_end = p; |
527 | 945 state = sw_header_almost_done; |
946 break; | |
577 | 947 case LF: |
527 | 948 ctx->header_end = p; |
949 goto header_done; | |
950 default: | |
951 state = sw_name; | |
952 ctx->header_name_start = p; | |
953 | |
954 c = (u_char) (ch | 0x20); | |
955 if (c >= 'a' && c <= 'z') { | |
956 break; | |
957 } | |
958 | |
959 if (ch >= '0' && ch <= '9') { | |
960 break; | |
961 } | |
962 | |
963 return NGX_ERROR; | |
964 } | |
965 break; | |
966 | |
967 /* header name */ | |
968 case sw_name: | |
969 c = (u_char) (ch | 0x20); | |
970 if (c >= 'a' && c <= 'z') { | |
971 break; | |
972 } | |
973 | |
974 if (ch == ':') { | |
975 ctx->header_name_end = p; | |
976 state = sw_space_before_value; | |
977 break; | |
978 } | |
979 | |
980 if (ch == '-') { | |
981 break; | |
982 } | |
983 | |
984 if (ch >= '0' && ch <= '9') { | |
985 break; | |
986 } | |
987 | |
988 if (ch == CR) { | |
989 ctx->header_name_end = p; | |
990 ctx->header_start = p; | |
991 ctx->header_end = p; | |
992 state = sw_almost_done; | |
993 break; | |
994 } | |
995 | |
996 if (ch == LF) { | |
997 ctx->header_name_end = p; | |
998 ctx->header_start = p; | |
999 ctx->header_end = p; | |
1000 goto done; | |
1001 } | |
1002 | |
1003 return NGX_ERROR; | |
1004 | |
1005 /* space* before header value */ | |
1006 case sw_space_before_value: | |
1007 switch (ch) { | |
1008 case ' ': | |
1009 break; | |
1010 case CR: | |
1011 ctx->header_start = p; | |
1012 ctx->header_end = p; | |
1013 state = sw_almost_done; | |
1014 break; | |
1015 case LF: | |
1016 ctx->header_start = p; | |
1017 ctx->header_end = p; | |
1018 goto done; | |
1019 default: | |
1020 ctx->header_start = p; | |
1021 state = sw_value; | |
1022 break; | |
1023 } | |
1024 break; | |
1025 | |
1026 /* header value */ | |
1027 case sw_value: | |
1028 switch (ch) { | |
1029 case ' ': | |
1030 ctx->header_end = p; | |
1031 state = sw_space_after_value; | |
1032 break; | |
1033 case CR: | |
1034 ctx->header_end = p; | |
1035 state = sw_almost_done; | |
1036 break; | |
1037 case LF: | |
1038 ctx->header_end = p; | |
1039 goto done; | |
1040 } | |
1041 break; | |
1042 | |
1043 /* space* before end of header line */ | |
1044 case sw_space_after_value: | |
1045 switch (ch) { | |
1046 case ' ': | |
1047 break; | |
1048 case CR: | |
1049 state = sw_almost_done; | |
1050 break; | |
1051 case LF: | |
1052 goto done; | |
1053 default: | |
1054 state = sw_value; | |
1055 break; | |
1056 } | |
1057 break; | |
1058 | |
1059 /* end of header line */ | |
1060 case sw_almost_done: | |
1061 switch (ch) { | |
1062 case LF: | |
1063 goto done; | |
1064 default: | |
1065 return NGX_ERROR; | |
1066 } | |
1067 | |
1068 /* end of header */ | |
1069 case sw_header_almost_done: | |
1070 switch (ch) { | |
1071 case LF: | |
1072 goto header_done; | |
1073 default: | |
1074 return NGX_ERROR; | |
1075 } | |
1076 } | |
1077 } | |
1078 | |
1079 ctx->response->pos = p; | |
1080 ctx->state = state; | |
1081 | |
1082 return NGX_AGAIN; | |
1083 | |
1084 done: | |
1085 | |
1086 ctx->response->pos = p + 1; | |
1087 ctx->state = sw_start; | |
1088 | |
1089 return NGX_OK; | |
1090 | |
1091 header_done: | |
1092 | |
1093 ctx->response->pos = p + 1; | |
1094 ctx->state = sw_start; | |
1095 | |
1096 return NGX_DONE; | |
521 | 1097 } |
1098 | |
1099 | |
1100 static void | |
1136 | 1101 ngx_mail_auth_http_block_read(ngx_event_t *rev) |
521 | 1102 { |
1103 ngx_connection_t *c; | |
1136 | 1104 ngx_mail_session_t *s; |
1105 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 1106 |
1136 | 1107 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
1108 "mail auth http block read"); | |
521 | 1109 |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
1110 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
521 | 1111 c = rev->data; |
1112 s = c->data; | |
1113 | |
1136 | 1114 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 1115 |
525 | 1116 ngx_close_connection(ctx->peer.connection); |
547 | 1117 ngx_destroy_pool(ctx->pool); |
1136 | 1118 ngx_mail_session_internal_server_error(s); |
521 | 1119 } |
1120 } | |
1121 | |
1122 | |
1123 static void | |
1136 | 1124 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) |
521 | 1125 { |
1136 | 1126 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, |
1127 "mail auth http dummy handler"); | |
521 | 1128 } |
1129 | |
1130 | |
1131 static ngx_buf_t * | |
1136 | 1132 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, |
1133 ngx_mail_auth_http_conf_t *ahcf) | |
521 | 1134 { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1135 size_t len; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1136 ngx_buf_t *b; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1137 ngx_str_t login, passwd; |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1138 ngx_connection_t *c; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1139 #if (NGX_MAIL_SSL) |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1140 ngx_str_t protocol, cipher, verify, subject, issuer, |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1141 serial, fingerprint, raw_cert, cert; |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1142 ngx_mail_ssl_conf_t *sslcf; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1143 #endif |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1144 ngx_mail_core_srv_conf_t *cscf; |
633 | 1145 |
1136 | 1146 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { |
633 | 1147 return NULL; |
1148 } | |
1149 | |
1136 | 1150 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { |
633 | 1151 return NULL; |
1152 } | |
521 | 1153 |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1154 c = s->connection; |
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1155 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1156 #if (NGX_MAIL_SSL) |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1157 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1158 if (c->ssl) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1159 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1160 if (ngx_ssl_get_protocol(c, pool, &protocol) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1161 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1162 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1163 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1164 protocol.len = ngx_strlen(protocol.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1165 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1166 if (ngx_ssl_get_cipher_name(c, pool, &cipher) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1167 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1168 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1169 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1170 cipher.len = ngx_strlen(cipher.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1171 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1172 } else { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1173 ngx_str_null(&protocol); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1174 ngx_str_null(&cipher); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1175 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1176 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1177 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1178 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1179 if (c->ssl && sslcf->verify) { |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1180 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1181 /* certificate details */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1182 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1183 if (ngx_ssl_get_client_verify(c, pool, &verify) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1184 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1185 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1186 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1187 if (ngx_ssl_get_subject_dn(c, pool, &subject) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1188 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1189 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1190 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1191 if (ngx_ssl_get_issuer_dn(c, pool, &issuer) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1192 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1193 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1194 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1195 if (ngx_ssl_get_serial_number(c, pool, &serial) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1196 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1197 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1198 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1199 if (ngx_ssl_get_fingerprint(c, pool, &fingerprint) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1200 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1201 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1202 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1203 if (ahcf->pass_client_cert) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1204 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1205 /* certificate itself, if configured */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1206 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1207 if (ngx_ssl_get_raw_certificate(c, pool, &raw_cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1208 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1209 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1210 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1211 if (ngx_mail_auth_http_escape(pool, &raw_cert, &cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1212 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1213 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1214 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1215 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1216 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1217 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1218 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1219 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1220 ngx_str_null(&verify); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1221 ngx_str_null(&subject); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1222 ngx_str_null(&issuer); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1223 ngx_str_null(&serial); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1224 ngx_str_null(&fingerprint); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1225 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1226 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1227 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1228 #endif |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1229 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1230 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1231 |
521 | 1232 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 |
1233 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 | |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1234 + sizeof("Auth-Method: ") - 1 |
1136 | 1235 + ngx_mail_auth_http_method[s->auth_method].len |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1236 + sizeof(CRLF) - 1 |
633 | 1237 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 |
1238 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 | |
800 | 1239 + sizeof("Auth-Salt: ") - 1 + s->salt.len |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1240 + sizeof("Auth-Protocol: ") - 1 + cscf->protocol->name.len |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1241 + sizeof(CRLF) - 1 |
527 | 1242 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1243 + sizeof(CRLF) - 1 | |
521 | 1244 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1245 + sizeof(CRLF) - 1 | |
2309 | 1246 + sizeof("Client-Host: ") - 1 + s->host.len + sizeof(CRLF) - 1 |
1285
0c10dc6a8e74
fix memory allocation for auth_http_header
Igor Sysoev <igor@sysoev.ru>
parents:
1166
diff
changeset
|
1247 + ahcf->header.len |
521 | 1248 + sizeof(CRLF) - 1; |
1249 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1250 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1251 len += sizeof("Proxy-Protocol-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1252 + c->proxy_protocol->src_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1253 + sizeof("Proxy-Protocol-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1254 + sizeof("65535") - 1 + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1255 + sizeof("Proxy-Protocol-Server-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1256 + c->proxy_protocol->dst_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1257 + sizeof("Proxy-Protocol-Server-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1258 + sizeof("65535") - 1 + sizeof(CRLF) - 1; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1259 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1260 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1261 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1262 len += sizeof("Auth-SMTP-Helo: ") - 1 + s->smtp_helo.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1263 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1264 + sizeof("Auth-SMTP-From: ") - 1 + s->smtp_from.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1265 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1266 + sizeof("Auth-SMTP-To: ") - 1 + s->smtp_to.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1267 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1268 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1269 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1270 #if (NGX_MAIL_SSL) |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1271 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1272 if (c->ssl) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1273 len += sizeof("Auth-SSL: on" CRLF) - 1 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1274 + sizeof("Auth-SSL-Protocol: ") - 1 + protocol.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1275 + sizeof(CRLF) - 1 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1276 + sizeof("Auth-SSL-Cipher: ") - 1 + cipher.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1277 + sizeof(CRLF) - 1 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1278 + sizeof("Auth-SSL-Verify: ") - 1 + verify.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1279 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1280 + sizeof("Auth-SSL-Subject: ") - 1 + subject.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1281 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1282 + sizeof("Auth-SSL-Issuer: ") - 1 + issuer.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1283 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1284 + sizeof("Auth-SSL-Serial: ") - 1 + serial.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1285 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1286 + sizeof("Auth-SSL-Fingerprint: ") - 1 + fingerprint.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1287 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1288 + sizeof("Auth-SSL-Cert: ") - 1 + cert.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1289 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1290 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1291 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1292 #endif |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1293 |
547 | 1294 b = ngx_create_temp_buf(pool, len); |
521 | 1295 if (b == NULL) { |
1296 return NULL; | |
1297 } | |
1298 | |
1299 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | |
573 | 1300 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
521 | 1301 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
1302 sizeof(" HTTP/1.0" CRLF) - 1); | |
1303 | |
1304 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | |
573 | 1305 b->last = ngx_copy(b->last, ahcf->host_header.data, |
521 | 1306 ahcf->host_header.len); |
1307 *b->last++ = CR; *b->last++ = LF; | |
1308 | |
800 | 1309 b->last = ngx_cpymem(b->last, "Auth-Method: ", |
1310 sizeof("Auth-Method: ") - 1); | |
1311 b->last = ngx_cpymem(b->last, | |
1136 | 1312 ngx_mail_auth_http_method[s->auth_method].data, |
1313 ngx_mail_auth_http_method[s->auth_method].len); | |
800 | 1314 *b->last++ = CR; *b->last++ = LF; |
521 | 1315 |
1316 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | |
633 | 1317 b->last = ngx_copy(b->last, login.data, login.len); |
521 | 1318 *b->last++ = CR; *b->last++ = LF; |
1319 | |
1320 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | |
633 | 1321 b->last = ngx_copy(b->last, passwd.data, passwd.len); |
521 | 1322 *b->last++ = CR; *b->last++ = LF; |
1323 | |
1136 | 1324 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { |
800 | 1325 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); |
1326 b->last = ngx_copy(b->last, s->salt.data, s->salt.len); | |
1327 | |
1328 s->passwd.data = NULL; | |
1329 } | |
1330 | |
521 | 1331 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1332 sizeof("Auth-Protocol: ") - 1); | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1333 b->last = ngx_cpymem(b->last, cscf->protocol->name.data, |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1334 cscf->protocol->name.len); |
521 | 1335 *b->last++ = CR; *b->last++ = LF; |
1336 | |
527 | 1337 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1338 s->login_attempt); | |
1339 | |
521 | 1340 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
573 | 1341 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
2309 | 1342 s->connection->addr_text.len); |
521 | 1343 *b->last++ = CR; *b->last++ = LF; |
1344 | |
2309 | 1345 if (s->host.len) { |
1346 b->last = ngx_cpymem(b->last, "Client-Host: ", | |
1347 sizeof("Client-Host: ") - 1); | |
1348 b->last = ngx_copy(b->last, s->host.data, s->host.len); | |
1349 *b->last++ = CR; *b->last++ = LF; | |
1350 } | |
1351 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1352 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1353 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1354 sizeof("Proxy-Protocol-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1355 b->last = ngx_copy(b->last, c->proxy_protocol->src_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1356 c->proxy_protocol->src_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1357 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1358 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1359 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1360 c->proxy_protocol->src_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1361 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1362 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Server-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1363 sizeof("Proxy-Protocol-Server-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1364 b->last = ngx_copy(b->last, c->proxy_protocol->dst_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1365 c->proxy_protocol->dst_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1366 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1367 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1368 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Server-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1369 c->proxy_protocol->dst_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1370 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1371 |
2309 | 1372 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
1373 | |
1374 /* HELO, MAIL FROM, and RCPT TO can't contain CRLF, no need to escape */ | |
1375 | |
1376 b->last = ngx_cpymem(b->last, "Auth-SMTP-Helo: ", | |
1377 sizeof("Auth-SMTP-Helo: ") - 1); | |
1378 b->last = ngx_copy(b->last, s->smtp_helo.data, s->smtp_helo.len); | |
1379 *b->last++ = CR; *b->last++ = LF; | |
1380 | |
1381 b->last = ngx_cpymem(b->last, "Auth-SMTP-From: ", | |
1382 sizeof("Auth-SMTP-From: ") - 1); | |
1383 b->last = ngx_copy(b->last, s->smtp_from.data, s->smtp_from.len); | |
1384 *b->last++ = CR; *b->last++ = LF; | |
1385 | |
1386 b->last = ngx_cpymem(b->last, "Auth-SMTP-To: ", | |
1387 sizeof("Auth-SMTP-To: ") - 1); | |
1388 b->last = ngx_copy(b->last, s->smtp_to.data, s->smtp_to.len); | |
1389 *b->last++ = CR; *b->last++ = LF; | |
1390 | |
1391 } | |
1392 | |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1393 #if (NGX_MAIL_SSL) |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1394 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1395 if (c->ssl) { |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1396 b->last = ngx_cpymem(b->last, "Auth-SSL: on" CRLF, |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1397 sizeof("Auth-SSL: on" CRLF) - 1); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1398 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1399 if (protocol.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1400 b->last = ngx_cpymem(b->last, "Auth-SSL-Protocol: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1401 sizeof("Auth-SSL-Protocol: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1402 b->last = ngx_copy(b->last, protocol.data, protocol.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1403 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1404 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1405 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1406 if (cipher.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1407 b->last = ngx_cpymem(b->last, "Auth-SSL-Cipher: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1408 sizeof("Auth-SSL-Cipher: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1409 b->last = ngx_copy(b->last, cipher.data, cipher.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1410 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1411 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1412 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1413 if (verify.len) { |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1414 b->last = ngx_cpymem(b->last, "Auth-SSL-Verify: ", |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1415 sizeof("Auth-SSL-Verify: ") - 1); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1416 b->last = ngx_copy(b->last, verify.data, verify.len); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1417 *b->last++ = CR; *b->last++ = LF; |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1418 } |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1419 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1420 if (subject.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1421 b->last = ngx_cpymem(b->last, "Auth-SSL-Subject: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1422 sizeof("Auth-SSL-Subject: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1423 b->last = ngx_copy(b->last, subject.data, subject.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1424 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1425 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1426 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1427 if (issuer.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1428 b->last = ngx_cpymem(b->last, "Auth-SSL-Issuer: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1429 sizeof("Auth-SSL-Issuer: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1430 b->last = ngx_copy(b->last, issuer.data, issuer.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1431 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1432 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1433 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1434 if (serial.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1435 b->last = ngx_cpymem(b->last, "Auth-SSL-Serial: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1436 sizeof("Auth-SSL-Serial: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1437 b->last = ngx_copy(b->last, serial.data, serial.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1438 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1439 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1440 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1441 if (fingerprint.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1442 b->last = ngx_cpymem(b->last, "Auth-SSL-Fingerprint: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1443 sizeof("Auth-SSL-Fingerprint: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1444 b->last = ngx_copy(b->last, fingerprint.data, fingerprint.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1445 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1446 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1447 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1448 if (cert.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1449 b->last = ngx_cpymem(b->last, "Auth-SSL-Cert: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1450 sizeof("Auth-SSL-Cert: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1451 b->last = ngx_copy(b->last, cert.data, cert.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1452 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1453 } |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1454 } |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1455 |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1456 #endif |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1457 |
573 | 1458 if (ahcf->header.len) { |
1459 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1460 } | |
1461 | |
521 | 1462 /* add "\r\n" at the header end */ |
1463 *b->last++ = CR; *b->last++ = LF; | |
1464 | |
1136 | 1465 #if (NGX_DEBUG_MAIL_PASSWD) |
6001
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1466 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1467 "mail auth http header:%N\"%*s\"", |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1468 (size_t) (b->last - b->pos), b->pos); |
521 | 1469 #endif |
1470 | |
1471 return b; | |
1472 } | |
1473 | |
1474 | |
633 | 1475 static ngx_int_t |
1136 | 1476 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) |
633 | 1477 { |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1478 u_char *p; |
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1479 uintptr_t n; |
633 | 1480 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1481 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1482 |
1483 if (n == 0) { | |
1484 *escaped = *text; | |
1485 return NGX_OK; | |
1486 } | |
1487 | |
1488 escaped->len = text->len + n * 2; | |
1489 | |
2049 | 1490 p = ngx_pnalloc(pool, escaped->len); |
633 | 1491 if (p == NULL) { |
1492 return NGX_ERROR; | |
1493 } | |
1494 | |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1495 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1496 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1497 escaped->data = p; |
633 | 1498 |
1499 return NGX_OK; | |
1500 } | |
1501 | |
1502 | |
521 | 1503 static void * |
1136 | 1504 ngx_mail_auth_http_create_conf(ngx_conf_t *cf) |
577 | 1505 { |
1136 | 1506 ngx_mail_auth_http_conf_t *ahcf; |
577 | 1507 |
1136 | 1508 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); |
521 | 1509 if (ahcf == NULL) { |
2912
c7d57b539248
return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents:
2855
diff
changeset
|
1510 return NULL; |
521 | 1511 } |
1512 | |
1513 ahcf->timeout = NGX_CONF_UNSET_MSEC; | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1514 ahcf->pass_client_cert = NGX_CONF_UNSET; |
521 | 1515 |
1392 | 1516 ahcf->file = cf->conf_file->file.name.data; |
1517 ahcf->line = cf->conf_file->line; | |
1518 | |
521 | 1519 return ahcf; |
1520 } | |
1521 | |
1522 | |
1523 static char * | |
1136 | 1524 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
521 | 1525 { |
1136 | 1526 ngx_mail_auth_http_conf_t *prev = parent; |
1527 ngx_mail_auth_http_conf_t *conf = child; | |
521 | 1528 |
573 | 1529 u_char *p; |
1530 size_t len; | |
1531 ngx_uint_t i; | |
1532 ngx_table_elt_t *header; | |
1533 | |
884 | 1534 if (conf->peer == NULL) { |
1535 conf->peer = prev->peer; | |
521 | 1536 conf->host_header = prev->host_header; |
1537 conf->uri = prev->uri; | |
1392 | 1538 |
1539 if (conf->peer == NULL) { | |
1540 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4812
785ae4de268b
Corrected the directive name in the ngx_mail_auth_http_module error message.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
1541 "no \"auth_http\" is defined for server in %s:%ui", |
1392 | 1542 conf->file, conf->line); |
1543 | |
1544 return NGX_CONF_ERROR; | |
1545 } | |
521 | 1546 } |
1547 | |
1548 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | |
1549 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1550 ngx_conf_merge_value(conf->pass_client_cert, prev->pass_client_cert, 0); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1551 |
573 | 1552 if (conf->headers == NULL) { |
1553 conf->headers = prev->headers; | |
1554 conf->header = prev->header; | |
1555 } | |
1556 | |
1557 if (conf->headers && conf->header.len == 0) { | |
1558 len = 0; | |
1559 header = conf->headers->elts; | |
1560 for (i = 0; i < conf->headers->nelts; i++) { | |
1561 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1562 } | |
1563 | |
2049 | 1564 p = ngx_pnalloc(cf->pool, len); |
573 | 1565 if (p == NULL) { |
1566 return NGX_CONF_ERROR; | |
1567 } | |
1568 | |
1569 conf->header.len = len; | |
1570 conf->header.data = p; | |
1571 | |
1572 for (i = 0; i < conf->headers->nelts; i++) { | |
1573 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1574 *p++ = ':'; *p++ = ' '; | |
1575 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1576 *p++ = CR; *p++ = LF; | |
1577 } | |
1578 } | |
1579 | |
521 | 1580 return NGX_CONF_OK; |
1581 } | |
1582 | |
1583 | |
1584 static char * | |
1136 | 1585 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1586 { |
1136 | 1587 ngx_mail_auth_http_conf_t *ahcf = conf; |
521 | 1588 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1589 ngx_str_t *value; |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1590 ngx_url_t u; |
573 | 1591 |
521 | 1592 value = cf->args->elts; |
1593 | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1594 ngx_memzero(&u, sizeof(ngx_url_t)); |
521 | 1595 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1596 u.url = value[1]; |
906 | 1597 u.default_port = 80; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1598 u.uri_part = 1; |
577 | 1599 |
1391
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1600 if (ngx_strncmp(u.url.data, "http://", 7) == 0) { |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1601 u.url.len -= 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1602 u.url.data += 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1603 } |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1604 |
1559
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
1487
diff
changeset
|
1605 if (ngx_parse_url(cf->pool, &u) != NGX_OK) { |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1606 if (u.err) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1607 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1608 "%s in auth_http \"%V\"", u.err, &u.url); |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1609 } |
1390 | 1610 |
1611 return NGX_CONF_ERROR; | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1612 } |
521 | 1613 |
884 | 1614 ahcf->peer = u.addrs; |
521 | 1615 |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1616 if (u.family != AF_UNIX) { |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1617 ahcf->host_header = u.host; |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1618 |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1619 } else { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1620 ngx_str_set(&ahcf->host_header, "localhost"); |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1621 } |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1622 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1623 ahcf->uri = u.uri; |
521 | 1624 |
559 | 1625 if (ahcf->uri.len == 0) { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1626 ngx_str_set(&ahcf->uri, "/"); |
555 | 1627 } |
1628 | |
521 | 1629 return NGX_CONF_OK; |
1630 } | |
573 | 1631 |
1632 | |
1633 static char * | |
1136 | 1634 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1635 { |
1136 | 1636 ngx_mail_auth_http_conf_t *ahcf = conf; |
573 | 1637 |
1638 ngx_str_t *value; | |
1639 ngx_table_elt_t *header; | |
1640 | |
1641 if (ahcf->headers == NULL) { | |
1642 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1643 if (ahcf->headers == NULL) { | |
1644 return NGX_CONF_ERROR; | |
1645 } | |
1646 } | |
1647 | |
1648 header = ngx_array_push(ahcf->headers); | |
1649 if (header == NULL) { | |
1650 return NGX_CONF_ERROR; | |
1651 } | |
1652 | |
1653 value = cf->args->elts; | |
1654 | |
1655 header->key = value[1]; | |
1656 header->value = value[2]; | |
1657 | |
1658 return NGX_CONF_OK; | |
1659 } |