Mercurial > hg > nginx
diff src/mail/ngx_mail_handler.c @ 9236:d9a52ebb9b00
Mail: max_commands directive.
The directive specifies the maximum number of commands allowed during
authentication, after which the connection is closed. The default
limit is 1000, which is not expected to affect any well-behaving clients,
since authentication usually requires at most several commands, though
will effectively stop malicious clients from flooding the server with
with commands.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 30 Mar 2024 05:05:53 +0300 |
parents | 9ca12c957304 |
children | f83cb031a4a4 |
line wrap: on
line diff
--- a/src/mail/ngx_mail_handler.c Sat Mar 30 05:05:31 2024 +0300 +++ b/src/mail/ngx_mail_handler.c Sat Mar 30 05:05:53 2024 +0300 @@ -896,6 +896,18 @@ return NGX_ERROR; } + s->commands++; + + if (s->commands > cscf->max_commands) { + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent too many commands"); + + s->quit = 1; + + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + return NGX_OK; }