Mail: fixed EXTERNAL to be accepted only if enabled. As originally implemented in 6774:bcb107bb89cd, it wasn't possible to disable the EXTERNAL authentication method: it was always accepted (but not advertised unless enabled). It is, however, believed that it is better to reject attempts to use the disabled method, hence in 6869:b2915d99ee8d an attempt was made to address this. This attempt was insufficient though: it was still possible to use the method as long as initial SASL response was used. With this patch both challenge-response and initial response forms are disabled. Additionally, initial response handling for the PLAIN authentication is removed from ngx_mail_auth_parse(), for consistency and to don't provoke such bugs.

/*
 * Copyright (C) Igor Sysoev
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_SHA1_H_INCLUDED_
#define _NGX_SHA1_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>


typedef struct {
    uint64_t  bytes;
    uint32_t  a, b, c, d, e, f;
    u_char    buffer[64];
} ngx_sha1_t;


void ngx_sha1_init(ngx_sha1_t *ctx);
void ngx_sha1_update(ngx_sha1_t *ctx, const void *data, size_t size);
void ngx_sha1_final(u_char result[20], ngx_sha1_t *ctx);


#endif /* _NGX_SHA1_H_INCLUDED_ */