Mercurial > hg > nginx
view src/http/v3/ngx_http_v3_parse.h @ 9287:32d4582c484d
Mail: fixed EXTERNAL to be accepted only if enabled.
As originally implemented in 6774:bcb107bb89cd, it wasn't possible to
disable the EXTERNAL authentication method: it was always accepted
(but not advertised unless enabled). It is, however, believed that
it is better to reject attempts to use the disabled method, hence in
6869:b2915d99ee8d an attempt was made to address this. This attempt
was insufficient though: it was still possible to use the method as long
as initial SASL response was used.
With this patch both challenge-response and initial response forms are
disabled. Additionally, initial response handling for the PLAIN
authentication is removed from ngx_mail_auth_parse(), for consistency
and to don't provoke such bugs.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 03 Jun 2024 18:03:05 +0300 |
parents | d6e191a583cc |
children |
line wrap: on
line source
/* * Copyright (C) Roman Arutyunyan * Copyright (C) Nginx, Inc. */ #ifndef _NGX_HTTP_V3_PARSE_H_INCLUDED_ #define _NGX_HTTP_V3_PARSE_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_http.h> typedef struct { ngx_uint_t state; uint64_t value; } ngx_http_v3_parse_varlen_int_t; typedef struct { ngx_uint_t state; ngx_uint_t shift; uint64_t value; } ngx_http_v3_parse_prefix_int_t; typedef struct { ngx_uint_t state; uint64_t id; ngx_http_v3_parse_varlen_int_t vlint; } ngx_http_v3_parse_settings_t; typedef struct { ngx_uint_t state; ngx_uint_t insert_count; ngx_uint_t delta_base; ngx_uint_t sign; ngx_uint_t base; ngx_http_v3_parse_prefix_int_t pint; } ngx_http_v3_parse_field_section_prefix_t; typedef struct { ngx_uint_t state; ngx_uint_t length; ngx_uint_t huffman; ngx_str_t value; u_char *last; u_char huffstate; } ngx_http_v3_parse_literal_t; typedef struct { ngx_uint_t state; ngx_uint_t index; ngx_uint_t base; ngx_uint_t dynamic; ngx_str_t name; ngx_str_t value; ngx_http_v3_parse_prefix_int_t pint; ngx_http_v3_parse_literal_t literal; } ngx_http_v3_parse_field_t; typedef struct { ngx_uint_t state; ngx_http_v3_parse_field_t field; } ngx_http_v3_parse_field_rep_t; typedef struct { ngx_uint_t state; ngx_uint_t type; ngx_uint_t length; ngx_http_v3_parse_varlen_int_t vlint; ngx_http_v3_parse_field_section_prefix_t prefix; ngx_http_v3_parse_field_rep_t field_rep; } ngx_http_v3_parse_headers_t; typedef struct { ngx_uint_t state; ngx_http_v3_parse_field_t field; ngx_http_v3_parse_prefix_int_t pint; } ngx_http_v3_parse_encoder_t; typedef struct { ngx_uint_t state; ngx_http_v3_parse_prefix_int_t pint; } ngx_http_v3_parse_decoder_t; typedef struct { ngx_uint_t state; ngx_uint_t type; ngx_uint_t length; ngx_http_v3_parse_varlen_int_t vlint; ngx_http_v3_parse_settings_t settings; } ngx_http_v3_parse_control_t; typedef struct { ngx_uint_t state; ngx_http_v3_parse_varlen_int_t vlint; union { ngx_http_v3_parse_encoder_t encoder; ngx_http_v3_parse_decoder_t decoder; ngx_http_v3_parse_control_t control; } u; } ngx_http_v3_parse_uni_t; typedef struct { ngx_uint_t state; ngx_uint_t type; ngx_uint_t length; ngx_http_v3_parse_varlen_int_t vlint; } ngx_http_v3_parse_data_t; /* * Parse functions return codes: * NGX_DONE - parsing done * NGX_OK - sub-element done * NGX_AGAIN - more data expected * NGX_BUSY - waiting for external event * NGX_ERROR - internal error * NGX_HTTP_V3_ERROR_XXX - HTTP/3 or QPACK error */ ngx_int_t ngx_http_v3_parse_headers(ngx_connection_t *c, ngx_http_v3_parse_headers_t *st, ngx_buf_t *b); ngx_int_t ngx_http_v3_parse_data(ngx_connection_t *c, ngx_http_v3_parse_data_t *st, ngx_buf_t *b); ngx_int_t ngx_http_v3_parse_uni(ngx_connection_t *c, ngx_http_v3_parse_uni_t *st, ngx_buf_t *b); #endif /* _NGX_HTTP_V3_PARSE_H_INCLUDED_ */