static void
ngx_mail_ssl_handshake_handler(ngx_connection_t *c)
{
ngx_mail_session_t *s;
ngx_mail_core_srv_conf_t *cscf;
s = c->data;
if (c->ssl->handshaked) {
if (s->starttls) {
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
c->read->handler = cscf->protocol->init_protocol;
c->write->handler = ngx_mail_send;
cscf->protocol->init_protocol(c->read);
return;
}
/* temporary: differ client from server via buffer check */
if (!c->ssl->buffer) {
c->read->ready = 0;
ngx_mail_init_session(c);
} else {
ngx_mail_proxy_start(c);
}
return;
}
(c->ssl->buffer == 0) ? ngx_mail_close_connection(c) :
ngx_mail_proxy_internal_server_error(s);
}
void
ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_int_t dir)
{
ngx_mail_session_t *s;
ngx_mail_core_srv_conf_t *cscf;
s = c->data;
if (dir == NGX_MAIL_SECURE_DIR_IN) {
if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) {
ngx_mail_close_connection(c);
return;
}
} else {
if (ngx_ssl_create_connection(ssl, c, NGX_SSL_BUFFER|NGX_SSL_CLIENT)
== NGX_ERROR) {
ngx_mail_proxy_internal_server_error(s);
return;
}
}
if (ngx_ssl_handshake(c) == NGX_AGAIN) {
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
/* expected that for upstream, one is set already */
if (dir == NGX_MAIL_SECURE_DIR_IN)
ngx_add_timer(c->read, cscf->timeout);
c->ssl->handler = ngx_mail_ssl_handshake_handler;
return;
}
ngx_mail_ssl_handshake_handler(c);
}
static void
ngx_mail_proxy_smtp_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_buf_t *b;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy smtp auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, s->mail_state);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_smtp_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send ehlo");
s->connection->log->action = "sending HELO/EHLO to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
line.len = sizeof("HELO ") - 1 + cscf->server_name.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
p = ngx_cpymem(line.data,
((s->esmtp || pcf->xclient) ? "EHLO " : "HELO "),
sizeof("HELO ") - 1);
p = ngx_cpymem(p, cscf->server_name.data, cscf->server_name.len);
*p++ = CR; *p = LF;
if (pcf->xclient) {
s->mail_state = ngx_smtp_helo_xclient;
} else if (s->auth_method == NGX_MAIL_AUTH_NONE) {
s->mail_state = ngx_smtp_helo_from;
} else {
s->mail_state = ngx_smtp_helo;
}
break;
case ngx_smtp_helo_xclient:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send xclient");
s->connection->log->action = "sending XCLIENT to upstream";
line.len = sizeof("XCLIENT ADDR= LOGIN= NAME="
CRLF) - 1
+ s->connection->addr_text.len + s->login.len + s->host.len;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data,
"XCLIENT ADDR=%V%s%V NAME=%V" CRLF,
&s->connection->addr_text,
(s->login.len ? " LOGIN="******""), &s->login, &s->host)
- line.data;
if (s->smtp_helo.len) {
s->mail_state = ngx_smtp_xclient_helo;
} else if (s->auth_method == NGX_MAIL_AUTH_NONE) {
s->mail_state = ngx_smtp_xclient_from;
} else {
s->mail_state = ngx_smtp_xclient;
}
break;
case ngx_smtp_xclient_helo:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send client ehlo");
s->connection->log->action = "sending client HELO/EHLO to upstream";
line.len = sizeof("HELO " CRLF) - 1 + s->smtp_helo.len;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data,
((s->esmtp) ? "EHLO %V" CRLF : "HELO %V" CRLF),
&s->smtp_helo)
- line.data;
s->mail_state = (s->auth_method == NGX_MAIL_AUTH_NONE) ?
ngx_smtp_helo_from : ngx_smtp_helo;
break;
case ngx_smtp_helo_from:
case ngx_smtp_xclient_from:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send mail from");
s->connection->log->action = "sending MAIL FROM to upstream";
line.len = s->smtp_from.len + sizeof(CRLF) - 1;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->smtp_from.data, s->smtp_from.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_smtp_from;
break;
case ngx_smtp_from:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send rcpt to");
s->connection->log->action = "sending RCPT TO to upstream";
line.len = s->smtp_to.len + sizeof(CRLF) - 1;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->smtp_to.data, s->smtp_to.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_smtp_to;
break;
case ngx_smtp_helo:
case ngx_smtp_xclient:
case ngx_smtp_to:
b = s->proxy->buffer;
if (s->auth_method == NGX_MAIL_AUTH_NONE) {
b->pos = b->start;
} else {
ngx_memcpy(b->start, smtp_auth_ok, sizeof(smtp_auth_ok) - 1);
b->last = b->start + sizeof(smtp_auth_ok) - 1;
}
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
line.len = 0;
line.data = NULL;
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
static void
ngx_mail_proxy_imap_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy imap auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, s->mail_state);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_imap_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send login");
s->connection->log->action = "sending LOGIN command to upstream";
line.len = s->tag.len + sizeof("LOGIN ") - 1
+ 1 + NGX_SIZE_T_LEN + 1 + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data, "%VLOGIN {%uz}" CRLF,
&s->tag, s->login.len)
- line.data;
s->mail_state = ngx_imap_login;
break;
case ngx_imap_login:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = s->login.len + 1 + 1 + NGX_SIZE_T_LEN + 1 + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data, "%V {%uz}" CRLF,
&s->login, s->passwd.len)
- line.data;
s->mail_state = ngx_imap_user;
break;
case ngx_imap_user:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send passwd");
s->connection->log->action = "sending password to upstream";
line.len = s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->passwd.data, s->passwd.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_imap_passwd;
break;
case ngx_imap_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
line.len = 0;
line.data = NULL;
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
void
ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_peer_addr_t *peer)
{
int keepalive;
ngx_int_t rc;
ngx_mail_proxy_ctx_t *p;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
s->connection->log->action = "connecting to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
if (cscf->so_keepalive) {
keepalive = 1;
if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE,
(const void *) &keepalive, sizeof(int))
== -1)
{
ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno,
"setsockopt(SO_KEEPALIVE) failed");
}
}
p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));
if (p == NULL) {
ngx_mail_session_internal_server_error(s);
return;
}
s->proxy = p;
p->upstream.sockaddr = peer->sockaddr;
p->upstream.socklen = peer->socklen;
p->upstream.name = &peer->name;
p->upstream.get = ngx_event_get_peer;
p->upstream.log = s->connection->log;
p->upstream.log_error = NGX_ERROR_ERR;
rc = ngx_event_connect_peer(&p->upstream);
if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
ngx_mail_proxy_internal_server_error(s);
return;
}
ngx_add_timer(p->upstream.connection->read, cscf->timeout);
p->upstream.connection->data = s;
p->upstream.connection->pool = s->connection->pool;
s->connection->read->handler = ngx_mail_proxy_block_read;
p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,
pcf->buffer_size);
if (s->proxy->buffer == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
s->out.len = 0;
switch (s->protocol) {
case NGX_MAIL_POP3_PROTOCOL:
p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler;
s->mail_state = ngx_pop3_start;
break;
case NGX_MAIL_IMAP_PROTOCOL:
p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler;
s->mail_state = ngx_imap_start;
break;
default: /* NGX_MAIL_SMTP_PROTOCOL */
p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler;
s->mail_state = ngx_smtp_start;
break;
}
}
void
ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer)
{
int keepalive;
ngx_int_t rc;
ngx_int_t secured = 0;
ngx_mail_proxy_ctx_t *p;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
ngx_mail_ssl_conf_t *sslcf;
s->connection->log->action = "connecting to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
if (cscf->so_keepalive) {
keepalive = 1;
if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE,
(const void *) &keepalive, sizeof(int))
== -1)
{
ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno,
"setsockopt(SO_KEEPALIVE) failed");
}
}
p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));
if (p == NULL) {
ngx_mail_session_internal_server_error(s);
return;
}
s->proxy = p;
p->upstream.sockaddr = peer->sockaddr;
p->upstream.socklen = peer->socklen;
p->upstream.name = &peer->name;
p->upstream.get = ngx_event_get_peer;
p->upstream.log = s->connection->log;
p->upstream.log_error = NGX_ERROR_ERR;
rc = ngx_event_connect_peer(&p->upstream);
if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
ngx_mail_proxy_internal_server_error(s);
return;
}
ngx_add_timer(p->upstream.connection->read, cscf->timeout);
p->upstream.connection->data = s;
p->upstream.connection->pool = s->connection->pool;
s->connection->read->handler = ngx_mail_proxy_block_read;
p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler;
#if (NGX_MAIL_SSL)
if (s->auth_security) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->ssl.ctx) {
s->connection->log->action = "SSL handshaking";
ngx_mail_ssl_init_connection(&sslcf->ssl,
p->upstream.connection,
NGX_MAIL_SECURE_DIR_OUT);
secured = 1;
} else {
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"failed to get SSL context;");
ngx_mail_proxy_internal_server_error(s);
return;
}
}
#endif
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,
pcf->buffer_size);
if (s->proxy->buffer == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
s->out.len = 0;
/* state will be changed in the ssl init routine */
if (!secured)
ngx_mail_proxy_start(p->upstream.connection);
}
static void
ngx_mail_proxy_pop3_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy pop3 auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, 0);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_pop3_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = sizeof("USER ") - 1 + s->login.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1);
p = ngx_cpymem(p, s->login.data, s->login.len);
*p++ = CR;
*p = LF;
s->mail_state = ngx_pop3_user;
break;
case ngx_pop3_user:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass");
s->connection->log->action = "sending password to upstream";
line.len = sizeof("PASS ") - 1 + s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1);
p = ngx_cpymem(p, s->passwd.data, s->passwd.len);
*p++ = CR;
*p = LF;
s->mail_state = ngx_pop3_passwd;
break;
case ngx_pop3_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout, NGX_FUNC_LINE);
ngx_del_timer(c->read, NGX_FUNC_LINE);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
ngx_str_null(&line);
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
void
ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer)
{
ngx_int_t rc;
ngx_mail_proxy_ctx_t *p;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
s->connection->log->action = "connecting to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));
if (p == NULL) {
ngx_mail_session_internal_server_error(s);
return;
}
s->proxy = p;
p->upstream.sockaddr = peer->sockaddr;
p->upstream.socklen = peer->socklen;
p->upstream.name = &peer->name;
p->upstream.get = ngx_event_get_peer;
p->upstream.log = s->connection->log;
p->upstream.log_error = NGX_ERROR_ERR;
rc = ngx_event_connect_peer(&p->upstream);
if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
ngx_mail_proxy_internal_server_error(s);
return;
}
ngx_add_timer(p->upstream.connection->read, cscf->timeout, NGX_FUNC_LINE);
p->upstream.connection->data = s;
p->upstream.connection->pool = s->connection->pool;
s->connection->read->handler = ngx_mail_proxy_block_read;
p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,
pcf->buffer_size);
if (s->proxy->buffer == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
s->out.len = 0;
switch (s->protocol) {
case NGX_MAIL_POP3_PROTOCOL:
p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler;
s->mail_state = ngx_pop3_start;
break;
case NGX_MAIL_IMAP_PROTOCOL:
p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler;
s->mail_state = ngx_imap_start;
break;
default: /* NGX_MAIL_SMTP_PROTOCOL */
p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler;
s->mail_state = ngx_smtp_start;
break;
}
}
/* 与POP3邮件服务器认证交互的过程 */
static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;//保存发往上游邮件服务器的消息
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy pop3 auth handler");
c = rev->data;//获取nginx与上游的连接
s = c->data;//获取ngx_mail_session_t结构体
/* 如果读取上游邮件服务器响应超时,则向客户端发送错误响应 */
if (rev->timedout)
{
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, 0);//读取上游邮件服务器发来的响应到buffer缓冲区中
/* 还需要继续接收邮件服务器的消息 */
if (rc == NGX_AGAIN)
{
return;
}
/* 消息不合法或者邮件服务器没有通过验证,则返回错误给客户端 */
if (rc == NGX_ERROR)
{
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state)
{
case ngx_pop3_start://构造发送给邮件服务器的用户消息
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = sizeof("USER ") - 1 + s->login.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1);
p = ngx_cpymem(p, s->login.data, s->login.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_pop3_user;
break;
case ngx_pop3_user://构造发送给邮件服务器的密码信息
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass");
s->connection->log->action = "sending password to upstream";
line.len = sizeof("PASS ") - 1 + s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1);
p = ngx_cpymem(p, s->passwd.data, s->passwd.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_pop3_passwd;
break;
/* 在收到服务器返回的密码验证通过信息后,将nginx与下游客户端间、nginx与上游邮件服务器间的TCP连接上读写事件
的回调方法都设置为ngx_main_proxy_handler方法*/
case ngx_pop3_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);//进入透传上下游TCP阶段
return;
default:
#if (NGX_SUPPRESS_WARN)
ngx_str_null(&line);
#endif
break;
}
/* 向上游的邮件服务器发送验证消息,注意,这里向邮件服务器发送TCP流与以前情况不同,它不再通过epoll检测到TCP连接上出现可写事件而触发。
事实上,它是由连接上出现的可读事件触发的,因为读取到了邮件服务器的消息,才向邮件服务器发送消息,之所以可以这么做的一个原因在于,当前
阶段发送的TCP消息包都非常短小*/
if (c->send(c, line.data, line.len) < (ssize_t) line.len)
{
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
/* 清空buffer缓冲区 */
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
/* 启动nginx与上游邮件服务器间的交互 */
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer)
{
int keepalive;
ngx_int_t rc;
ngx_mail_proxy_ctx_t *p;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
s->connection->log->action = "connecting to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
if (cscf->so_keepalive) {
keepalive = 1;
if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE,
(const void *) &keepalive, sizeof(int))
== -1)
{
ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno,
"setsockopt(SO_KEEPALIVE) failed");
}
}
p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));//创建ngx_mail_proxy_t结构体
if (p == NULL) {
ngx_mail_session_internal_server_error(s);
return;
}
s->proxy = p;
p->upstream.sockaddr = peer->sockaddr;
p->upstream.socklen = peer->socklen;
p->upstream.name = &peer->name;
p->upstream.get = ngx_event_get_peer;
p->upstream.log = s->connection->log;
p->upstream.log_error = NGX_ERROR_ERR;
rc = ngx_event_connect_peer(&p->upstream);//向上游邮件服务器发起无阻塞的TCP连接
if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
ngx_mail_proxy_internal_server_error(s);
return;
}
/* 需要监控接收邮件服务器的响应是否超时,于是把与上游连接的读事件添加到定时器中 */
ngx_add_timer(p->upstream.connection->read, cscf->timeout);
p->upstream.connection->data = s;//设置连接的data成员指向ngx_mail_session_t结构体
p->upstream.connection->pool = s->connection->pool;
/* 设置nginx于客户端间连接读事件的回调方法为不会读取内容的ngx_mail_proxy_block_read方法,因为当前阶段nginx不会与客户端交互 */
s->connection->read->handler = ngx_mail_proxy_block_read;
/* 设置nginx与上游间的连接写事件回调方法为什么都不做的ngx_mail_proxy_dummy_handler方法,这意味着
接下来向上游发送TCP流时,将不再通过epoll这个事件框架来调度*/
p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
/* 建立nginx与邮件服务器间的内存缓冲区 */
s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,pcf->buffer_size);
if (s->proxy->buffer == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
s->out.len = 0;//设置out为空,表示不会通过out向客户端发送响应
/* 根据用户请求的协议设置实际的邮件认证方法 */
switch (s->protocol)
{
case NGX_MAIL_POP3_PROTOCOL://设置POP3协议进行邮件交互认证的方法
p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler;
s->mail_state = ngx_pop3_start;
break;
case NGX_MAIL_IMAP_PROTOCOL:
p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler;
s->mail_state = ngx_imap_start;
break;
default: /* NGX_MAIL_SMTP_PROTOCOL */
p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler;
s->mail_state = ngx_smtp_start;
break;
}
}
