static void ngx_mail_ssl_handshake_handler(ngx_connection_t *c) { ngx_mail_session_t *s; ngx_mail_core_srv_conf_t *cscf; s = c->data; if (c->ssl->handshaked) { if (s->starttls) { cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); c->read->handler = cscf->protocol->init_protocol; c->write->handler = ngx_mail_send; cscf->protocol->init_protocol(c->read); return; } /* temporary: differ client from server via buffer check */ if (!c->ssl->buffer) { c->read->ready = 0; ngx_mail_init_session(c); } else { ngx_mail_proxy_start(c); } return; } (c->ssl->buffer == 0) ? ngx_mail_close_connection(c) : ngx_mail_proxy_internal_server_error(s); }
void ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_int_t dir) { ngx_mail_session_t *s; ngx_mail_core_srv_conf_t *cscf; s = c->data; if (dir == NGX_MAIL_SECURE_DIR_IN) { if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { ngx_mail_close_connection(c); return; } } else { if (ngx_ssl_create_connection(ssl, c, NGX_SSL_BUFFER|NGX_SSL_CLIENT) == NGX_ERROR) { ngx_mail_proxy_internal_server_error(s); return; } } if (ngx_ssl_handshake(c) == NGX_AGAIN) { cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); /* expected that for upstream, one is set already */ if (dir == NGX_MAIL_SECURE_DIR_IN) ngx_add_timer(c->read, cscf->timeout); c->ssl->handler = ngx_mail_ssl_handshake_handler; return; } ngx_mail_ssl_handshake_handler(c); }
static void ngx_mail_proxy_smtp_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_buf_t *b; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy smtp auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_smtp_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send ehlo"); s->connection->log->action = "sending HELO/EHLO to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); line.len = sizeof("HELO ") - 1 + cscf->server_name.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); p = ngx_cpymem(line.data, ((s->esmtp || pcf->xclient) ? "EHLO " : "HELO "), sizeof("HELO ") - 1); p = ngx_cpymem(p, cscf->server_name.data, cscf->server_name.len); *p++ = CR; *p = LF; if (pcf->xclient) { s->mail_state = ngx_smtp_helo_xclient; } else if (s->auth_method == NGX_MAIL_AUTH_NONE) { s->mail_state = ngx_smtp_helo_from; } else { s->mail_state = ngx_smtp_helo; } break; case ngx_smtp_helo_xclient: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send xclient"); s->connection->log->action = "sending XCLIENT to upstream"; line.len = sizeof("XCLIENT ADDR= LOGIN= NAME=" CRLF) - 1 + s->connection->addr_text.len + s->login.len + s->host.len; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "XCLIENT ADDR=%V%s%V NAME=%V" CRLF, &s->connection->addr_text, (s->login.len ? " LOGIN="******""), &s->login, &s->host) - line.data; if (s->smtp_helo.len) { s->mail_state = ngx_smtp_xclient_helo; } else if (s->auth_method == NGX_MAIL_AUTH_NONE) { s->mail_state = ngx_smtp_xclient_from; } else { s->mail_state = ngx_smtp_xclient; } break; case ngx_smtp_xclient_helo: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send client ehlo"); s->connection->log->action = "sending client HELO/EHLO to upstream"; line.len = sizeof("HELO " CRLF) - 1 + s->smtp_helo.len; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, ((s->esmtp) ? "EHLO %V" CRLF : "HELO %V" CRLF), &s->smtp_helo) - line.data; s->mail_state = (s->auth_method == NGX_MAIL_AUTH_NONE) ? ngx_smtp_helo_from : ngx_smtp_helo; break; case ngx_smtp_helo_from: case ngx_smtp_xclient_from: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send mail from"); s->connection->log->action = "sending MAIL FROM to upstream"; line.len = s->smtp_from.len + sizeof(CRLF) - 1; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->smtp_from.data, s->smtp_from.len); *p++ = CR; *p = LF; s->mail_state = ngx_smtp_from; break; case ngx_smtp_from: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send rcpt to"); s->connection->log->action = "sending RCPT TO to upstream"; line.len = s->smtp_to.len + sizeof(CRLF) - 1; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->smtp_to.data, s->smtp_to.len); *p++ = CR; *p = LF; s->mail_state = ngx_smtp_to; break; case ngx_smtp_helo: case ngx_smtp_xclient: case ngx_smtp_to: b = s->proxy->buffer; if (s->auth_method == NGX_MAIL_AUTH_NONE) { b->pos = b->start; } else { ngx_memcpy(b->start, smtp_auth_ok, sizeof(smtp_auth_ok) - 1); b->last = b->start + sizeof(smtp_auth_ok) - 1; } s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) line.len = 0; line.data = NULL; #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
static void ngx_mail_proxy_imap_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy imap auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_imap_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send login"); s->connection->log->action = "sending LOGIN command to upstream"; line.len = s->tag.len + sizeof("LOGIN ") - 1 + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "%VLOGIN {%uz}" CRLF, &s->tag, s->login.len) - line.data; s->mail_state = ngx_imap_login; break; case ngx_imap_login: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = s->login.len + 1 + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "%V {%uz}" CRLF, &s->login, s->passwd.len) - line.data; s->mail_state = ngx_imap_user; break; case ngx_imap_user: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send passwd"); s->connection->log->action = "sending password to upstream"; line.len = s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_imap_passwd; break; case ngx_imap_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) line.len = 0; line.data = NULL; #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_peer_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_int_t secured = 0; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; ngx_mail_ssl_conf_t *sslcf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; #if (NGX_MAIL_SSL) if (s->auth_security) { sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); if (sslcf->ssl.ctx) { s->connection->log->action = "SSL handshaking"; ngx_mail_ssl_init_connection(&sslcf->ssl, p->upstream.connection, NGX_MAIL_SECURE_DIR_OUT); secured = 1; } else { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "failed to get SSL context;"); ngx_mail_proxy_internal_server_error(s); return; } } #endif pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; /* state will be changed in the ssl init routine */ if (!secured) ngx_mail_proxy_start(p->upstream.connection); }
static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy pop3 auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, 0); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_pop3_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = sizeof("USER ") - 1 + s->login.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); p = ngx_cpymem(p, s->login.data, s->login.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_user; break; case ngx_pop3_user: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass"); s->connection->log->action = "sending password to upstream"; line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); p = ngx_cpymem(p, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_passwd; break; case ngx_pop3_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout, NGX_FUNC_LINE); ngx_del_timer(c->read, NGX_FUNC_LINE); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) ngx_str_null(&line); #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout, NGX_FUNC_LINE); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }
/* 与POP3邮件服务器认证交互的过程 */ static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line;//保存发往上游邮件服务器的消息 ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy pop3 auth handler"); c = rev->data;//获取nginx与上游的连接 s = c->data;//获取ngx_mail_session_t结构体 /* 如果读取上游邮件服务器响应超时,则向客户端发送错误响应 */ if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, 0);//读取上游邮件服务器发来的响应到buffer缓冲区中 /* 还需要继续接收邮件服务器的消息 */ if (rc == NGX_AGAIN) { return; } /* 消息不合法或者邮件服务器没有通过验证,则返回错误给客户端 */ if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_pop3_start://构造发送给邮件服务器的用户消息 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = sizeof("USER ") - 1 + s->login.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); p = ngx_cpymem(p, s->login.data, s->login.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_user; break; case ngx_pop3_user://构造发送给邮件服务器的密码信息 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass"); s->connection->log->action = "sending password to upstream"; line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); p = ngx_cpymem(p, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_passwd; break; /* 在收到服务器返回的密码验证通过信息后,将nginx与下游客户端间、nginx与上游邮件服务器间的TCP连接上读写事件 的回调方法都设置为ngx_main_proxy_handler方法*/ case ngx_pop3_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write);//进入透传上下游TCP阶段 return; default: #if (NGX_SUPPRESS_WARN) ngx_str_null(&line); #endif break; } /* 向上游的邮件服务器发送验证消息,注意,这里向邮件服务器发送TCP流与以前情况不同,它不再通过epoll检测到TCP连接上出现可写事件而触发。 事实上,它是由连接上出现的可读事件触发的,因为读取到了邮件服务器的消息,才向邮件服务器发送消息,之所以可以这么做的一个原因在于,当前 阶段发送的TCP消息包都非常短小*/ if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } /* 清空buffer缓冲区 */ s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
/* 启动nginx与上游邮件服务器间的交互 */ void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));//创建ngx_mail_proxy_t结构体 if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream);//向上游邮件服务器发起无阻塞的TCP连接 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } /* 需要监控接收邮件服务器的响应是否超时,于是把与上游连接的读事件添加到定时器中 */ ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s;//设置连接的data成员指向ngx_mail_session_t结构体 p->upstream.connection->pool = s->connection->pool; /* 设置nginx于客户端间连接读事件的回调方法为不会读取内容的ngx_mail_proxy_block_read方法,因为当前阶段nginx不会与客户端交互 */ s->connection->read->handler = ngx_mail_proxy_block_read; /* 设置nginx与上游间的连接写事件回调方法为什么都不做的ngx_mail_proxy_dummy_handler方法,这意味着 接下来向上游发送TCP流时,将不再通过epoll这个事件框架来调度*/ p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); /* 建立nginx与邮件服务器间的内存缓冲区 */ s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0;//设置out为空,表示不会通过out向客户端发送响应 /* 根据用户请求的协议设置实际的邮件认证方法 */ switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL://设置POP3协议进行邮件交互认证的方法 p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }