static void ngx_mail_auth_http_write_handler(ngx_event_t *wev) { ssize_t n, size; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_auth_http_ctx_t *ctx; ngx_mail_auth_http_conf_t *ahcf; c = wev->data; s = c->data; ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, "mail auth http write handler"); if (wev->timedout) { ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, "auth http server %V timed out", ctx->peer.name); ngx_close_connection(c); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } size = ctx->request->last - ctx->request->pos; n = ngx_send(c, ctx->request->pos, size); if (n == NGX_ERROR) { ngx_close_connection(c); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } if (n > 0) { ctx->request->pos += n; if (n == size) { wev->handler = ngx_mail_auth_http_dummy_handler; if (wev->timer_set) { ngx_del_timer(wev); } if (ngx_handle_write_event(wev, 0) != NGX_OK) { ngx_close_connection(c); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); } return; } } if (!wev->timer_set) { ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); ngx_add_timer(wev, ahcf->timeout); } }
static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, ngx_mail_auth_http_ctx_t *ctx) { u_char *p, ch; enum { sw_start = 0, sw_H, sw_HT, sw_HTT, sw_HTTP, sw_skip, sw_almost_done } state; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, "mail auth http process status line"); state = ctx->state; for (p = ctx->response->pos; p < ctx->response->last; p++) { ch = *p; switch (state) { /* "HTTP/" */ case sw_start: if (ch == 'H') { state = sw_H; break; } goto next; case sw_H: if (ch == 'T') { state = sw_HT; break; } goto next; case sw_HT: if (ch == 'T') { state = sw_HTT; break; } goto next; case sw_HTT: if (ch == 'P') { state = sw_HTTP; break; } goto next; case sw_HTTP: if (ch == '/') { state = sw_skip; break; } goto next; /* any text until end of line */ case sw_skip: switch (ch) { case CR: state = sw_almost_done; break; case LF: goto done; } break; /* end of status line */ case sw_almost_done: if (ch == LF) { goto done; } ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server &V sent invalid response", ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } } ctx->response->pos = p; ctx->state = state; return; next: p = ctx->response->start - 1; done: ctx->response->pos = p + 1; ctx->state = 0; ctx->handler = ngx_mail_auth_http_process_headers; ctx->handler(s, ctx); }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }
void ngx_mail_auth_http_init(ngx_mail_session_t *s) { ngx_int_t rc; ngx_pool_t *pool; ngx_mail_auth_http_ctx_t *ctx; ngx_mail_auth_http_conf_t *ahcf; s->connection->log->action = "in http auth state"; pool = ngx_create_pool(2048, s->connection->log); if (pool == NULL) { ngx_mail_session_internal_server_error(s); return; } ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); if (ctx == NULL) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } ctx->pool = pool; ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); if (ctx->request == NULL) { ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); ctx->peer.sockaddr = ahcf->peer->sockaddr; ctx->peer.socklen = ahcf->peer->socklen; ctx->peer.name = &ahcf->peer->name; ctx->peer.get = ngx_event_get_peer; ctx->peer.log = s->connection->log; ctx->peer.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&ctx->peer); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { if (ctx->peer.connection) { ngx_close_connection(ctx->peer.connection); } ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ctx->peer.connection->data = s; ctx->peer.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_auth_http_block_read; ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; ctx->handler = ngx_mail_auth_http_ignore_status_line; ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); if (rc == NGX_OK) { ngx_mail_auth_http_write_handler(ctx->peer.connection->write); return; } }
void ngx_mail_imap_auth_state(ngx_event_t *rev) { u_char *p, *dst, *src, *end; ngx_str_t *arg; ngx_int_t rc; ngx_uint_t tag, i; ngx_connection_t *c; ngx_mail_session_t *s; c = rev->data; s = c->data; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth state"); if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); c->timedout = 1; ngx_mail_close_connection(c); return; } if (s->out.len) { ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap send handler busy"); s->blocked = 1; return; } s->blocked = 0; rc = ngx_mail_read_command(s, c); if (rc == NGX_AGAIN || rc == NGX_ERROR) { return; } tag = 1; s->text.len = 0; s->out.len = sizeof(imap_ok) - 1; s->out.data = imap_ok; if (rc == NGX_OK) { ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth command: %i", s->command); if (s->backslash) { arg = s->args.elts; for (i = 0; i < s->args.nelts; i++) { dst = arg[i].data; end = dst + arg[i].len; for (src = dst; src < end; dst++) { *dst = *src; if (*src++ == '\\') { *dst = *src++; } } arg[i].len = dst - arg[i].data; } s->backslash = 0; } switch (s->mail_state) { case ngx_imap_start: switch (s->command) { case NGX_IMAP_LOGIN: rc = ngx_mail_imap_login(s, c); break; case NGX_IMAP_AUTHENTICATE: rc = ngx_mail_imap_authenticate(s, c); tag = (rc != NGX_OK); break; case NGX_IMAP_CAPABILITY: rc = ngx_mail_imap_capability(s, c); break; case NGX_IMAP_LOGOUT: s->quit = 1; s->text.len = sizeof(imap_bye) - 1; s->text.data = imap_bye; break; case NGX_IMAP_NOOP: break; case NGX_IMAP_STARTTLS: rc = ngx_mail_imap_starttls(s, c); break; default: rc = NGX_MAIL_PARSE_INVALID_COMMAND; break; } break; case ngx_imap_auth_login_username: rc = ngx_mail_auth_login_username(s, c, 0); tag = 0; s->out.len = sizeof(imap_password) - 1; s->out.data = imap_password; s->mail_state = ngx_imap_auth_login_password; break; case ngx_imap_auth_login_password: rc = ngx_mail_auth_login_password(s, c); break; case ngx_imap_auth_plain: rc = ngx_mail_auth_plain(s, c, 0); break; case ngx_imap_auth_cram_md5: rc = ngx_mail_auth_cram_md5(s, c); break; } } else if (rc == NGX_IMAP_NEXT) { tag = 0; s->out.len = sizeof(imap_next) - 1; s->out.data = imap_next; } switch (rc) { case NGX_DONE: ngx_mail_auth(s, c); return; case NGX_ERROR: ngx_mail_session_internal_server_error(s); return; case NGX_MAIL_PARSE_INVALID_COMMAND: s->state = 0; s->out.len = sizeof(imap_invalid_command) - 1; s->out.data = imap_invalid_command; s->mail_state = ngx_imap_start; break; } if (tag) { if (s->tag.len == 0) { s->tag.len = sizeof(imap_star) - 1; s->tag.data = (u_char *) imap_star; } if (s->tagged_line.len < s->tag.len + s->text.len + s->out.len) { s->tagged_line.len = s->tag.len + s->text.len + s->out.len; s->tagged_line.data = ngx_pnalloc(c->pool, s->tagged_line.len); if (s->tagged_line.data == NULL) { ngx_mail_close_connection(c); return; } } p = s->tagged_line.data; if (s->text.len) { p = ngx_cpymem(p, s->text.data, s->text.len); } p = ngx_cpymem(p, s->tag.data, s->tag.len); ngx_memcpy(p, s->out.data, s->out.len); s->out.len = s->text.len + s->tag.len + s->out.len; s->out.data = s->tagged_line.data; } if (rc != NGX_IMAP_NEXT) { s->args.nelts = 0; if (s->state) { /* preserve tag */ s->arg_start = s->buffer->start + s->tag.len; s->buffer->pos = s->arg_start; s->buffer->last = s->arg_start; } else { s->buffer->pos = s->buffer->start; s->buffer->last = s->buffer->start; s->tag.len = 0; } } ngx_mail_send(c->write); }
void ngx_mail_smtp_auth_state(ngx_event_t *rev) { ngx_int_t rc; ngx_connection_t *c; ngx_mail_session_t *s; c = rev->data; s = c->data; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp auth state"); if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); c->timedout = 1; ngx_mail_close_connection(c); return; } if (s->out.len) { ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp send handler busy"); s->blocked = 1; return; } s->blocked = 0; rc = ngx_mail_read_command(s, c); if (rc == NGX_AGAIN || rc == NGX_ERROR) { return; } s->out.len = sizeof(smtp_ok) - 1; s->out.data = smtp_ok; if (rc == NGX_OK) { switch (s->mail_state) { case ngx_smtp_start: switch (s->command) { case NGX_SMTP_HELO: case NGX_SMTP_EHLO: rc = ngx_mail_smtp_helo(s, c); break; case NGX_SMTP_AUTH: rc = ngx_mail_smtp_auth(s, c); break; case NGX_SMTP_QUIT: s->quit = 1; s->out.len = sizeof(smtp_bye) - 1; s->out.data = smtp_bye; break; case NGX_SMTP_MAIL: rc = ngx_mail_smtp_mail(s, c); break; case NGX_SMTP_NOOP: case NGX_SMTP_RSET: break; case NGX_SMTP_STARTTLS: rc = ngx_mail_smtp_starttls(s, c); s->out.len = sizeof(smtp_starttls) - 1; s->out.data = smtp_starttls; break; default: rc = NGX_MAIL_PARSE_INVALID_COMMAND; break; } break; case ngx_smtp_auth_login_username: rc = ngx_mail_auth_login_username(s, c, 0); s->out.len = sizeof(smtp_password) - 1; s->out.data = smtp_password; s->mail_state = ngx_smtp_auth_login_password; break; case ngx_smtp_auth_login_password: rc = ngx_mail_auth_login_password(s, c); break; case ngx_smtp_auth_plain: rc = ngx_mail_auth_plain(s, c, 0); break; case ngx_smtp_auth_cram_md5: rc = ngx_mail_auth_cram_md5(s, c); break; } } switch (rc) { case NGX_DONE: ngx_mail_auth(s, c); return; case NGX_ERROR: ngx_mail_session_internal_server_error(s); return; case NGX_MAIL_PARSE_INVALID_COMMAND: s->mail_state = ngx_smtp_start; s->state = 0; s->out.len = sizeof(smtp_invalid_command) - 1; s->out.data = smtp_invalid_command; /* fall through */ case NGX_OK: s->args.nelts = 0; s->buffer->pos = s->buffer->start; s->buffer->last = s->buffer->start; if (s->state) { s->arg_start = s->buffer->start; } ngx_mail_send(c->write); } }
void ngx_mail_imap_auth_state(ngx_event_t *rev) { u_char *p, *dst, *src, *end; ngx_str_t *arg; ngx_int_t rc; ngx_uint_t tag, i; ngx_connection_t *c; ngx_mail_session_t *s; c = rev->data; s = c->data; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth state"); if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); c->timedout = 1; ngx_mail_end_session(s); /* send IMAP BYE on timeout */ return; } if (s->out.len) { ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap send handler busy"); s->blocked = 1; return; } s->blocked = 0; rc = ngx_mail_read_command(s, c); if (rc == NGX_AGAIN || rc == NGX_ERROR) { return; } if (rc == NGX_IMAP_NEXT) { tag = 0; ngx_str_set(&s->out, imap_next); } else { tag = 1; ngx_str_set(&s->out, imap_ok); s->text.len = 0; ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0, "imap auth command: %i", s->command); if (s->backslash) { arg = s->args.elts; for (i = 0; i < s->args.nelts; i++) { dst = arg[i].data; end = dst + arg[i].len; for (src = dst; src < end; dst++) { *dst = *src; if (*src++ == '\\') { *dst = *src++; } } arg[i].len = dst - arg[i].data; } s->backslash = 0; } if (rc == NGX_OK) { switch (s->mail_state) { case ngx_imap_start: switch (s->command) { case NGX_IMAP_LOGIN: rc = ngx_mail_imap_login(s, c); break; case NGX_IMAP_AUTHENTICATE: rc = ngx_mail_imap_authenticate(s, c); break; case NGX_IMAP_CAPABILITY: rc = ngx_mail_imap_capability(s, c); break; case NGX_IMAP_LOGOUT: s->quit = 1; ngx_str_set(&s->text, imap_bye); break; case NGX_IMAP_NOOP: break; case NGX_IMAP_STARTTLS: rc = ngx_mail_imap_starttls(s, c); break; case NGX_IMAP_ID: rc = ngx_mail_imap_id(s, c); break; default: rc = NGX_MAIL_PARSE_INVALID_COMMAND; break; } break; case ngx_imap_auth_login_username: rc = ngx_mail_auth_login_username(s, c, 0); if (rc == NGX_MAIL_AUTH_ARGUMENT) { ngx_str_set(&s->out, imap_password); s->mail_state = ngx_imap_auth_login_password; } break; case ngx_imap_auth_login_password: rc = ngx_mail_auth_login_password(s, c); break; case ngx_imap_auth_plain: rc = ngx_mail_auth_plain(s, c, 0); break; case ngx_imap_auth_gssapi: { ngx_str_t output; ngx_str_set(&output, ""); rc = ngx_mail_auth_gssapi(s, c, &output); if (rc == NGX_MAIL_AUTH_ARGUMENT) { s->mail_state = ngx_imap_auth_gssapi; s->out = output; } break; } case ngx_imap_auth_cram_md5: rc = ngx_mail_auth_cram_md5(s, c); break; } } } switch (rc) { case NGX_DONE: ngx_mail_do_auth(s, c); return; case NGX_OK: ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_MAIL_AUTH_ABORT: ngx_str_set(&s->out, imap_authaborted); s->mail_state = ngx_imap_start; ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_ERROR: ngx_mail_session_internal_server_error(s); return; case NGX_MAIL_AUTH_FAILED: ngx_str_set(&s->out, imap_authenticate_failed); s->mail_state = ngx_imap_start; ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_MAIL_LOGIN_FAILED: ngx_str_set(&s->out, imap_login_failed); s->mail_state = ngx_imap_start; ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_MAIL_PARSE_INVALID_AUTH_MECH: ngx_log_debug0 (NGX_LOG_DEBUG_MAIL, c->log, 0, "unsupported IMAP auth mechanism"); ngx_str_set(&s->out, imap_unsupported_mech); s->mail_state = ngx_imap_start; ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_MAIL_PARSE_INVALID_COMMAND: ngx_str_set(&s->out, imap_invalid_command); s->mail_state = ngx_imap_start; ngx_mail_set_imap_parse_state_start(s); s->arg_start = NULL; ngx_mail_reset_parse_buffer(s); break; case NGX_MAIL_AUTH_ARGUMENT: ngx_mail_set_imap_parse_state_argument(s); /* preserve tag, since tag's memory is allocated in buffer, need to set the * buffer pos after tag */ s->arg_start = s->buffer->start + s->tag.len; s->buffer->pos = s->arg_start; s->buffer->last = s->arg_start; tag = 0; // just output s->out break; case NGX_IMAP_NEXT: /* do nothing, preserve all the state, including s->state, s->mail_state, * , s->buffer, s->arg_start */ break; } //clear args if(rc != NGX_IMAP_NEXT) { s->args.nelts = 0; } // process the output if (tag) { //text tag out --> out if (s->tag.len == 0) { ngx_str_set(&s->tag, imap_star); } if (s->tagged_line.len < s->tag.len + s->text.len + s->out.len + 1) { s->tagged_line.len = s->tag.len + s->text.len + s->out.len + 1; s->tagged_line.data = ngx_pnalloc(c->pool, s->tagged_line.len); if (s->tagged_line.data == NULL) { ngx_mail_close_connection(c); return; } } p = s->tagged_line.data; if (s->text.len) { p = ngx_cpymem(p, s->text.data, s->text.len); } p = ngx_cpymem(p, s->tag.data, s->tag.len); *p++ = ' '; /* the space between tag and out */ ngx_memcpy(p, s->out.data, s->out.len); s->out.len = s->text.len + s->tag.len + 1 /*for space*/+ s->out.len; s->out.data = s->tagged_line.data; } ngx_mail_send(c->write); }
void ngx_mail_pop3_auth_state(ngx_event_t *rev) { ngx_int_t rc; ngx_connection_t *c; ngx_mail_session_t *s; c = rev->data; s = c->data; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 auth state"); if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); c->timedout = 1; ngx_mail_close_connection(c); return; } if (s->out.len) { ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 send handler busy"); s->blocked = 1; return; } s->blocked = 0; rc = ngx_mail_read_command(s, c); if (rc == NGX_AGAIN || rc == NGX_ERROR) { return; } ngx_str_set(&s->out, pop3_ok); if (rc == NGX_OK) { switch (s->mail_state) { case ngx_pop3_start: switch (s->command) { case NGX_POP3_USER: rc = ngx_mail_pop3_user(s, c); break; case NGX_POP3_CAPA: rc = ngx_mail_pop3_capa(s, c, 1); break; case NGX_POP3_APOP: rc = ngx_mail_pop3_apop(s, c); break; case NGX_POP3_AUTH: rc = ngx_mail_pop3_auth(s, c); break; case NGX_POP3_QUIT: s->quit = 1; break; case NGX_POP3_NOOP: break; case NGX_POP3_STLS: rc = ngx_mail_pop3_stls(s, c); break; default: rc = NGX_MAIL_PARSE_INVALID_COMMAND; break; } break; case ngx_pop3_user: switch (s->command) { case NGX_POP3_PASS: rc = ngx_mail_pop3_pass(s, c); break; case NGX_POP3_CAPA: rc = ngx_mail_pop3_capa(s, c, 0); break; case NGX_POP3_QUIT: s->quit = 1; break; case NGX_POP3_NOOP: break; default: rc = NGX_MAIL_PARSE_INVALID_COMMAND; break; } break; /* suppress warinings */ case ngx_pop3_passwd: break; case ngx_pop3_auth_login_username: rc = ngx_mail_auth_login_username(s, c, 0); ngx_str_set(&s->out, pop3_password); s->mail_state = ngx_pop3_auth_login_password; break; case ngx_pop3_auth_login_password: rc = ngx_mail_auth_login_password(s, c); break; case ngx_pop3_auth_plain: rc = ngx_mail_auth_plain(s, c, 0); break; case ngx_pop3_auth_cram_md5: rc = ngx_mail_auth_cram_md5(s, c); break; } } switch (rc) { case NGX_DONE: ngx_mail_auth(s, c); return; case NGX_ERROR: ngx_mail_session_internal_server_error(s); return; case NGX_MAIL_PARSE_INVALID_COMMAND: s->mail_state = ngx_pop3_start; s->state = 0; ngx_str_set(&s->out, pop3_invalid_command); /* fall through */ case NGX_OK: s->args.nelts = 0; s->buffer->pos = s->buffer->start; s->buffer->last = s->buffer->start; if (s->state) { s->arg_start = s->buffer->start; } ngx_mail_send(c->write); } }
ngx_int_t ngx_mail_read_command(ngx_mail_session_t *s, ngx_connection_t *c) { ssize_t n; ngx_int_t rc; ngx_str_t l; ngx_mail_core_srv_conf_t *cscf; n = c->recv(c, s->buffer->last, s->buffer->end - s->buffer->last); if (n == NGX_ERROR || n == 0) { ngx_mail_close_connection(c); return NGX_ERROR; } if (n > 0) { s->buffer->last += n; } if (n == NGX_AGAIN) { if (ngx_handle_read_event(c->read, 0) != NGX_OK) { ngx_mail_session_internal_server_error(s); return NGX_ERROR; } if (s->buffer->pos == s->buffer->last) { return NGX_AGAIN; } } cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); rc = cscf->protocol->parse_command(s); if (rc == NGX_AGAIN) { if (s->buffer->last < s->buffer->end) { return rc; } l.len = s->buffer->last - s->buffer->start; l.data = s->buffer->start; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent too long command \"%V\"", &l); s->quit = 1; return NGX_MAIL_PARSE_INVALID_COMMAND; } if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) { return rc; } if (rc == NGX_ERROR) { ngx_mail_close_connection(c); return NGX_ERROR; } return NGX_OK; }
static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, ngx_mail_auth_http_ctx_t *ctx) { u_char *p; time_t timer; size_t len, size; ngx_int_t rc, port, n; ngx_addr_t *peer; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, "mail auth http process headers"); for ( ;; ) { rc = ngx_mail_auth_http_parse_header_line(s, ctx); if (rc == NGX_OK) { #if (NGX_DEBUG) { ngx_str_t key, value; key.len = ctx->header_name_end - ctx->header_name_start; key.data = ctx->header_name_start; value.len = ctx->header_end - ctx->header_start; value.data = ctx->header_start; ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, "mail auth http header: \"%V: %V\"", &key, &value); } #endif len = ctx->header_name_end - ctx->header_name_start; if (len == sizeof("Auth-Status") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Status", sizeof("Auth-Status") - 1) == 0) { len = ctx->header_end - ctx->header_start; if (len == 2 && ctx->header_start[0] == 'O' && ctx->header_start[1] == 'K') { continue; } if (len == 4 && ctx->header_start[0] == 'W' && ctx->header_start[1] == 'A' && ctx->header_start[2] == 'I' && ctx->header_start[3] == 'T') { s->auth_wait = 1; continue; } ctx->errmsg.len = len; ctx->errmsg.data = ctx->header_start; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; break; case NGX_MAIL_IMAP_PROTOCOL: size = s->tag.len + sizeof("NO ") - 1 + len + sizeof(CRLF) - 1; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ ctx->err = ctx->errmsg; continue; } p = ngx_pnalloc(s->connection->pool, size); if (p == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ctx->err.data = p; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; break; case NGX_MAIL_IMAP_PROTOCOL: p = ngx_cpymem(p, s->tag.data, s->tag.len); *p++ = 'N'; *p++ = 'O'; *p++ = ' '; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ break; } p = ngx_cpymem(p, ctx->header_start, len); *p++ = CR; *p++ = LF; ctx->err.len = p - ctx->err.data; continue; } if (len == sizeof("Auth-Server") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Server", sizeof("Auth-Server") - 1) == 0) { ctx->addr.len = ctx->header_end - ctx->header_start; ctx->addr.data = ctx->header_start; continue; } if (len == sizeof("Auth-Port") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Port", sizeof("Auth-Port") - 1) == 0) { ctx->port.len = ctx->header_end - ctx->header_start; ctx->port.data = ctx->header_start; continue; } if (len == sizeof("Auth-User") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-User", sizeof("Auth-User") - 1) == 0) { s->login.len = ctx->header_end - ctx->header_start; s->login.data = ngx_pnalloc(s->connection->pool, s->login.len); if (s->login.data == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ngx_memcpy(s->login.data, ctx->header_start, s->login.len); continue; } if (len == sizeof("Auth-Pass") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Pass", sizeof("Auth-Pass") - 1) == 0) { s->passwd.len = ctx->header_end - ctx->header_start; s->passwd.data = ngx_pnalloc(s->connection->pool, s->passwd.len); if (s->passwd.data == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); continue; } if (len == sizeof("Auth-Wait") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Wait", sizeof("Auth-Wait") - 1) == 0) { n = ngx_atoi(ctx->header_start, ctx->header_end - ctx->header_start); if (n != NGX_ERROR) { ctx->sleep = n; } continue; } if (len == sizeof("Auth-Error-Code") - 1 && ngx_strncasecmp(ctx->header_name_start, (u_char *) "Auth-Error-Code", sizeof("Auth-Error-Code") - 1) == 0) { ctx->errcode.len = ctx->header_end - ctx->header_start; ctx->errcode.data = ngx_pnalloc(s->connection->pool, ctx->errcode.len); if (ctx->errcode.data == NULL) { ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ngx_memcpy(ctx->errcode.data, ctx->header_start, ctx->errcode.len); continue; } /* ignore other headers */ continue; } if (rc == NGX_DONE) { ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, "mail auth http header done"); ngx_close_connection(ctx->peer.connection); if (ctx->err.len) { ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, "client login failed: \"%V\"", &ctx->errmsg); if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { if (ctx->errcode.len == 0) { ctx->errcode = ngx_mail_smtp_errcode; } ctx->err.len = ctx->errcode.len + ctx->errmsg.len + sizeof(" " CRLF) - 1; p = ngx_pnalloc(s->connection->pool, ctx->err.len); if (p == NULL) { ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ctx->err.data = p; p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); *p++ = ' '; p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); *p++ = CR; *p = LF; } s->out = ctx->err; timer = ctx->sleep; ngx_destroy_pool(ctx->pool); if (timer == 0) { s->quit = 1; ngx_mail_send(s->connection->write); return; } ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); s->connection->read->handler = ngx_mail_auth_sleep_handler; return; } if (s->auth_wait) { timer = ctx->sleep; ngx_destroy_pool(ctx->pool); if (timer == 0) { ngx_mail_auth_http_init(s); return; } ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); s->connection->read->handler = ngx_mail_auth_sleep_handler; return; } if (ctx->addr.len == 0 || ctx->port.len == 0) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V did not send server or port", ctx->peer.name); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } if (s->passwd.data == NULL && s->protocol != NGX_MAIL_SMTP_PROTOCOL) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V did not send password", ctx->peer.name); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_addr_t)); if (peer == NULL) { ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } rc = ngx_parse_addr(s->connection->pool, peer, ctx->addr.data, ctx->addr.len); switch (rc) { case NGX_OK: break; case NGX_DECLINED: ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V sent invalid server " "address:\"%V\"", ctx->peer.name, &ctx->addr); /* fall through */ default: ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } port = ngx_atoi(ctx->port.data, ctx->port.len); if (port == NGX_ERROR || port < 1 || port > 65535) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V sent invalid server " "port:\"%V\"", ctx->peer.name, &ctx->port); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ngx_inet_set_port(peer->sockaddr, (in_port_t) port); len = ctx->addr.len + 1 + ctx->port.len; peer->name.len = len; peer->name.data = ngx_pnalloc(s->connection->pool, len); if (peer->name.data == NULL) { ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } len = ctx->addr.len; ngx_memcpy(peer->name.data, ctx->addr.data, len); peer->name.data[len++] = ':'; ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); ngx_destroy_pool(ctx->pool); ngx_mail_proxy_init(s, peer); return; } if (rc == NGX_AGAIN ) { return; } /* rc == NGX_ERROR */ ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "auth http server %V sent invalid header in response", ctx->peer.name); ngx_close_connection(ctx->peer.connection); ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_int_t secured = 0; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; ngx_mail_ssl_conf_t *sslcf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; #if (NGX_MAIL_SSL) if (s->auth_security) { sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); if (sslcf->ssl.ctx) { s->connection->log->action = "SSL handshaking"; ngx_mail_ssl_init_connection(&sslcf->ssl, p->upstream.connection, NGX_MAIL_SECURE_DIR_OUT); secured = 1; } else { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "failed to get SSL context;"); ngx_mail_proxy_internal_server_error(s); return; } } #endif pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; /* state will be changed in the ssl init routine */ if (!secured) ngx_mail_proxy_start(p->upstream.connection); }
void ngx_mail_zmauth_init(ngx_mail_session_t *s) { ngx_pool_t *pool; ngx_mail_zmauth_ctx_t *ctx; ngx_zm_lookup_work_t *work; ngx_str_t escaped_login, escaped_account_name; ngx_mail_cleanup_t *cln; ngx_flag_t proxy_ssl; s->connection->log->action = "in mail zmauth state"; /* create pool and module context */ pool = ngx_create_pool(2048, s->connection->log); if (pool == NULL) { ngx_mail_session_internal_server_error(s); return; } ctx = ngx_pcalloc(pool, sizeof(ngx_mail_zmauth_ctx_t)); if (ctx == NULL) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } ctx->pool = pool; ngx_mail_set_ctx(s, ctx, ngx_mail_zmauth_module); /* init clean up */ cln = ngx_mail_cleanup_add(s, 0); cln->data = s; cln->handler = ngx_mail_zmauth_cleanup; /* init wait event */ ctx->wait_ev = ngx_palloc(pool, sizeof(ngx_event_t)); if (ctx->wait_ev == NULL) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } ngx_memzero (ctx->wait_ev, sizeof (ngx_event_t)); ctx->wait_ev->handler = ngx_mail_zmauth_wait_handler; ctx->wait_ev->log = s->connection->log; ctx->wait_ev->data = s->connection; work = ngx_pcalloc(pool, sizeof(ngx_zm_lookup_work_t)); if (work == NULL) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } if (s->auth_method == NGX_MAIL_AUTH_PASSWD || s->auth_method == NGX_MAIL_AUTH_PLAIN || s->auth_method == NGX_MAIL_AUTH_PLAIN_IR || s->auth_method == NGX_MAIL_AUTH_LOGIN || s->auth_method == NGX_MAIL_AUTH_LOGIN_USERNAME) { work->auth_method = ZM_AUTHMETH_USERNAME; } else if (s->auth_method == NGX_MAIL_AUTH_GSSAPI || s->auth_method == NGX_MAIL_AUTH_GSSAPI_IR) { work->auth_method = ZM_AUTHMETH_GSSAPI; work->auth_id = s->authid; } else { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "unsupported auth method %V", &ngx_mail_zmauth_method[s->auth_method]); ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } proxy_ssl = ngx_mail_get_proxy_ssl(s); switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: work->protocol = proxy_ssl?ZM_PROTO_POP3S:ZM_PROTO_POP3; break; case NGX_MAIL_IMAP_PROTOCOL: work->protocol = proxy_ssl?ZM_PROTO_IMAPS:ZM_PROTO_IMAP; break; default: ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "unsupported auth protocol %V", &ngx_mail_zmauth_proto[s->protocol]); ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } if (ngx_mail_zmauth_escape(pool, &s->login, &escaped_login) != NGX_OK) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } work->username = escaped_login; work->connection = s->connection; work->login_attempts = s->login_attempt; work->log = s->connection->log; work->pool = s->connection->pool; work->data = s; work->on_success = ngx_mail_zmauth_lookup_result_handler; work->on_failure = ngx_mail_zmauth_lookup_result_handler; switch (s->vlogin) { case 0: work->alias_check_stat = ZM_ALIAS_NOT_CHECKED; break; case 1: work->alias_check_stat = ZM_ALIAS_NOT_FOUND; work->account_name = work->username; work->alias_key = s->key_alias; break; case 2: work->alias_check_stat = ZM_ALIAS_FOUND; if (ngx_mail_zmauth_escape(pool, &s->qlogin, &escaped_account_name) != NGX_OK) { ngx_destroy_pool(pool); ngx_mail_session_internal_server_error(s); return; } work->account_name = escaped_account_name; work->alias_key = s->key_alias; break; default: ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "Should never reach here"); return; } ctx->work = work; s->connection->read->handler = ngx_mail_zmauth_block_read; ngx_zm_lookup(work); }
static void ngx_mail_zmauth_lookup_result_handler(ngx_zm_lookup_work_t * work) { ngx_mail_session_t *s; ngx_mail_zmauth_ctx_t *ctx; size_t size; u_char *p; ngx_addr_t *peer; ngx_str_t errmsg; s = (ngx_mail_session_t *) work->data; ctx = (ngx_mail_zmauth_ctx_t *)ngx_mail_get_module_ctx(s, ngx_mail_zmauth_module); if (work->result == ZM_LOOKUP_SUCCESS) { ngx_mail_zmauth_unescape(&work->account_name); /* copy the lookup result from zmauth pool to s->connection pool */ s->qlogin = *(ngx_pstrcpy(s->connection->pool, &work->account_name)); s->key_alias = *(ngx_pstrcpy(s->connection->pool, &work->alias_key)); s->key_route = *(ngx_pstrcpy(s->connection->pool, &work->route_key)); if (s->auth_method == NGX_MAIL_AUTH_GSSAPI || s->auth_method == NGX_MAIL_AUTH_GSSAPI_IR) { s->dusr = *(ngx_pstrcpy(s->connection->pool, &work->auth_id)); s->dpasswd = *(ngx_pstrcpy(s->connection->pool, &work->zm_auth_token)); } peer = ngx_palloc(s->connection->pool, sizeof(ngx_addr_t)); peer->name = *(ngx_pstrcpy(s->connection->pool, &work->route->name)); peer->socklen = work->route->socklen; peer->sockaddr = ngx_palloc(s->connection->pool, peer->socklen); if(peer->sockaddr == NULL) { return; /* NO MEM */ } ngx_memcpy(peer->sockaddr, work->route->sockaddr, peer->socklen); switch (work->alias_check_stat) { case ZM_ALIAS_NOT_FOUND: s->vlogin = 1; break; case ZM_ALIAS_FOUND: s->vlogin = 2; break; default: break; /* do nothing */ } ngx_destroy_pool(ctx->pool); ngx_mail_set_ctx(s, NULL, ngx_mail_zmauth_module); ngx_mail_proxy_init(s, peer); return; } else { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, "An error occurred in mail zmauth: %V", &work->err); /* construct error msg */ if (work->result != ZM_LOOKUP_LOGIN_FAILED) { /* zmauth clean up will destroy the ctx->pool */ ngx_mail_session_internal_server_error(s); return; } errmsg = LOGIN_FAILED; /* should we return the real err msg to user? */ switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: size = sizeof("-ERR ") - 1 + errmsg.len + sizeof(CRLF) - 1; if (s->command == NGX_POP3_AUTH) { size += AUTHENTICATION_FAILED.len; } break; case NGX_MAIL_IMAP_PROTOCOL: if (s->command == NGX_IMAP_AUTHENTICATE) { errmsg = AUTHENTICATE_FAILED; } size = s->tag.len + 1 /*for space*/+ sizeof("NO ") - 1 + errmsg.len + sizeof(CRLF) - 1; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ ngx_log_error(NGX_LOG_CRIT, s->connection->log, 0, "smtp is not supported!!"); return; } p = ngx_pnalloc(s->connection->pool, size); if (p == NULL) { ngx_destroy_pool(ctx->pool); ngx_mail_session_internal_server_error(s); return; } ctx->errmsg.data = p; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; if (s->command == NGX_POP3_AUTH) { p = ngx_cpymem(p, AUTHENTICATION_FAILED.data, AUTHENTICATION_FAILED.len); } break; case NGX_MAIL_IMAP_PROTOCOL: p = ngx_cpymem(p, s->tag.data, s->tag.len); *p++ = ' '; *p++ = 'N'; *p++ = 'O'; *p++ = ' '; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ break; } p = ngx_cpymem(p, errmsg.data, errmsg.len); *p++ = CR; *p++ = LF; ctx->errmsg.len = p - ctx->errmsg.data; s->out = ctx->errmsg; if (work->result == ZM_LOOKUP_LOGIN_FAILED && work->wait_time > 0) { ngx_add_timer(ctx->wait_ev, (ngx_msec_t) (work->wait_time * 1000)); s->connection->read->handler = ngx_mail_zmauth_block_read; } else { s->quit = 1; ngx_mail_send(s->connection->write); ngx_mail_set_ctx(s, NULL, ngx_mail_zmauth_module); ngx_destroy_pool(ctx->pool); } return; } }
void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t)); if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream); if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } ngx_add_timer(p->upstream.connection->read, cscf->timeout, NGX_FUNC_LINE); p->upstream.connection->data = s; p->upstream.connection->pool = s->connection->pool; s->connection->read->handler = ngx_mail_proxy_block_read; p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); s->proxy->buffer = ngx_create_temp_buf(s->connection->pool, pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0; switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }
/* 启动nginx与上游邮件服务器间的交互 */ void ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer) { int keepalive; ngx_int_t rc; ngx_mail_proxy_ctx_t *p; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; s->connection->log->action = "connecting to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); if (cscf->so_keepalive) { keepalive = 1; if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE, (const void *) &keepalive, sizeof(int)) == -1) { ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno, "setsockopt(SO_KEEPALIVE) failed"); } } p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));//创建ngx_mail_proxy_t结构体 if (p == NULL) { ngx_mail_session_internal_server_error(s); return; } s->proxy = p; p->upstream.sockaddr = peer->sockaddr; p->upstream.socklen = peer->socklen; p->upstream.name = &peer->name; p->upstream.get = ngx_event_get_peer; p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; rc = ngx_event_connect_peer(&p->upstream);//向上游邮件服务器发起无阻塞的TCP连接 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_mail_proxy_internal_server_error(s); return; } /* 需要监控接收邮件服务器的响应是否超时,于是把与上游连接的读事件添加到定时器中 */ ngx_add_timer(p->upstream.connection->read, cscf->timeout); p->upstream.connection->data = s;//设置连接的data成员指向ngx_mail_session_t结构体 p->upstream.connection->pool = s->connection->pool; /* 设置nginx于客户端间连接读事件的回调方法为不会读取内容的ngx_mail_proxy_block_read方法,因为当前阶段nginx不会与客户端交互 */ s->connection->read->handler = ngx_mail_proxy_block_read; /* 设置nginx与上游间的连接写事件回调方法为什么都不做的ngx_mail_proxy_dummy_handler方法,这意味着 接下来向上游发送TCP流时,将不再通过epoll这个事件框架来调度*/ p->upstream.connection->write->handler = ngx_mail_proxy_dummy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); /* 建立nginx与邮件服务器间的内存缓冲区 */ s->proxy->buffer = ngx_create_temp_buf(s->connection->pool,pcf->buffer_size); if (s->proxy->buffer == NULL) { ngx_mail_proxy_internal_server_error(s); return; } s->out.len = 0;//设置out为空,表示不会通过out向客户端发送响应 /* 根据用户请求的协议设置实际的邮件认证方法 */ switch (s->protocol) { case NGX_MAIL_POP3_PROTOCOL://设置POP3协议进行邮件交互认证的方法 p->upstream.connection->read->handler = ngx_mail_proxy_pop3_handler; s->mail_state = ngx_pop3_start; break; case NGX_MAIL_IMAP_PROTOCOL: p->upstream.connection->read->handler = ngx_mail_proxy_imap_handler; s->mail_state = ngx_imap_start; break; default: /* NGX_MAIL_SMTP_PROTOCOL */ p->upstream.connection->read->handler = ngx_mail_proxy_smtp_handler; s->mail_state = ngx_smtp_start; break; } }