static void
ngx_mail_proxy_smtp_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_buf_t *b;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_mail_core_srv_conf_t *cscf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy smtp auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, s->mail_state);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_smtp_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send ehlo");
s->connection->log->action = "sending HELO/EHLO to upstream";
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
line.len = sizeof("HELO ") - 1 + cscf->server_name.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
p = ngx_cpymem(line.data,
((s->esmtp || pcf->xclient) ? "EHLO " : "HELO "),
sizeof("HELO ") - 1);
p = ngx_cpymem(p, cscf->server_name.data, cscf->server_name.len);
*p++ = CR; *p = LF;
if (pcf->xclient) {
s->mail_state = ngx_smtp_helo_xclient;
} else if (s->auth_method == NGX_MAIL_AUTH_NONE) {
s->mail_state = ngx_smtp_helo_from;
} else {
s->mail_state = ngx_smtp_helo;
}
break;
case ngx_smtp_helo_xclient:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send xclient");
s->connection->log->action = "sending XCLIENT to upstream";
line.len = sizeof("XCLIENT ADDR= LOGIN= NAME="
CRLF) - 1
+ s->connection->addr_text.len + s->login.len + s->host.len;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data,
"XCLIENT ADDR=%V%s%V NAME=%V" CRLF,
&s->connection->addr_text,
(s->login.len ? " LOGIN="******""), &s->login, &s->host)
- line.data;
if (s->smtp_helo.len) {
s->mail_state = ngx_smtp_xclient_helo;
} else if (s->auth_method == NGX_MAIL_AUTH_NONE) {
s->mail_state = ngx_smtp_xclient_from;
} else {
s->mail_state = ngx_smtp_xclient;
}
break;
case ngx_smtp_xclient_helo:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send client ehlo");
s->connection->log->action = "sending client HELO/EHLO to upstream";
line.len = sizeof("HELO " CRLF) - 1 + s->smtp_helo.len;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data,
((s->esmtp) ? "EHLO %V" CRLF : "HELO %V" CRLF),
&s->smtp_helo)
- line.data;
s->mail_state = (s->auth_method == NGX_MAIL_AUTH_NONE) ?
ngx_smtp_helo_from : ngx_smtp_helo;
break;
case ngx_smtp_helo_from:
case ngx_smtp_xclient_from:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send mail from");
s->connection->log->action = "sending MAIL FROM to upstream";
line.len = s->smtp_from.len + sizeof(CRLF) - 1;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->smtp_from.data, s->smtp_from.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_smtp_from;
break;
case ngx_smtp_from:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send rcpt to");
s->connection->log->action = "sending RCPT TO to upstream";
line.len = s->smtp_to.len + sizeof(CRLF) - 1;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->smtp_to.data, s->smtp_to.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_smtp_to;
break;
case ngx_smtp_helo:
case ngx_smtp_xclient:
case ngx_smtp_to:
b = s->proxy->buffer;
if (s->auth_method == NGX_MAIL_AUTH_NONE) {
b->pos = b->start;
} else {
ngx_memcpy(b->start, smtp_auth_ok, sizeof(smtp_auth_ok) - 1);
b->last = b->start + sizeof(smtp_auth_ok) - 1;
}
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
line.len = 0;
line.data = NULL;
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
static void
ngx_mail_proxy_pop3_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy pop3 auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, 0);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_pop3_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = sizeof("USER ") - 1 + s->login.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1);
p = ngx_cpymem(p, s->login.data, s->login.len);
*p++ = CR;
*p = LF;
s->mail_state = ngx_pop3_user;
break;
case ngx_pop3_user:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass");
s->connection->log->action = "sending password to upstream";
line.len = sizeof("PASS ") - 1 + s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1);
p = ngx_cpymem(p, s->passwd.data, s->passwd.len);
*p++ = CR;
*p = LF;
s->mail_state = ngx_pop3_passwd;
break;
case ngx_pop3_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout, NGX_FUNC_LINE);
ngx_del_timer(c->read, NGX_FUNC_LINE);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
ngx_str_null(&line);
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
static void
ngx_mail_proxy_imap_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy imap auth handler");
c = rev->data;
s = c->data;
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, s->mail_state);
if (rc == NGX_AGAIN) {
return;
}
if (rc == NGX_ERROR) {
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state) {
case ngx_imap_start:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send login");
s->connection->log->action = "sending LOGIN command to upstream";
line.len = s->tag.len + sizeof("LOGIN ") - 1
+ 1 + NGX_SIZE_T_LEN + 1 + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data, "%VLOGIN {%uz}" CRLF,
&s->tag, s->login.len)
- line.data;
s->mail_state = ngx_imap_login;
break;
case ngx_imap_login:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = s->login.len + 1 + 1 + NGX_SIZE_T_LEN + 1 + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
line.len = ngx_sprintf(line.data, "%V {%uz}" CRLF,
&s->login, s->passwd.len)
- line.data;
s->mail_state = ngx_imap_user;
break;
case ngx_imap_user:
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy send passwd");
s->connection->log->action = "sending password to upstream";
line.len = s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, s->passwd.data, s->passwd.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_imap_passwd;
break;
case ngx_imap_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);
return;
default:
#if (NGX_SUPPRESS_WARN)
line.len = 0;
line.data = NULL;
#endif
break;
}
if (c->send(c, line.data, line.len) < (ssize_t) line.len) {
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
/* 与POP3邮件服务器认证交互的过程 */
static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev)
{
u_char *p;
ngx_int_t rc;
ngx_str_t line;//保存发往上游邮件服务器的消息
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_proxy_conf_t *pcf;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
"mail proxy pop3 auth handler");
c = rev->data;//获取nginx与上游的连接
s = c->data;//获取ngx_mail_session_t结构体
/* 如果读取上游邮件服务器响应超时,则向客户端发送错误响应 */
if (rev->timedout)
{
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"upstream timed out");
c->timedout = 1;
ngx_mail_proxy_internal_server_error(s);
return;
}
rc = ngx_mail_proxy_read_response(s, 0);//读取上游邮件服务器发来的响应到buffer缓冲区中
/* 还需要继续接收邮件服务器的消息 */
if (rc == NGX_AGAIN)
{
return;
}
/* 消息不合法或者邮件服务器没有通过验证,则返回错误给客户端 */
if (rc == NGX_ERROR)
{
ngx_mail_proxy_upstream_error(s);
return;
}
switch (s->mail_state)
{
case ngx_pop3_start://构造发送给邮件服务器的用户消息
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user");
s->connection->log->action = "sending user name to upstream";
line.len = sizeof("USER ") - 1 + s->login.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1);
p = ngx_cpymem(p, s->login.data, s->login.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_pop3_user;
break;
case ngx_pop3_user://构造发送给邮件服务器的密码信息
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass");
s->connection->log->action = "sending password to upstream";
line.len = sizeof("PASS ") - 1 + s->passwd.len + 2;
line.data = ngx_pnalloc(c->pool, line.len);
if (line.data == NULL) {
ngx_mail_proxy_internal_server_error(s);
return;
}
p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1);
p = ngx_cpymem(p, s->passwd.data, s->passwd.len);
*p++ = CR; *p = LF;
s->mail_state = ngx_pop3_passwd;
break;
/* 在收到服务器返回的密码验证通过信息后,将nginx与下游客户端间、nginx与上游邮件服务器间的TCP连接上读写事件
的回调方法都设置为ngx_main_proxy_handler方法*/
case ngx_pop3_passwd:
s->connection->read->handler = ngx_mail_proxy_handler;
s->connection->write->handler = ngx_mail_proxy_handler;
rev->handler = ngx_mail_proxy_handler;
c->write->handler = ngx_mail_proxy_handler;
pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module);
ngx_add_timer(s->connection->read, pcf->timeout);
ngx_del_timer(c->read);
c->log->action = NULL;
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in");
ngx_mail_proxy_handler(s->connection->write);//进入透传上下游TCP阶段
return;
default:
#if (NGX_SUPPRESS_WARN)
ngx_str_null(&line);
#endif
break;
}
/* 向上游的邮件服务器发送验证消息,注意,这里向邮件服务器发送TCP流与以前情况不同,它不再通过epoll检测到TCP连接上出现可写事件而触发。
事实上,它是由连接上出现的可读事件触发的,因为读取到了邮件服务器的消息,才向邮件服务器发送消息,之所以可以这么做的一个原因在于,当前
阶段发送的TCP消息包都非常短小*/
if (c->send(c, line.data, line.len) < (ssize_t) line.len)
{
/*
* we treat the incomplete sending as NGX_ERROR
* because it is very strange here
*/
ngx_mail_proxy_internal_server_error(s);
return;
}
/* 清空buffer缓冲区 */
s->proxy->buffer->pos = s->proxy->buffer->start;
s->proxy->buffer->last = s->proxy->buffer->start;
}
