static void
ngx_mail_auth_http_process_headers(ngx_mail_session_t *s,
ngx_mail_auth_http_ctx_t *ctx)
{
u_char *p;
time_t timer;
size_t len, size;
ngx_int_t rc, port, n;
ngx_addr_t *peer;
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
"mail auth http process headers");
for ( ;; ) {
rc = ngx_mail_auth_http_parse_header_line(s, ctx);
if (rc == NGX_OK) {
#if (NGX_DEBUG)
{
ngx_str_t key, value;
key.len = ctx->header_name_end - ctx->header_name_start;
key.data = ctx->header_name_start;
value.len = ctx->header_end - ctx->header_start;
value.data = ctx->header_start;
ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
"mail auth http header: \"%V: %V\"",
&key, &value);
}
#endif
len = ctx->header_name_end - ctx->header_name_start;
if (len == sizeof("Auth-Status") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Status",
sizeof("Auth-Status") - 1)
== 0)
{
len = ctx->header_end - ctx->header_start;
if (len == 2
&& ctx->header_start[0] == 'O'
&& ctx->header_start[1] == 'K')
{
continue;
}
if (len == 4
&& ctx->header_start[0] == 'W'
&& ctx->header_start[1] == 'A'
&& ctx->header_start[2] == 'I'
&& ctx->header_start[3] == 'T')
{
s->auth_wait = 1;
continue;
}
ctx->errmsg.len = len;
ctx->errmsg.data = ctx->header_start;
switch (s->protocol) {
case NGX_MAIL_POP3_PROTOCOL:
size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1;
break;
case NGX_MAIL_IMAP_PROTOCOL:
size = s->tag.len + sizeof("NO ") - 1 + len
+ sizeof(CRLF) - 1;
break;
default: /* NGX_MAIL_SMTP_PROTOCOL */
ctx->err = ctx->errmsg;
continue;
}
p = ngx_pnalloc(s->connection->pool, size);
if (p == NULL) {
ngx_close_connection(ctx->peer.connection);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ctx->err.data = p;
switch (s->protocol) {
case NGX_MAIL_POP3_PROTOCOL:
*p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' ';
break;
case NGX_MAIL_IMAP_PROTOCOL:
p = ngx_cpymem(p, s->tag.data, s->tag.len);
*p++ = 'N'; *p++ = 'O'; *p++ = ' ';
break;
default: /* NGX_MAIL_SMTP_PROTOCOL */
break;
}
p = ngx_cpymem(p, ctx->header_start, len);
*p++ = CR; *p++ = LF;
ctx->err.len = p - ctx->err.data;
continue;
}
if (len == sizeof("Auth-Server") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Server",
sizeof("Auth-Server") - 1)
== 0)
{
ctx->addr.len = ctx->header_end - ctx->header_start;
ctx->addr.data = ctx->header_start;
continue;
}
if (len == sizeof("Auth-Port") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Port",
sizeof("Auth-Port") - 1)
== 0)
{
ctx->port.len = ctx->header_end - ctx->header_start;
ctx->port.data = ctx->header_start;
continue;
}
if (len == sizeof("Auth-User") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-User",
sizeof("Auth-User") - 1)
== 0)
{
s->login.len = ctx->header_end - ctx->header_start;
s->login.data = ngx_pnalloc(s->connection->pool, s->login.len);
if (s->login.data == NULL) {
ngx_close_connection(ctx->peer.connection);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ngx_memcpy(s->login.data, ctx->header_start, s->login.len);
continue;
}
if (len == sizeof("Auth-Pass") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Pass",
sizeof("Auth-Pass") - 1)
== 0)
{
s->passwd.len = ctx->header_end - ctx->header_start;
s->passwd.data = ngx_pnalloc(s->connection->pool,
s->passwd.len);
if (s->passwd.data == NULL) {
ngx_close_connection(ctx->peer.connection);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len);
continue;
}
if (len == sizeof("Auth-Wait") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Wait",
sizeof("Auth-Wait") - 1)
== 0)
{
n = ngx_atoi(ctx->header_start,
ctx->header_end - ctx->header_start);
if (n != NGX_ERROR) {
ctx->sleep = n;
}
continue;
}
if (len == sizeof("Auth-Error-Code") - 1
&& ngx_strncasecmp(ctx->header_name_start,
(u_char *) "Auth-Error-Code",
sizeof("Auth-Error-Code") - 1)
== 0)
{
ctx->errcode.len = ctx->header_end - ctx->header_start;
ctx->errcode.data = ngx_pnalloc(s->connection->pool,
ctx->errcode.len);
if (ctx->errcode.data == NULL) {
ngx_close_connection(ctx->peer.connection);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ngx_memcpy(ctx->errcode.data, ctx->header_start,
ctx->errcode.len);
continue;
}
/* ignore other headers */
continue;
}
if (rc == NGX_DONE) {
ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
"mail auth http header done");
ngx_close_connection(ctx->peer.connection);
if (ctx->err.len) {
ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
"client login failed: \"%V\"", &ctx->errmsg);
if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) {
if (ctx->errcode.len == 0) {
ctx->errcode = ngx_mail_smtp_errcode;
}
ctx->err.len = ctx->errcode.len + ctx->errmsg.len
+ sizeof(" " CRLF) - 1;
p = ngx_pnalloc(s->connection->pool, ctx->err.len);
if (p == NULL) {
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ctx->err.data = p;
p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len);
*p++ = ' ';
p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len);
*p++ = CR; *p = LF;
}
s->out = ctx->err;
timer = ctx->sleep;
ngx_destroy_pool(ctx->pool);
if (timer == 0) {
s->quit = 1;
ngx_mail_send(s->connection->write);
return;
}
ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000));
s->connection->read->handler = ngx_mail_auth_sleep_handler;
return;
}
if (s->auth_wait) {
timer = ctx->sleep;
ngx_destroy_pool(ctx->pool);
if (timer == 0) {
ngx_mail_auth_http_init(s);
return;
}
ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000));
s->connection->read->handler = ngx_mail_auth_sleep_handler;
return;
}
if (ctx->addr.len == 0 || ctx->port.len == 0) {
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"auth http server %V did not send server or port",
ctx->peer.name);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
if (s->passwd.data == NULL
&& s->protocol != NGX_MAIL_SMTP_PROTOCOL)
{
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"auth http server %V did not send password",
ctx->peer.name);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_addr_t));
if (peer == NULL) {
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
rc = ngx_parse_addr(s->connection->pool, peer,
ctx->addr.data, ctx->addr.len);
switch (rc) {
case NGX_OK:
break;
case NGX_DECLINED:
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"auth http server %V sent invalid server "
"address:\"%V\"",
ctx->peer.name, &ctx->addr);
/* fall through */
default:
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
port = ngx_atoi(ctx->port.data, ctx->port.len);
if (port == NGX_ERROR || port < 1 || port > 65535) {
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"auth http server %V sent invalid server "
"port:\"%V\"",
ctx->peer.name, &ctx->port);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
ngx_inet_set_port(peer->sockaddr, (in_port_t) port);
len = ctx->addr.len + 1 + ctx->port.len;
peer->name.len = len;
peer->name.data = ngx_pnalloc(s->connection->pool, len);
if (peer->name.data == NULL) {
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
len = ctx->addr.len;
ngx_memcpy(peer->name.data, ctx->addr.data, len);
peer->name.data[len++] = ':';
ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len);
ngx_destroy_pool(ctx->pool);
ngx_mail_proxy_init(s, peer);
return;
}
if (rc == NGX_AGAIN ) {
return;
}
/* rc == NGX_ERROR */
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"auth http server %V sent invalid header in response",
ctx->peer.name);
ngx_close_connection(ctx->peer.connection);
ngx_destroy_pool(ctx->pool);
ngx_mail_session_internal_server_error(s);
return;
}
}
ngx_int_t
ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r,
ngx_http_upstream_resolved_t *ur)
{
u_char *p;
size_t len;
socklen_t socklen;
ngx_uint_t i, n;
struct sockaddr *sockaddr;
ngx_http_upstream_rr_peer_t *peer, **peerp;
ngx_http_upstream_rr_peers_t *peers;
ngx_http_upstream_rr_peer_data_t *rrp;
rrp = r->upstream->peer.data;
if (rrp == NULL) {
rrp = ngx_palloc(r->pool, sizeof(ngx_http_upstream_rr_peer_data_t));
if (rrp == NULL) {
return NGX_ERROR;
}
r->upstream->peer.data = rrp;
}
peers = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_rr_peers_t));
if (peers == NULL) {
return NGX_ERROR;
}
peer = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_rr_peer_t)
* ur->naddrs);
if (peer == NULL) {
return NGX_ERROR;
}
peers->single = (ur->naddrs == 1);
peers->number = ur->naddrs;
peers->name = &ur->host;
if (ur->sockaddr) {
peer[0].sockaddr = ur->sockaddr;
peer[0].socklen = ur->socklen;
peer[0].name = ur->host;
peer[0].weight = 1;
peer[0].effective_weight = 1;
peer[0].current_weight = 0;
peer[0].max_conns = 0;
peer[0].max_fails = 1;
peer[0].fail_timeout = 10;
peers->peer = peer;
} else {
peerp = &peers->peer;
for (i = 0; i < ur->naddrs; i++) {
socklen = ur->addrs[i].socklen;
sockaddr = ngx_palloc(r->pool, socklen);
if (sockaddr == NULL) {
return NGX_ERROR;
}
ngx_memcpy(sockaddr, ur->addrs[i].sockaddr, socklen);
ngx_inet_set_port(sockaddr, ur->port);
p = ngx_pnalloc(r->pool, NGX_SOCKADDR_STRLEN);
if (p == NULL) {
return NGX_ERROR;
}
len = ngx_sock_ntop(sockaddr, socklen, p, NGX_SOCKADDR_STRLEN, 1);
peer[i].sockaddr = sockaddr;
peer[i].socklen = socklen;
peer[i].name.len = len;
peer[i].name.data = p;
peer[i].weight = 1;
peer[i].effective_weight = 1;
peer[i].current_weight = 0;
peer[i].max_conns = 0;
peer[i].max_fails = 1;
peer[i].fail_timeout = 10;
*peerp = &peer[i];
peerp = &peer[i].next;
}
}
rrp->peers = peers;
rrp->current = NULL;
rrp->config = 0;
if (rrp->peers->number <= 8 * sizeof(uintptr_t)) {
rrp->tried = &rrp->data;
rrp->data = 0;
} else {
n = (rrp->peers->number + (8 * sizeof(uintptr_t) - 1))
/ (8 * sizeof(uintptr_t));
rrp->tried = ngx_pcalloc(r->pool, n * sizeof(uintptr_t));
if (rrp->tried == NULL) {
return NGX_ERROR;
}
}
r->upstream->peer.get = ngx_http_upstream_get_round_robin_peer;
r->upstream->peer.free = ngx_http_upstream_free_round_robin_peer;
r->upstream->peer.tries = ngx_http_upstream_tries(rrp->peers);
#if (NGX_HTTP_SSL)
r->upstream->peer.set_session = ngx_http_upstream_empty_set_session;
r->upstream->peer.save_session = ngx_http_upstream_empty_save_session;
#endif
return NGX_OK;
}
static void
ngx_ssl_ocsp_resolve_handler(ngx_resolver_ctx_t *resolve)
{
ngx_ssl_ocsp_ctx_t *ctx = resolve->data;
u_char *p;
size_t len;
socklen_t socklen;
ngx_uint_t i;
struct sockaddr *sockaddr;
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ctx->log, 0,
"ssl ocsp resolve handler");
if (resolve->state) {
ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
"%V could not be resolved (%i: %s)",
&resolve->name, resolve->state,
ngx_resolver_strerror(resolve->state));
goto failed;
}
#if (NGX_DEBUG)
{
u_char text[NGX_SOCKADDR_STRLEN];
ngx_str_t addr;
addr.data = text;
for (i = 0; i < resolve->naddrs; i++) {
addr.len = ngx_sock_ntop(resolve->addrs[i].sockaddr,
resolve->addrs[i].socklen,
text, NGX_SOCKADDR_STRLEN, 0);
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ctx->log, 0,
"name was resolved to %V", &addr);
}
}
#endif
ctx->naddrs = resolve->naddrs;
ctx->addrs = ngx_pcalloc(ctx->pool, ctx->naddrs * sizeof(ngx_addr_t));
if (ctx->addrs == NULL) {
goto failed;
}
for (i = 0; i < resolve->naddrs; i++) {
socklen = resolve->addrs[i].socklen;
sockaddr = ngx_palloc(ctx->pool, socklen);
if (sockaddr == NULL) {
goto failed;
}
ngx_memcpy(sockaddr, resolve->addrs[i].sockaddr, socklen);
ngx_inet_set_port(sockaddr, ctx->port);
ctx->addrs[i].sockaddr = sockaddr;
ctx->addrs[i].socklen = socklen;
p = ngx_pnalloc(ctx->pool, NGX_SOCKADDR_STRLEN);
if (p == NULL) {
goto failed;
}
len = ngx_sock_ntop(sockaddr, socklen, p, NGX_SOCKADDR_STRLEN, 1);
ctx->addrs[i].name.len = len;
ctx->addrs[i].name.data = p;
}
ngx_resolve_name_done(resolve);
ngx_ssl_ocsp_connect(ctx);
return;
failed:
ngx_resolve_name_done(resolve);
ngx_ssl_ocsp_error(ctx);
}
