Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nginx/nginx.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/imap/ngx_imap_handler.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/imap/ngx_imap_handler.c')
-rw-r--r--src/imap/ngx_imap_handler.c1357
1 files changed, 0 insertions, 1357 deletions
diff --git a/src/imap/ngx_imap_handler.c b/src/imap/ngx_imap_handler.c
deleted file mode 100644
index a32b10782..000000000
--- a/src/imap/ngx_imap_handler.c
+++ /dev/null
@@ -1,1357 +0,0 @@
-
-/*
- * Copyright (C) Igor Sysoev
- */
-
-
-#include <ngx_config.h>
-#include <ngx_core.h>
-#include <ngx_event.h>
-#include <ngx_imap.h>
-
-
-static void ngx_imap_init_session(ngx_connection_t *c);
-static void ngx_imap_init_protocol(ngx_event_t *rev);
-static ngx_int_t ngx_imap_decode_auth_plain(ngx_imap_session_t *s,
- ngx_str_t *encoded);
-static void ngx_imap_do_auth(ngx_imap_session_t *s);
-static ngx_int_t ngx_imap_read_command(ngx_imap_session_t *s);
-static u_char *ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len);
-
-#if (NGX_IMAP_SSL)
-static void ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c);
-static void ngx_imap_ssl_handshake_handler(ngx_connection_t *c);
-#endif
-
-
-static ngx_str_t greetings[] = {
- ngx_string("+OK POP3 ready" CRLF),
- ngx_string("* OK IMAP4 ready" CRLF)
-};
-
-static ngx_str_t internal_server_errors[] = {
- ngx_string("-ERR internal server error" CRLF),
- ngx_string("* BAD internal server error" CRLF),
-};
-
-static u_char pop3_ok[] = "+OK" CRLF;
-static u_char pop3_next[] = "+ " CRLF;
-static u_char pop3_username[] = "+ VXNlcm5hbWU6" CRLF;
-static u_char pop3_password[] = "+ UGFzc3dvcmQ6" CRLF;
-static u_char pop3_invalid_command[] = "-ERR invalid command" CRLF;
-
-static u_char imap_star[] = "* ";
-static u_char imap_ok[] = "OK completed" CRLF;
-static u_char imap_next[] = "+ OK" CRLF;
-static u_char imap_bye[] = "* BYE" CRLF;
-static u_char imap_invalid_command[] = "BAD invalid command" CRLF;
-
-
-void
-ngx_imap_init_connection(ngx_connection_t *c)
-{
- in_addr_t in_addr;
- socklen_t len;
- ngx_uint_t i;
- struct sockaddr_in sin;
- ngx_imap_log_ctx_t *ctx;
- ngx_imap_in_port_t *imip;
- ngx_imap_in_addr_t *imia;
- ngx_imap_session_t *s;
-#if (NGX_IMAP_SSL)
- ngx_imap_ssl_conf_t *sslcf;
-#endif
-
-
- /* find the server configuration for the address:port */
-
- /* AF_INET only */
-
- imip = c->listening->servers;
- imia = imip->addrs;
-
- i = 0;
-
- if (imip->naddrs > 1) {
-
- /*
- * There are several addresses on this port and one of them
- * is the "*:port" wildcard so getsockname() is needed to determine
- * the server address.
- *
- * AcceptEx() already gave this address.
- */
-
-#if (NGX_WIN32)
- if (c->local_sockaddr) {
- in_addr =
- ((struct sockaddr_in *) c->local_sockaddr)->sin_addr.s_addr;
-
- } else
-#endif
- {
- len = sizeof(struct sockaddr_in);
- if (getsockname(c->fd, (struct sockaddr *) &sin, &len) == -1) {
- ngx_connection_error(c, ngx_socket_errno,
- "getsockname() failed");
- ngx_imap_close_connection(c);
- return;
- }
-
- in_addr = sin.sin_addr.s_addr;
- }
-
- /* the last address is "*" */
-
- for ( /* void */ ; i < imip->naddrs - 1; i++) {
- if (in_addr == imia[i].addr) {
- break;
- }
- }
- }
-
-
- s = ngx_pcalloc(c->pool, sizeof(ngx_imap_session_t));
- if (s == NULL) {
- ngx_imap_close_connection(c);
- return;
- }
-
- s->main_conf = imia[i].ctx->main_conf;
- s->srv_conf = imia[i].ctx->srv_conf;
-
- s->addr_text = &imia[i].addr_text;
-
- c->data = s;
- s->connection = c;
-
- ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%ui client %V connected to %V",
- c->number, &c->addr_text, s->addr_text);
-
- ctx = ngx_palloc(c->pool, sizeof(ngx_imap_log_ctx_t));
- if (ctx == NULL) {
- ngx_imap_close_connection(c);
- return;
- }
-
- ctx->client = &c->addr_text;
- ctx->session = s;
-
- c->log->connection = c->number;
- c->log->handler = ngx_imap_log_error;
- c->log->data = ctx;
- c->log->action = "sending client greeting line";
-
- c->log_error = NGX_ERROR_INFO;
-
-#if (NGX_IMAP_SSL)
-
- sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
-
- if (sslcf->enable) {
- ngx_imap_ssl_init_connection(&sslcf->ssl, c);
- return;
- }
-
-#endif
-
- ngx_imap_init_session(c);
-}
-
-
-#if (NGX_IMAP_SSL)
-
-static void
-ngx_imap_starttls_handler(ngx_event_t *rev)
-{
- ngx_connection_t *c;
- ngx_imap_session_t *s;
- ngx_imap_ssl_conf_t *sslcf;
-
- c = rev->data;
- s = c->data;
- s->starttls = 1;
-
- c->log->action = "in starttls state";
-
- sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
-
- ngx_imap_ssl_init_connection(&sslcf->ssl, c);
-}
-
-
-static void
-ngx_imap_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c)
-{
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-
- if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) {
- ngx_imap_close_connection(c);
- return;
- }
-
- if (ngx_ssl_handshake(c) == NGX_AGAIN) {
-
- s = c->data;
-
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
- ngx_add_timer(c->read, cscf->timeout);
-
- c->ssl->handler = ngx_imap_ssl_handshake_handler;
-
- return;
- }
-
- ngx_imap_ssl_handshake_handler(c);
-}
-
-
-static void
-ngx_imap_ssl_handshake_handler(ngx_connection_t *c)
-{
- ngx_imap_session_t *s;
-
- if (c->ssl->handshaked) {
-
- s = c->data;
-
- if (s->starttls) {
- c->read->handler = ngx_imap_init_protocol;
- c->write->handler = ngx_imap_send;
-
- ngx_imap_init_protocol(c->read);
-
- return;
- }
-
- ngx_imap_init_session(c);
- return;
- }
-
- ngx_imap_close_connection(c);
-}
-
-#endif
-
-
-static void
-ngx_imap_init_session(ngx_connection_t *c)
-{
- u_char *p;
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-
- c->read->handler = ngx_imap_init_protocol;
- c->write->handler = ngx_imap_send;
-
- s = c->data;
-
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
- s->protocol = cscf->protocol;
-
- s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_imap_max_module);
- if (s->ctx == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- s->out = greetings[s->protocol];
-
- if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
- && s->protocol == NGX_IMAP_POP3_PROTOCOL)
- {
- s->salt.data = ngx_palloc(c->pool,
- sizeof(" <18446744073709551616.@>" CRLF) - 1
- + NGX_TIME_T_LEN
- + cscf->server_name.len);
- if (s->salt.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- s->salt.len = ngx_sprintf(s->salt.data, "<%ul.%T@%V>" CRLF,
- ngx_random(), ngx_time(), &cscf->server_name)
- - s->salt.data;
-
- s->out.data = ngx_palloc(c->pool, greetings[0].len + 1 + s->salt.len);
- if (s->out.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- p = ngx_cpymem(s->out.data, greetings[0].data, greetings[0].len - 2);
- *p++ = ' ';
- p = ngx_cpymem(p, s->salt.data, s->salt.len);
-
- s->out.len = p - s->out.data;
- }
-
- ngx_add_timer(c->read, cscf->timeout);
-
- if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
- ngx_imap_close_connection(c);
- }
-
- ngx_imap_send(c->write);
-}
-
-
-void
-ngx_imap_send(ngx_event_t *wev)
-{
- ngx_int_t n;
- ngx_connection_t *c;
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-
- c = wev->data;
- s = c->data;
-
- if (wev->timedout) {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
- c->timedout = 1;
- ngx_imap_close_connection(c);
- return;
- }
-
- if (s->out.len == 0) {
- if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
- ngx_imap_close_connection(c);
- }
-
- return;
- }
-
- n = c->send(c, s->out.data, s->out.len);
-
- if (n > 0) {
- s->out.len -= n;
-
- if (wev->timer_set) {
- ngx_del_timer(wev);
- }
-
- if (s->quit) {
- ngx_imap_close_connection(c);
- return;
- }
-
- if (s->blocked) {
- c->read->handler(c->read);
- }
-
- return;
- }
-
- if (n == NGX_ERROR) {
- ngx_imap_close_connection(c);
- return;
- }
-
- /* n == NGX_AGAIN */
-
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
- ngx_add_timer(c->write, cscf->timeout);
-
- if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
- ngx_imap_close_connection(c);
- return;
- }
-}
-
-
-static void
-ngx_imap_init_protocol(ngx_event_t *rev)
-{
- size_t size;
- ngx_connection_t *c;
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-
- c = rev->data;
-
- c->log->action = "in auth state";
-
- if (rev->timedout) {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
- c->timedout = 1;
- ngx_imap_close_connection(c);
- return;
- }
-
- s = c->data;
-
- if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
- size = 128;
- s->imap_state = ngx_pop3_start;
- c->read->handler = ngx_pop3_auth_state;
-
- } else {
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
- size = cscf->imap_client_buffer_size;
- s->imap_state = ngx_imap_start;
- c->read->handler = ngx_imap_auth_state;
- }
-
- if (s->buffer == NULL) {
- if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t))
- == NGX_ERROR)
- {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- s->buffer = ngx_create_temp_buf(c->pool, size);
- if (s->buffer == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
- }
-
- c->read->handler(rev);
-}
-
-
-void
-ngx_imap_auth_state(ngx_event_t *rev)
-{
- u_char *text, *last, *p, *dst, *src, *end;
- ssize_t text_len, last_len;
- ngx_str_t *arg;
- ngx_int_t rc;
- ngx_uint_t tag, i;
- ngx_connection_t *c;
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-#if (NGX_IMAP_SSL)
- ngx_imap_ssl_conf_t *sslcf;
-#endif
-
- c = rev->data;
- s = c->data;
-
- ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth state");
-
- if (rev->timedout) {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
- c->timedout = 1;
- ngx_imap_close_connection(c);
- return;
- }
-
- if (s->out.len) {
- ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
- s->blocked = 1;
- return;
- }
-
- s->blocked = 0;
-
- rc = ngx_imap_read_command(s);
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth: %i", rc);
-
- if (rc == NGX_AGAIN || rc == NGX_ERROR) {
- return;
- }
-
- tag = 1;
-
- text = NULL;
- text_len = 0;
-
- last = imap_ok;
- last_len = sizeof(imap_ok) - 1;
-
- if (rc == NGX_OK) {
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap auth command: %i",
- s->command);
-
- if (s->backslash) {
-
- arg = s->args.elts;
-
- for (i = 0; i < s->args.nelts; i++) {
- dst = arg[i].data;
- end = dst + arg[i].len;
-
- for (src = dst; src < end; dst++) {
- *dst = *src;
- if (*src++ == '\\') {
- *dst = *src++;
- }
- }
-
- arg[i].len = dst - arg[i].data;
- }
-
- s->backslash = 0;
- }
-
- switch (s->command) {
-
- case NGX_IMAP_LOGIN:
-
-#if (NGX_IMAP_SSL)
-
- if (c->ssl == NULL) {
- sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
-
- if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
- }
-#endif
-
- arg = s->args.elts;
-
- if (s->args.nelts == 2 && arg[0].len) {
-
- s->login.len = arg[0].len;
- s->login.data = ngx_palloc(c->pool, s->login.len);
- if (s->login.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->login.data, arg[0].data, s->login.len);
-
- s->passwd.len = arg[1].len;
- s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
- if (s->passwd.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "imap login:\"%V\" passwd:\"%V\"",
- &s->login, &s->passwd);
-#else
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "imap login:\"%V\"", &s->login);
-#endif
-
- ngx_imap_do_auth(s);
- return;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-
- case NGX_IMAP_CAPABILITY:
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
-#if (NGX_IMAP_SSL)
-
- if (c->ssl == NULL) {
- sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
-
- if (sslcf->starttls == NGX_IMAP_STARTTLS_ON) {
- text_len = cscf->imap_starttls_capability.len;
- text = cscf->imap_starttls_capability.data;
- break;
- }
-
- if (sslcf->starttls == NGX_IMAP_STARTTLS_ONLY) {
- text_len = cscf->imap_starttls_only_capability.len;
- text = cscf->imap_starttls_only_capability.data;
- break;
- }
- }
-#endif
-
- text_len = cscf->imap_capability.len;
- text = cscf->imap_capability.data;
- break;
-
- case NGX_IMAP_LOGOUT:
- s->quit = 1;
- text = imap_bye;
- text_len = sizeof(imap_bye) - 1;
- break;
-
- case NGX_IMAP_NOOP:
- break;
-
-#if (NGX_IMAP_SSL)
-
- case NGX_IMAP_STARTTLS:
- if (c->ssl == NULL) {
- sslcf = ngx_imap_get_module_srv_conf(s, ngx_imap_ssl_module);
- if (sslcf->starttls) {
- c->read->handler = ngx_imap_starttls_handler;
- break;
- }
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-#endif
-
- default:
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- } else if (rc == NGX_IMAP_NEXT) {
- last = imap_next;
- last_len = sizeof(imap_next) - 1;
- tag = 0;
- }
-
- if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
- last = imap_invalid_command;
- last_len = sizeof(imap_invalid_command) - 1;
- }
-
- if (tag) {
- if (s->tag.len == 0) {
- s->tag.len = sizeof(imap_star) - 1;
- s->tag.data = (u_char *) imap_star;
- }
-
- if (s->tagged_line.len < s->tag.len + text_len + last_len) {
- s->tagged_line.len = s->tag.len + text_len + last_len;
- s->tagged_line.data = ngx_palloc(c->pool, s->tagged_line.len);
- if (s->tagged_line.data == NULL) {
- ngx_imap_close_connection(c);
- return;
- }
- }
-
- s->out.data = s->tagged_line.data;
- s->out.len = s->tag.len + text_len + last_len;
-
- p = s->out.data;
-
- if (text) {
- p = ngx_cpymem(p, text, text_len);
- }
- p = ngx_cpymem(p, s->tag.data, s->tag.len);
- ngx_memcpy(p, last, last_len);
-
-
- } else {
- s->out.data = last;
- s->out.len = last_len;
- }
-
- if (rc != NGX_IMAP_NEXT) {
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->tag.len = 0;
- }
-
- ngx_imap_send(c->write);
-}
-
-
-void
-ngx_pop3_auth_state(ngx_event_t *rev)
-{
- u_char *text, *p, *last;
- ssize_t size;
- ngx_int_t rc;
- ngx_str_t *arg, salt;
- ngx_connection_t *c;
- ngx_imap_session_t *s;
- ngx_imap_core_srv_conf_t *cscf;
-#if (NGX_IMAP_SSL)
- ngx_imap_ssl_conf_t *sslcf;
-#endif
-
- c = rev->data;
- s = c->data;
-
- ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth state");
-
- if (rev->timedout) {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
- c->timedout = 1;
- ngx_imap_close_connection(c);
- return;
- }
-
- if (s->out.len) {
- ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap send handler busy");
- s->blocked = 1;
- return;
- }
-
- s->blocked = 0;
-
- rc = ngx_imap_read_command(s);
-
- if (rc == NGX_AGAIN || rc == NGX_ERROR) {
- return;
- }
-
- text = pop3_ok;
- size = sizeof(pop3_ok) - 1;
-
- if (rc == NGX_OK) {
- switch (s->imap_state) {
-
- case ngx_pop3_start:
-
- switch (s->command) {
-
- case NGX_POP3_USER:
- if (s->args.nelts == 1) {
- s->imap_state = ngx_pop3_user;
-
- arg = s->args.elts;
- s->login.len = arg[0].len;
- s->login.data = ngx_palloc(c->pool, s->login.len);
- if (s->login.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->login.data, arg[0].data, s->login.len);
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 login: \"%V\"", &s->login);
-
- break;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-
- case NGX_POP3_CAPA:
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
-#if (NGX_IMAP_SSL)
-
- if (c->ssl == NULL) {
- sslcf = ngx_imap_get_module_srv_conf(s,
- ngx_imap_ssl_module);
- if (sslcf->starttls) {
- size = cscf->pop3_starttls_capability.len;
- text = cscf->pop3_starttls_capability.data;
- break;
- }
- }
-#endif
-
- size = cscf->pop3_capability.len;
- text = cscf->pop3_capability.data;
- break;
-
- case NGX_POP3_APOP:
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
- if ((cscf->auth_methods & NGX_IMAP_AUTH_APOP_ENABLED)
- && s->args.nelts == 2)
- {
- arg = s->args.elts;
-
- s->login.len = arg[0].len;
- s->login.data = ngx_palloc(c->pool, s->login.len);
- if (s->login.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->login.data, arg[0].data, s->login.len);
-
- s->passwd.len = arg[1].len;
- s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
- if (s->passwd.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
-
- ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 apop: \"%V\" \"%V\"",
- &s->login, &s->passwd);
-
- s->auth_method = NGX_IMAP_AUTH_APOP;
-
- ngx_imap_do_auth(s);
- return;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-
- case NGX_POP3_AUTH:
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
-
- if (s->args.nelts == 0) {
- size = cscf->pop3_auth_capability.len;
- text = cscf->pop3_auth_capability.data;
- s->state = 0;
- break;
- }
-
- arg = s->args.elts;
-
- if (arg[0].len == 5) {
-
- if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5)
- == 0)
- {
-
- if (s->args.nelts != 1) {
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- s->imap_state = ngx_pop3_auth_login_username;
-
- size = sizeof(pop3_username) - 1;
- text = pop3_username;
-
- break;
-
- } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN",
- 5)
- == 0)
- {
-
- if (s->args.nelts == 1) {
- s->imap_state = ngx_pop3_auth_plain;
-
- size = sizeof(pop3_next) - 1;
- text = pop3_next;
-
- break;
- }
-
- if (s->args.nelts == 2) {
-
- /*
- * workaround for Eudora for Mac: it sends
- * AUTH PLAIN [base64 encoded]
- */
-
- rc = ngx_imap_decode_auth_plain(s, &arg[1]);
-
- if (rc == NGX_OK) {
- ngx_imap_do_auth(s);
- return;
- }
-
- if (rc == NGX_ERROR) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
-
- break;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- } else if (arg[0].len == 8
- && ngx_strncasecmp(arg[0].data,
- (u_char *) "CRAM-MD5", 8)
- == 0)
- {
- s->imap_state = ngx_pop3_auth_cram_md5;
-
- text = ngx_palloc(c->pool,
- sizeof("+ " CRLF) - 1
- + ngx_base64_encoded_length(s->salt.len));
- if (text == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- text[0] = '+'; text[1]= ' ';
- salt.data = &text[2];
- s->salt.len -= 2;
-
- ngx_encode_base64(&salt, &s->salt);
-
- s->salt.len += 2;
- size = 2 + salt.len;
- text[size++] = CR; text[size++] = LF;
-
- break;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-
- case NGX_POP3_QUIT:
- s->quit = 1;
- break;
-
- case NGX_POP3_NOOP:
- break;
-
-#if (NGX_IMAP_SSL)
-
- case NGX_POP3_STLS:
- if (c->ssl == NULL) {
- sslcf = ngx_imap_get_module_srv_conf(s,
- ngx_imap_ssl_module);
- if (sslcf->starttls) {
- c->read->handler = ngx_imap_starttls_handler;
- break;
- }
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-#endif
-
- default:
- s->imap_state = ngx_pop3_start;
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- break;
-
- case ngx_pop3_user:
-
- switch (s->command) {
-
- case NGX_POP3_PASS:
- if (s->args.nelts == 1) {
- arg = s->args.elts;
- s->passwd.len = arg[0].len;
- s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
- if (s->passwd.data == NULL) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len);
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 passwd: \"%V\"", &s->passwd);
-#endif
-
- ngx_imap_do_auth(s);
- return;
- }
-
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
-
- case NGX_POP3_CAPA:
- cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module);
- size = cscf->pop3_capability.len;
- text = cscf->pop3_capability.data;
- break;
-
- case NGX_POP3_QUIT:
- s->quit = 1;
- break;
-
- case NGX_POP3_NOOP:
- break;
-
- default:
- s->imap_state = ngx_pop3_start;
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- break;
-
- /* suppress warinings */
- case ngx_pop3_passwd:
- break;
-
- case ngx_pop3_auth_login_username:
- arg = s->args.elts;
- s->imap_state = ngx_pop3_auth_login_password;
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth login username: \"%V\"", &arg[0]);
-
- s->login.data = ngx_palloc(c->pool,
- ngx_base64_decoded_length(arg[0].len));
- if (s->login.data == NULL){
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
- ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid base64 encoding "
- "in AUTH LOGIN command");
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth login username: \"%V\"", &s->login);
-
- size = sizeof(pop3_password) - 1;
- text = pop3_password;
-
- break;
-
- case ngx_pop3_auth_login_password:
- arg = s->args.elts;
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth login password: \"%V\"", &arg[0]);
-#endif
-
- s->passwd.data = ngx_palloc(c->pool,
- ngx_base64_decoded_length(arg[0].len));
- if (s->passwd.data == NULL){
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
- ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid base64 encoding "
- "in AUTH LOGIN command");
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth login password: \"%V\"", &s->passwd);
-#endif
-
- ngx_imap_do_auth(s);
- return;
-
- case ngx_pop3_auth_plain:
- arg = s->args.elts;
-
- rc = ngx_imap_decode_auth_plain(s, &arg[0]);
-
- if (rc == NGX_OK) {
- ngx_imap_do_auth(s);
- return;
- }
-
- if (rc == NGX_ERROR) {
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- /* rc == NGX_IMAP_PARSE_INVALID_COMMAND */
-
- break;
-
- case ngx_pop3_auth_cram_md5:
- arg = s->args.elts;
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth cram-md5: \"%V\"", &arg[0]);
-
- s->login.data = ngx_palloc(c->pool,
- ngx_base64_decoded_length(arg[0].len));
- if (s->login.data == NULL){
- ngx_imap_session_internal_server_error(s);
- return;
- }
-
- if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
- ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid base64 encoding "
- "in AUTH CRAM-MD5 command");
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- p = s->login.data;
- last = p + s->login.len;
-
- while (p < last) {
- if (*p++ == ' ') {
- s->login.len = p - s->login.data - 1;
- s->passwd.len = last - p;
- s->passwd.data = p;
- break;
- }
- }
-
- if (s->passwd.len != 32) {
- ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid CRAM-MD5 hash "
- "in AUTH CRAM-MD5 command");
- rc = NGX_IMAP_PARSE_INVALID_COMMAND;
- break;
- }
-
- ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "pop3 auth cram-md5: \"%V\" \"%V\"",
- &s->login, &s->passwd);
-
- s->auth_method = NGX_IMAP_AUTH_CRAM_MD5;
-
- ngx_imap_do_auth(s);
- return;
- }
- }
-
- if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
- s->imap_state = ngx_pop3_start;
- s->state = 0;
- text = pop3_invalid_command;
- size = sizeof(pop3_invalid_command) - 1;
- }
-
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
-
- if (s->state) {
- s->arg_start = s->buffer->start;
- }
-
- s->out.data = text;
- s->out.len = size;
-
- ngx_imap_send(c->write);
-}
-
-
-static ngx_int_t
-ngx_imap_decode_auth_plain(ngx_imap_session_t *s, ngx_str_t *encoded)
-{
- u_char *p, *last;
- ngx_str_t plain;
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
- "pop3 auth plain: \"%V\"", encoded);
-#endif
-
- plain.data = ngx_palloc(s->connection->pool,
- ngx_base64_decoded_length(encoded->len));
- if (plain.data == NULL){
- return NGX_ERROR;
- }
-
- if (ngx_decode_base64(&plain, encoded) != NGX_OK) {
- ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
- "client sent invalid base64 encoding "
- "in AUTH PLAIN command");
- return NGX_IMAP_PARSE_INVALID_COMMAND;
- }
-
- p = plain.data;
- last = p + plain.len;
-
- while (p < last && *p++) { /* void */ }
-
- if (p == last) {
- ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
- "client sent invalid login in AUTH PLAIN command");
- return NGX_IMAP_PARSE_INVALID_COMMAND;
- }
-
- s->login.data = p;
-
- while (p < last && *p) { p++; }
-
- if (p == last) {
- ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
- "client sent invalid password in AUTH PLAIN command");
- return NGX_IMAP_PARSE_INVALID_COMMAND;
- }
-
- s->login.len = p++ - s->login.data;
-
- s->passwd.len = last - p;
- s->passwd.data = p;
-
-#if (NGX_DEBUG_IMAP_PASSWD)
- ngx_log_debug2(NGX_LOG_DEBUG_IMAP, s->connection->log, 0,
- "pop3 auth plain: \"%V\" \"%V\"",
- &s->login, &s->passwd);
-#endif
-
- return NGX_OK;
-}
-
-
-static void
-ngx_imap_do_auth(ngx_imap_session_t *s)
-{
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->state = 0;
-
- if (s->connection->read->timer_set) {
- ngx_del_timer(s->connection->read);
- }
-
- s->login_attempt++;
-
- ngx_imap_auth_http_init(s);
-}
-
-
-static ngx_int_t
-ngx_imap_read_command(ngx_imap_session_t *s)
-{
- ssize_t n;
- ngx_int_t rc;
- ngx_str_t l;
-
- n = s->connection->recv(s->connection, s->buffer->last,
- s->buffer->end - s->buffer->last);
-
- if (n == NGX_ERROR || n == 0) {
- ngx_imap_close_connection(s->connection);
- return NGX_ERROR;
- }
-
- if (n > 0) {
- s->buffer->last += n;
- }
-
- if (n == NGX_AGAIN) {
- if (ngx_handle_read_event(s->connection->read, 0) == NGX_ERROR) {
- ngx_imap_session_internal_server_error(s);
- return NGX_ERROR;
- }
-
- return NGX_AGAIN;
- }
-
- if (s->protocol == NGX_IMAP_POP3_PROTOCOL) {
- rc = ngx_pop3_parse_command(s);
- } else {
- rc = ngx_imap_parse_command(s);
- }
-
- if (rc == NGX_AGAIN) {
-
- if (s->buffer->last < s->buffer->end) {
- return rc;
- }
-
- l.len = s->buffer->last - s->buffer->start;
- l.data = s->buffer->start;
-
- ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
- "client sent too long command \"%V\"", &l);
-
- s->quit = 1;
-
- return NGX_IMAP_PARSE_INVALID_COMMAND;
- }
-
- if (rc == NGX_IMAP_NEXT || rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
- return rc;
- }
-
- if (rc == NGX_ERROR) {
- ngx_imap_close_connection(s->connection);
- return NGX_ERROR;
- }
-
- return NGX_OK;
-}
-
-
-void
-ngx_imap_session_internal_server_error(ngx_imap_session_t *s)
-{
- s->out = internal_server_errors[s->protocol];
- s->quit = 1;
-
- ngx_imap_send(s->connection->write);
-}
-
-
-void
-ngx_imap_close_connection(ngx_connection_t *c)
-{
- ngx_pool_t *pool;
-
- ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
- "close imap connection: %d", c->fd);
-
-#if (NGX_IMAP_SSL)
-
- if (c->ssl) {
- if (ngx_ssl_shutdown(c) == NGX_AGAIN) {
- c->ssl->handler = ngx_imap_close_connection;
- return;
- }
- }
-
-#endif
-
- c->destroyed = 1;
-
- pool = c->pool;
-
- ngx_close_connection(c);
-
- ngx_destroy_pool(pool);
-}
-
-
-static u_char *
-ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len)
-{
- u_char *p;
- ngx_imap_session_t *s;
- ngx_imap_log_ctx_t *ctx;
-
- if (log->action) {
- p = ngx_snprintf(buf, len, " while %s", log->action);
- len -= p - buf;
- buf = p;
- }
-
- ctx = log->data;
-
- p = ngx_snprintf(buf, len, ", client: %V", ctx->client);
- len -= p - buf;
- buf = p;
-
- s = ctx->session;
-
- if (s == NULL) {
- return p;
- }
-
- p = ngx_snprintf(buf, len, ", server: %V", s->addr_text);
- len -= p - buf;
- buf = p;
-
- if (s->login.len == 0) {
- return p;
- }
-
- p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login);
- len -= p - buf;
- buf = p;
-
- if (s->proxy == NULL) {
- return p;
- }
-
- p = ngx_snprintf(buf, len, ", upstream: %V", s->proxy->upstream.name);
-
- return p;
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 09:31:18 +0300