summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGES22
-rw-r--r--CHANGES.ru25
-rw-r--r--auto/cc/sunc3
-rw-r--r--auto/lib/pcre/conf2
-rw-r--r--conf/fastcgi_params2
-rw-r--r--src/core/nginx.c3
-rw-r--r--src/core/nginx.h2
-rw-r--r--src/core/ngx_file.c7
-rw-r--r--src/core/ngx_palloc.c1
-rw-r--r--src/core/ngx_string.c22
-rw-r--r--src/core/ngx_string.h17
-rw-r--r--src/http/modules/ngx_http_memcached_module.c16
-rw-r--r--src/http/modules/ngx_http_ssi_filter_module.c2
-rw-r--r--src/http/modules/perl/nginx.pm2
-rw-r--r--src/http/ngx_http_variables.c20
-rw-r--r--src/mail/ngx_mail.h83
-rw-r--r--src/mail/ngx_mail_core_module.c100
-rw-r--r--src/mail/ngx_mail_handler.c446
-rw-r--r--src/mail/ngx_mail_parse.c56
19 files changed, 703 insertions, 128 deletions
diff --git a/CHANGES b/CHANGES
index 7bfeefb2c..9abd69e33 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,7 +1,29 @@
+Changes with nginx 0.6.5 23 Jul 2007
+
+ *) Feature: $nginx_version variable.
+ Thanks to Nick S. Grechukh.
+
+ *) Feature: the mail proxy supports AUTHENTICATE in IMAP mode.
+ Thanks to Maxim Dounin.
+
+ *) Feature: the mail proxy supports STARTTLS in SMTP mode.
+ Thanks to Maxim Dounin.
+
+ *) Bugfix: now nginx escapes space in $memcached_key variable.
+
+ *) Bugfix: nginx was incorrectly built by Sun Studio on
+ Solaris/amd64.
+ Thanks to Jiang Hong.
+
+ *) Bugfix: of minor potential bugs.
+ Thanks to Coverity's Scan.
+
+
Changes with nginx 0.6.4 17 Jul 2007
*) Security: the "msie_refresh" directive allowed XSS.
+ Thanks to Maxim Boguk.
*) Change: the "proxy_store" and "fastcgi_store" directives were
changed.
diff --git a/CHANGES.ru b/CHANGES.ru
index f2c71de3b..3a9b54084 100644
--- a/CHANGES.ru
+++ b/CHANGES.ru
@@ -1,8 +1,33 @@
+Изменения в nginx 0.6.5 23.07.2007
+
+ *) Добавление: переменная $nginx_version.
+ Спасибо Николаю Гречуху.
+
+ *) Добавление: почтовый прокси-сервер поддерживает AUTHENTICATE в
+ режиме IMAP.
+ Спасибо Максиму Дунину.
+
+ *) Добавление: почтовый прокси-сервер поддерживает STARTTLS в режиме
+ SMTP.
+ Спасибо Максиму Дунину.
+
+ *) Исправление: теперь nginx экранирует пробел в переменной
+ $memcached_key.
+
+ *) Исправление: nginx неправильно собирался Sun Studio на
+ Solaris/amd64.
+ Спасибо Jiang Hong.
+
+ *) Исправление: незначительных потенциальных ошибок.
+ Спасибо Coverity's Scan.
+
+
Изменения в nginx 0.6.4 17.07.2007
*) Безопасность: при использовании директивы msie_refresh был возможен
XSS.
+ Спасибо Максиму Богуку.
*) Изменение: директивы proxy_store и fastcgi_store изменены.
diff --git a/auto/cc/sunc b/auto/cc/sunc
index f40d8aa7e..f7eb8800d 100644
--- a/auto/cc/sunc
+++ b/auto/cc/sunc
@@ -74,6 +74,7 @@ esac
IPO=-xipo
CFLAGS="$CFLAGS -fast $IPO"
+CORE_LINK="$CORE_LINK -fast $IPO"
case $CPU in
@@ -128,7 +129,7 @@ case $CPU in
# build 64-bit amd64 binary
CPU_OPT="$ngx_amd64"
CORE_LINK="$CORE_LINK $ngx_amd64"
- CC_AUX_FLAGS="$CC_AUX_FLAGS $ngx_amd4"
+ CC_AUX_FLAGS="$CC_AUX_FLAGS $ngx_amd64"
NGX_AUX=" src/os/unix/ngx_sunpro_amd64.il"
NGX_CPU_CACHE_LINE=64
;;
diff --git a/auto/lib/pcre/conf b/auto/lib/pcre/conf
index c966a284f..3789ad14b 100644
--- a/auto/lib/pcre/conf
+++ b/auto/lib/pcre/conf
@@ -29,7 +29,7 @@ if [ $PCRE != NONE ]; then
ngx_pcre_ver=`grep PCRE_MAJOR $PCRE/pcre.h \
| sed -e 's/^.*PCRE_MAJOR.* \(.*\)$/\1/'`
- else if [ -f $PCRE/configure.in.h ]; then
+ else if [ -f $PCRE/configure.in ]; then
ngx_pcre_ver=`grep PCRE_MAJOR= $PCRE/configure.in \
| sed -e 's/^.*=\(.*\)$/\1/'`
diff --git a/conf/fastcgi_params b/conf/fastcgi_params
index 748a06c7c..201c686e2 100644
--- a/conf/fastcgi_params
+++ b/conf/fastcgi_params
@@ -11,7 +11,7 @@ fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
-fastcgi_param SERVER_SOFTWARE nginx;
+fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
diff --git a/src/core/nginx.c b/src/core/nginx.c
index df6c72cfd..b758775e3 100644
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@@ -438,6 +438,9 @@ ngx_set_environment(ngx_cycle_t *cycle, ngx_uint_t *last)
}
var = ngx_array_push(&ccf->env);
+ if (var == NULL) {
+ return NULL;
+ }
var->len = 2;
var->data = (u_char *) "TZ";
diff --git a/src/core/nginx.h b/src/core/nginx.h
index 126652560..85ae5e212 100644
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -8,7 +8,7 @@
#define _NGINX_H_INCLUDED_
-#define NGINX_VERSION "0.6.4"
+#define NGINX_VERSION "0.6.5"
#define NGINX_VER "nginx/" NGINX_VERSION
#define NGINX_VAR "NGINX"
diff --git a/src/core/ngx_file.c b/src/core/ngx_file.c
index 55cfd7ca2..fcb8ff080 100644
--- a/src/core/ngx_file.c
+++ b/src/core/ngx_file.c
@@ -518,6 +518,9 @@ ngx_walk_tree(ngx_tree_ctx_t *ctx, ngx_str_t *tree)
}
ctx->data = data;
+
+ } else {
+ data = NULL;
}
for ( ;; ) {
@@ -643,8 +646,8 @@ done:
ngx_free(buf.data);
}
- if (ctx->alloc) {
- ngx_free(ctx->data);
+ if (data) {
+ ngx_free(data);
ctx->data = prev;
}
diff --git a/src/core/ngx_palloc.c b/src/core/ngx_palloc.c
index 2e72a0f3b..978fc30f0 100644
--- a/src/core/ngx_palloc.c
+++ b/src/core/ngx_palloc.c
@@ -163,6 +163,7 @@ ngx_palloc(ngx_pool_t *pool, size_t size)
large = ngx_palloc(pool, sizeof(ngx_pool_large_t));
if (large == NULL) {
+ ngx_free(p);
return NULL;
}
diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index 6a927b03b..a07dbebeb 100644
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -1059,7 +1059,27 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */
};
- static uint32_t *map[] = { uri, args, html, refresh };
+ /* " ", %00-%1F */
+
+ static uint32_t memcached[] = {
+ 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */
+
+ /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */
+ 0x00000001, /* 0000 0000 0000 0000 0000 0000 0000 0001 */
+
+ /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+
+ /* ~}| {zyx wvut srqp onml kjih gfed cba` */
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+ 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
+ };
+
+ static uint32_t *map[] = { uri, args, html, refresh, memcached };
escape = map[type];
diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h
index 9e0b06394..b4a96c543 100644
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@@ -150,12 +150,13 @@ size_t ngx_utf_length(u_char *p, size_t n);
u_char *ngx_utf_cpystrn(u_char *dst, u_char *src, size_t n);
-#define NGX_ESCAPE_URI 0
-#define NGX_ESCAPE_ARGS 1
-#define NGX_ESCAPE_HTML 2
-#define NGX_ESCAPE_REFRESH 3
+#define NGX_ESCAPE_URI 0
+#define NGX_ESCAPE_ARGS 1
+#define NGX_ESCAPE_HTML 2
+#define NGX_ESCAPE_REFRESH 3
+#define NGX_ESCAPE_MEMCACHED 4
-#define NGX_UNESCAPE_URI 1
+#define NGX_UNESCAPE_URI 1
uintptr_t ngx_escape_uri(u_char *dst, u_char *src, size_t size,
ngx_uint_t type);
@@ -164,11 +165,11 @@ void ngx_unescape_uri(u_char **dst, u_char **src, size_t size, ngx_uint_t type);
void ngx_sort(void *base, size_t n, size_t size,
int (*cmp)(const void *, const void *));
-#define ngx_qsort qsort
+#define ngx_qsort qsort
-#define ngx_value_helper(n) #n
-#define ngx_value(n) ngx_value_helper(n)
+#define ngx_value_helper(n) #n
+#define ngx_value(n) ngx_value_helper(n)
#endif /* _NGX_STRING_H_INCLUDED_ */
diff --git a/src/http/modules/ngx_http_memcached_module.c b/src/http/modules/ngx_http_memcached_module.c
index ffd872b44..f7205418c 100644
--- a/src/http/modules/ngx_http_memcached_module.c
+++ b/src/http/modules/ngx_http_memcached_module.c
@@ -226,6 +226,7 @@ static ngx_int_t
ngx_http_memcached_create_request(ngx_http_request_t *r)
{
size_t len;
+ uintptr_t escape;
ngx_buf_t *b;
ngx_chain_t *cl;
ngx_http_memcached_ctx_t *ctx;
@@ -242,10 +243,9 @@ ngx_http_memcached_create_request(ngx_http_request_t *r)
return NGX_ERROR;
}
- len = sizeof("get ") - 1 + vv->len + sizeof(CRLF) - 1;
- if (vv->len) {
- len += 1 + vv->len;
- }
+ escape = 2 * ngx_escape_uri(NULL, vv->data, vv->len, NGX_ESCAPE_MEMCACHED);
+
+ len = sizeof("get ") - 1 + vv->len + escape + sizeof(CRLF) - 1;
b = ngx_create_temp_buf(r->pool, len);
if (b == NULL) {
@@ -268,7 +268,13 @@ ngx_http_memcached_create_request(ngx_http_request_t *r)
ctx->key.data = b->last;
- b->last = ngx_copy(b->last, vv->data, vv->len);
+ if (escape == 0) {
+ b->last = ngx_copy(b->last, vv->data, vv->len);
+
+ } else {
+ b->last = (u_char *) ngx_escape_uri(b->last, vv->data, vv->len,
+ NGX_ESCAPE_MEMCACHED);
+ }
ctx->key.len = b->last - ctx->key.data;
diff --git a/src/http/modules/ngx_http_ssi_filter_module.c b/src/http/modules/ngx_http_ssi_filter_module.c
index 549ae4ce2..0de03aae0 100644
--- a/src/http/modules/ngx_http_ssi_filter_module.c
+++ b/src/http/modules/ngx_http_ssi_filter_module.c
@@ -439,6 +439,8 @@ ngx_http_ssi_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
if (rc == NGX_ERROR || rc == NGX_AGAIN) {
return rc;
}
+
+ break;
}
}
diff --git a/src/http/modules/perl/nginx.pm b/src/http/modules/perl/nginx.pm
index 772e6cd75..f510f2df0 100644
--- a/src/http/modules/perl/nginx.pm
+++ b/src/http/modules/perl/nginx.pm
@@ -47,7 +47,7 @@ our @EXPORT = qw(
HTTP_INSUFFICIENT_STORAGE
);
-our $VERSION = '0.6.4';
+our $VERSION = '0.6.5';
require XSLoader;
XSLoader::load('nginx', $VERSION);
diff --git a/src/http/ngx_http_variables.c b/src/http/ngx_http_variables.c
index 6316b3d58..af54d29b0 100644
--- a/src/http/ngx_http_variables.c
+++ b/src/http/ngx_http_variables.c
@@ -8,6 +8,7 @@
#include <ngx_core.h>
#include <ngx_event.h>
#include <ngx_http.h>
+#include <nginx.h>
static ngx_int_t ngx_http_variable_request(ngx_http_request_t *r,
@@ -66,6 +67,8 @@ static ngx_int_t ngx_http_variable_sent_keep_alive(ngx_http_request_t *r,
static ngx_int_t ngx_http_variable_sent_transfer_encoding(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_http_variable_nginx_version(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data);
/*
* TODO:
@@ -205,6 +208,9 @@ static ngx_http_variable_t ngx_http_core_variables[] = {
offsetof(ngx_http_request_t, limit_rate),
NGX_HTTP_VAR_CHANGABLE|NGX_HTTP_VAR_NOCACHABLE, 0 },
+ { ngx_string("nginx_version"), NULL, ngx_http_variable_nginx_version,
+ 0, 0, 0 },
+
{ ngx_null_string, NULL, NULL, 0, 0, 0 }
};
@@ -1205,6 +1211,20 @@ ngx_http_variable_request_body_file(ngx_http_request_t *r,
}
+static ngx_int_t
+ngx_http_variable_nginx_version(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data)
+{
+ v->len = sizeof(NGINX_VERSION) - 1;
+ v->valid = 1;
+ v->no_cachable = 0;
+ v->not_found = 0;
+ v->data = (u_char *) NGINX_VERSION;
+
+ return NGX_OK;
+}
+
+
ngx_int_t
ngx_http_variables_add_core_vars(ngx_conf_t *cf)
{
diff --git a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h
index 478662a04..a00f306a3 100644
--- a/src/mail/ngx_mail.h
+++ b/src/mail/ngx_mail.h
@@ -92,12 +92,15 @@ typedef struct {
ngx_str_t imap_starttls_only_capability;
ngx_str_t smtp_capability;
+ ngx_str_t smtp_starttls_capability;
+ ngx_str_t smtp_starttls_only_capability;
ngx_str_t server_name;
ngx_str_t smtp_server_name;
ngx_str_t smtp_greeting;
ngx_uint_t pop3_auth_methods;
+ ngx_uint_t imap_auth_methods;
ngx_uint_t smtp_auth_methods;
ngx_array_t pop3_capabilities;
@@ -132,6 +135,10 @@ typedef enum {
typedef enum {
ngx_imap_start = 0,
+ ngx_imap_auth_login_username,
+ ngx_imap_auth_login_password,
+ ngx_imap_auth_plain,
+ ngx_imap_auth_cram_md5,
ngx_imap_login,
ngx_imap_user,
ngx_imap_passwd
@@ -214,39 +221,47 @@ typedef struct {
} ngx_mail_log_ctx_t;
-#define NGX_POP3_USER 1
-#define NGX_POP3_PASS 2
-#define NGX_POP3_CAPA 3
-#define NGX_POP3_QUIT 4
-#define NGX_POP3_NOOP 5
-#define NGX_POP3_STLS 6
-#define NGX_POP3_APOP 7
-#define NGX_POP3_AUTH 8
-#define NGX_POP3_STAT 9
-#define NGX_POP3_LIST 10
-#define NGX_POP3_RETR 11
-#define NGX_POP3_DELE 12
-#define NGX_POP3_RSET 13
-#define NGX_POP3_TOP 14
-#define NGX_POP3_UIDL 15
-
-
-#define NGX_IMAP_LOGIN 1
-#define NGX_IMAP_LOGOUT 2
-#define NGX_IMAP_CAPABILITY 3
-#define NGX_IMAP_NOOP 4
-#define NGX_IMAP_STARTTLS 5
-
-#define NGX_IMAP_NEXT 6
-
-
-#define NGX_SMTP_HELO 1
-#define NGX_SMTP_EHLO 2
-#define NGX_SMTP_AUTH 3
-#define NGX_SMTP_QUIT 4
-#define NGX_SMTP_NOOP 5
-#define NGX_SMTP_MAIL 6
-#define NGX_SMTP_RSET 7
+#define NGX_POP3_USER 1
+#define NGX_POP3_PASS 2
+#define NGX_POP3_CAPA 3
+#define NGX_POP3_QUIT 4
+#define NGX_POP3_NOOP 5
+#define NGX_POP3_STLS 6
+#define NGX_POP3_APOP 7
+#define NGX_POP3_AUTH 8
+#define NGX_POP3_STAT 9
+#define NGX_POP3_LIST 10
+#define NGX_POP3_RETR 11
+#define NGX_POP3_DELE 12
+#define NGX_POP3_RSET 13
+#define NGX_POP3_TOP 14
+#define NGX_POP3_UIDL 15
+
+
+#define NGX_IMAP_LOGIN 1
+#define NGX_IMAP_LOGOUT 2
+#define NGX_IMAP_CAPABILITY 3
+#define NGX_IMAP_NOOP 4
+#define NGX_IMAP_STARTTLS 5
+
+#define NGX_IMAP_NEXT 6
+
+#define NGX_IMAP_AUTHENTICATE 7
+
+
+#define NGX_SMTP_HELO 1
+#define NGX_SMTP_EHLO 2
+#define NGX_SMTP_AUTH 3
+#define NGX_SMTP_QUIT 4
+#define NGX_SMTP_NOOP 5
+#define NGX_SMTP_MAIL 6
+#define NGX_SMTP_RSET 7
+#define NGX_SMTP_RCPT 8
+#define NGX_SMTP_DATA 9
+#define NGX_SMTP_VRFY 10
+#define NGX_SMTP_EXPN 11
+#define NGX_SMTP_HELP 12
+#define NGX_SMTP_STARTTLS 13
#define NGX_MAIL_AUTH_PLAIN 0
@@ -285,6 +300,8 @@ typedef struct {
#define ngx_mail_conf_get_module_main_conf(cf, module) \
((ngx_mail_conf_ctx_t *) cf->ctx)->main_conf[module.ctx_index]
+#define ngx_mail_conf_get_module_srv_conf(cf, module) \
+ ((ngx_mail_conf_ctx_t *) cf->ctx)->srv_conf[module.ctx_index]
void ngx_mail_init_connection(ngx_connection_t *c);
diff --git a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c
index ba62d5553..9b9e20f65 100644
--- a/src/mail/ngx_mail_core_module.c
+++ b/src/mail/ngx_mail_core_module.c
@@ -54,6 +54,14 @@ static ngx_conf_bitmask_t ngx_pop3_auth_methods[] = {
};
+static ngx_conf_bitmask_t ngx_imap_auth_methods[] = {
+ { ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED },
+ { ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED },
+ { ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED },
+ { ngx_null_string, 0 }
+};
+
+
static ngx_conf_bitmask_t ngx_smtp_auth_methods[] = {
{ ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED },
{ ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED },
@@ -62,6 +70,14 @@ static ngx_conf_bitmask_t ngx_smtp_auth_methods[] = {
};
+static ngx_str_t ngx_imap_auth_methods_names[] = {
+ ngx_string("AUTH=PLAIN"),
+ ngx_string("AUTH=LOGIN"),
+ ngx_null_string, /* APOP */
+ ngx_string("AUTH=CRAM-MD5")
+};
+
+
static ngx_str_t ngx_smtp_auth_methods_names[] = {
ngx_string("PLAIN"),
ngx_string("LOGIN"),
@@ -172,6 +188,13 @@ static ngx_command_t ngx_mail_core_commands[] = {
offsetof(ngx_mail_core_srv_conf_t, pop3_auth_methods),
&ngx_pop3_auth_methods },
+ { ngx_string("imap_auth"),
+ NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE,
+ ngx_conf_set_bitmask_slot,
+ NGX_MAIL_SRV_CONF_OFFSET,
+ offsetof(ngx_mail_core_srv_conf_t, imap_auth_methods),
+ &ngx_imap_auth_methods },
+
{ ngx_string("smtp_auth"),
NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE,
ngx_conf_set_bitmask_slot,
@@ -278,7 +301,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_mail_core_srv_conf_t *prev = parent;
ngx_mail_core_srv_conf_t *conf = child;
- u_char *p;
+ u_char *p, *auth;
size_t size, stls_only_size;
ngx_str_t *c, *d;
ngx_uint_t i, m;
@@ -297,6 +320,11 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
(NGX_CONF_BITMASK_SET
|NGX_MAIL_AUTH_PLAIN_ENABLED));
+ ngx_conf_merge_bitmask_value(conf->imap_auth_methods,
+ prev->imap_auth_methods,
+ (NGX_CONF_BITMASK_SET
+ |NGX_MAIL_AUTH_PLAIN_ENABLED));
+
ngx_conf_merge_bitmask_value(conf->smtp_auth_methods,
prev->smtp_auth_methods,
(NGX_CONF_BITMASK_SET
@@ -463,6 +491,15 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
size += 1 + c[i].len;
}
+ for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
+ m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <<= 1, i++)
+ {
+ if (m & conf->imap_auth_methods) {
+ size += 1 + ngx_imap_auth_methods_names[i].len;
+ }
+ }
+
p = ngx_palloc(cf->pool, size);
if (p == NULL) {
return NGX_CONF_ERROR;
@@ -478,6 +515,19 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
p = ngx_cpymem(p, c[i].data, c[i].len);
}
+ auth = p;
+
+ for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
+ m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <<= 1, i++)
+ {
+ if (m & conf->imap_auth_methods) {
+ *p++ = ' ';
+ p = ngx_cpymem(p, ngx_imap_auth_methods_names[i].data,
+ ngx_imap_auth_methods_names[i].len);
+ }
+ }
+
*p++ = CR; *p = LF;
@@ -497,7 +547,8 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
*p++ = CR; *p = LF;
- size += sizeof(" LOGINDISABLED") - 1;
+ size = (auth - conf->imap_capability.data) + sizeof(CRLF) - 1
+ + sizeof(" STARTTLS LOGINDISABLED") - 1;
p = ngx_palloc(cf->pool, size);
if (p == NULL) {
@@ -507,9 +558,10 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
conf->imap_starttls_only_capability.len = size;
conf->imap_starttls_only_capability.data = p;
- p = ngx_cpymem(p, conf->imap_starttls_capability.data,
- conf->imap_starttls_capability.len - (sizeof(CRLF) - 1));
- p = ngx_cpymem(p, " LOGINDISABLED", sizeof(" LOGINDISABLED") - 1);
+ p = ngx_cpymem(p, conf->imap_capability.data,
+ auth - conf->imap_capability.data);
+ p = ngx_cpymem(p, " STARTTLS LOGINDISABLED",
+ sizeof(" STARTTLS LOGINDISABLED") - 1);
*p++ = CR; *p = LF;
@@ -582,6 +634,8 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
*p++ = CR; *p++ = LF;
}
+ auth = p;
+
*p++ = '2'; *p++ = '5'; *p++ = '0'; *p++ = ' ';
*p++ = 'A'; *p++ = 'U'; *p++ = 'T'; *p++ = 'H';
@@ -598,6 +652,42 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
*p++ = CR; *p = LF;
+ size += sizeof("250 STARTTLS" CRLF) - 1;
+
+ p = ngx_palloc(cf->pool, size);
+ if (p == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ conf->smtp_starttls_capability.len = size;
+ conf->smtp_starttls_capability.data = p;
+
+ p = ngx_cpymem(p, conf->smtp_capability.data,
+ conf->smtp_capability.len);
+
+ p = ngx_cpymem(p, "250 STARTTLS" CRLF, sizeof("250 STARTTLS" CRLF) - 1);
+ *p++ = CR; *p = LF;
+
+ p = conf->smtp_starttls_capability.data
+ + (auth - conf->smtp_capability.data) + 3;
+ *p = '-';
+
+ size = (auth - conf->smtp_capability.data)
+ + sizeof("250 STARTTLS" CRLF) - 1;
+
+ p = ngx_palloc(cf->pool, size);
+ if (p == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ conf->smtp_starttls_only_capability.len = size;
+ conf->smtp_starttls_only_capability.data = p;
+
+ p = ngx_cpymem(p, conf->smtp_capability.data,
+ auth - conf->smtp_capability.data);
+
+ ngx_memcpy(p, "250 STARTTLS" CRLF, sizeof("250 STARTTLS" CRLF) - 1);
+
return NGX_CONF_OK;
}
diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c
index 8fee001bb..73bfbd233 100644
--- a/src/mail/ngx_mail_handler.c
+++ b/src/mail/ngx_mail_handler.c
@@ -280,6 +280,9 @@ ngx_mail_init_session(ngx_connection_t *c)
&& (cscf->pop3_auth_methods
& (NGX_MAIL_AUTH_APOP_ENABLED|NGX_MAIL_AUTH_CRAM_MD5_ENABLED)))
+ || (s->protocol == NGX_MAIL_IMAP_PROTOCOL
+ && (cscf->imap_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED))
+
|| (s->protocol == NGX_MAIL_SMTP_PROTOCOL
&& (cscf->smtp_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)))
{
@@ -985,7 +988,7 @@ ngx_imap_auth_state(ngx_event_t *rev)
{
u_char *p, *last, *text, *dst, *src, *end;
ssize_t text_len, last_len;
- ngx_str_t *arg;
+ ngx_str_t *arg, salt;
ngx_int_t rc;
ngx_uint_t tag, i;
ngx_connection_t *c;
@@ -1055,113 +1058,342 @@ ngx_imap_auth_state(ngx_event_t *rev)
s->backslash = 0;
}
- switch (s->command) {
+ switch (s->mail_state) {
+
+ case ngx_imap_start:
+
+ switch (s->command) {
- case NGX_IMAP_LOGIN:
+ case NGX_IMAP_LOGIN:
#if (NGX_MAIL_SSL)
- if (c->ssl == NULL) {
- sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
- if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
- rc = NGX_MAIL_PARSE_INVALID_COMMAND;
- break;
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
}
- }
#endif
- arg = s->args.elts;
+ arg = s->args.elts;
- if (s->args.nelts == 2 && arg[0].len) {
+ if (s->args.nelts == 2 && arg[0].len) {
- s->login.len = arg[0].len;
- s->login.data = ngx_palloc(c->pool, s->login.len);
- if (s->login.data == NULL) {
- ngx_mail_session_internal_server_error(s);
- return;
- }
+ s->login.len = arg[0].len;
+ s->login.data = ngx_palloc(c->pool, s->login.len);
+ if (s->login.data == NULL) {
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
- ngx_memcpy(s->login.data, arg[0].data, s->login.len);
+ ngx_memcpy(s->login.data, arg[0].data, s->login.len);
- s->passwd.len = arg[1].len;
- s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
- if (s->passwd.data == NULL) {
- ngx_mail_session_internal_server_error(s);
- return;
- }
+ s->passwd.len = arg[1].len;
+ s->passwd.data = ngx_palloc(c->pool, s->passwd.len);
+ if (s->passwd.data == NULL) {
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
- ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
+ ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);
#if (NGX_DEBUG_MAIL_PASSWD)
- ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
- "imap login:\"%V\" passwd:\"%V\"",
- &s->login, &s->passwd);
+ ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap login:\"%V\" passwd:\"%V\"",
+ &s->login, &s->passwd);
#else
- ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
- "imap login:\"%V\"", &s->login);
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap login:\"%V\"", &s->login);
#endif
- ngx_mail_do_auth(s);
- return;
- }
+ ngx_mail_do_auth(s);
+ return;
+ }
- rc = NGX_MAIL_PARSE_INVALID_COMMAND;
- break;
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
- case NGX_IMAP_CAPABILITY:
- cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
+ case NGX_IMAP_AUTHENTICATE:
#if (NGX_MAIL_SSL)
- if (c->ssl == NULL) {
- sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+ }
+#endif
- if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
- text_len = cscf->imap_starttls_capability.len;
- text = cscf->imap_starttls_capability.data;
+ if (s->args.nelts != 1) {
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
break;
}
- if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
- text_len = cscf->imap_starttls_only_capability.len;
- text = cscf->imap_starttls_only_capability.data;
+ arg = s->args.elts;
+
+ if (arg[0].len == 5) {
+
+ if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5)
+ == 0)
+ {
+
+ s->mail_state = ngx_imap_auth_login_username;
+
+ last_len = sizeof(pop3_username) - 1;
+ last = pop3_username;
+ tag = 0;
+
+ break;
+
+ } else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN",
+ 5)
+ == 0)
+ {
+
+ s->mail_state = ngx_imap_auth_plain;
+
+ last_len = sizeof(pop3_next) - 1;
+ last = pop3_next;
+ tag = 0;
+
+ break;
+ }
+
+ } else if (arg[0].len == 8
+ && ngx_strncasecmp(arg[0].data,
+ (u_char *) "CRAM-MD5", 8)
+ == 0)
+ {
+ cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
+
+ if (!(cscf->imap_auth_methods
+ & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)
+ || s->args.nelts != 1)
+ {
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+
+ s->mail_state = ngx_imap_auth_cram_md5;
+
+ last = ngx_palloc(c->pool,
+ sizeof("+ " CRLF) - 1
+ + ngx_base64_encoded_length(s->salt.len));
+ if (last == NULL) {
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
+
+ last[0] = '+'; last[1]= ' ';
+ salt.data = &last[2];
+ s->salt.len -= 2;
+
+ ngx_encode_base64(&salt, &s->salt);
+
+ s->salt.len += 2;
+ last_len = 2 + salt.len;
+ last[last_len++] = CR; last[last_len++] = LF;
+ tag = 0;
+
break;
}
- }
+
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+
+ case NGX_IMAP_CAPABILITY:
+ cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
+
+#if (NGX_MAIL_SSL)
+
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
+ text_len = cscf->imap_starttls_capability.len;
+ text = cscf->imap_starttls_capability.data;
+ break;
+ }
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
+ text_len = cscf->imap_starttls_only_capability.len;
+ text = cscf->imap_starttls_only_capability.data;
+ break;
+ }
+ }
#endif
- text_len = cscf->imap_capability.len;
- text = cscf->imap_capability.data;
- break;
+ text_len = cscf->imap_capability.len;
+ text = cscf->imap_capability.data;
+ break;
- case NGX_IMAP_LOGOUT:
- s->quit = 1;
- text = imap_bye;
- text_len = sizeof(imap_bye) - 1;
- break;
+ case NGX_IMAP_LOGOUT:
+ s->quit = 1;
+ text = imap_bye;
+ text_len = sizeof(imap_bye) - 1;
+ break;
- case NGX_IMAP_NOOP:
- break;
+ case NGX_IMAP_NOOP:
+ break;
#if (NGX_MAIL_SSL)
- case NGX_IMAP_STARTTLS:
- if (c->ssl == NULL) {
- sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
- if (sslcf->starttls) {
- c->read->handler = ngx_mail_starttls_handler;
- break;
+ case NGX_IMAP_STARTTLS:
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+ if (sslcf->starttls) {
+ c->read->handler = ngx_mail_starttls_handler;
+ break;
+ }
}
+
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+#endif
+
+ default:
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+
+ break;
+
+ case ngx_imap_auth_login_username:
+ arg = s->args.elts;
+ s->mail_state = ngx_imap_auth_login_password;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth login username: \"%V\"", &arg[0]);
+
+ s->login.data = ngx_palloc(c->pool,
+ ngx_base64_decoded_length(arg[0].len));
+ if (s->login.data == NULL){
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
+
+ if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid base64 encoding "
+ "in AUTH LOGIN command");
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
}
- rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth login username: \"%V\"", &s->login);
+
+ last_len = sizeof(pop3_password) - 1;
+ last = pop3_password;
+ tag = 0;
+
break;
+
+ case ngx_imap_auth_login_password:
+ arg = s->args.elts;
+
+#if (NGX_DEBUG_MAIL_PASSWD)
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth login password: \"%V\"", &arg[0]);
+#endif
+
+ s->passwd.data = ngx_palloc(c->pool,
+ ngx_base64_decoded_length(arg[0].len));
+ if (s->passwd.data == NULL){
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
+
+ if (ngx_decode_base64(&s->passwd, &arg[0]) != NGX_OK) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid base64 encoding "
+ "in AUTH LOGIN command");
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+
+#if (NGX_DEBUG_MAIL_PASSWD)
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth login password: \"%V\"", &s->passwd);
#endif
- default:
- rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ ngx_mail_do_auth(s);
+ return;
+
+ case ngx_imap_auth_plain:
+ arg = s->args.elts;
+
+ rc = ngx_mail_decode_auth_plain(s, &arg[0]);
+
+ if (rc == NGX_OK) {
+ ngx_mail_do_auth(s);
+ return;
+ }
+
+ if (rc == NGX_ERROR) {
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
+
+ /* rc == NGX_MAIL_PARSE_INVALID_COMMAND */
+
break;
+
+ case ngx_imap_auth_cram_md5:
+ arg = s->args.elts;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth cram-md5: \"%V\"", &arg[0]);
+
+ s->login.data = ngx_palloc(c->pool,
+ ngx_base64_decoded_length(arg[0].len));
+ if (s->login.data == NULL){
+ ngx_mail_session_internal_server_error(s);
+ return;
+ }
+
+ if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid base64 encoding "
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+
+ p = s->login.data;
+ last = p + s->login.len;
+
+ while (p < last) {
+ if (*p++ == ' ') {
+ s->login.len = p - s->login.data - 1;
+ s->passwd.len = last - p;
+ s->passwd.data = p;
+ break;
+ }
+ }
+
+ if (s->passwd.len != 32) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid CRAM-MD5 hash "
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+
+ ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "imap auth cram-md5: \"%V\" \"%V\"",
+ &s->login, &s->passwd);
+
+ s->auth_method = NGX_MAIL_AUTH_CRAM_MD5;
+
+ ngx_mail_do_auth(s);
+ return;
}
} else if (rc == NGX_IMAP_NEXT) {
@@ -1171,6 +1403,8 @@ ngx_imap_auth_state(ngx_event_t *rev)
}
if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
+ s->mail_state = ngx_imap_start;
+ s->state = 0;
last = imap_invalid_command;
last_len = sizeof(imap_invalid_command) - 1;
}
@@ -1209,9 +1443,18 @@ ngx_imap_auth_state(ngx_event_t *rev)
if (rc != NGX_IMAP_NEXT) {
s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->tag.len = 0;
+
+ if (s->state) {
+ /* preserve tag */
+ s->arg_start = s->buffer->start + s->tag.len;
+ s->buffer->pos = s->arg_start;
+ s->buffer->last = s->arg_start;
+
+ } else {
+ s->buffer->pos = s->buffer->start;
+ s->buffer->last = s->buffer->start;
+ s->tag.len = 0;
+ }
}
ngx_mail_send(c->write);
@@ -1229,6 +1472,9 @@ ngx_smtp_auth_state(ngx_event_t *rev)
ngx_connection_t *c;
ngx_mail_session_t *s;
ngx_mail_core_srv_conf_t *cscf;
+#if (NGX_MAIL_SSL)
+ ngx_mail_ssl_conf_t *sslcf;
+#endif
c = rev->data;
s = c->data;
@@ -1295,6 +1541,26 @@ ngx_smtp_auth_state(ngx_event_t *rev)
} else {
s->esmtp = 1;
+
+#if (NGX_MAIL_SSL)
+
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
+ size = cscf->smtp_starttls_capability.len;
+ text = cscf->smtp_starttls_capability.data;
+ break;
+ }
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
+ size = cscf->smtp_starttls_only_capability.len;
+ text = cscf->smtp_starttls_only_capability.data;
+ break;
+ }
+ }
+#endif
+
size = cscf->smtp_capability.len;
text = cscf->smtp_capability.data;
}
@@ -1303,6 +1569,18 @@ ngx_smtp_auth_state(ngx_event_t *rev)
case NGX_SMTP_AUTH:
+#if (NGX_MAIL_SSL)
+
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
+
+ if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+ }
+ }
+#endif
+
if (s->args.nelts == 0) {
text = smtp_invalid_argument;
size = sizeof(smtp_invalid_argument) - 1;
@@ -1453,6 +1731,38 @@ ngx_smtp_auth_state(ngx_event_t *rev)
text = smtp_ok;
size = sizeof(smtp_ok) - 1;
break;
+
+#if (NGX_MAIL_SSL)
+
+ case NGX_SMTP_STARTTLS:
+ if (c->ssl == NULL) {
+ sslcf = ngx_mail_get_module_srv_conf(s,
+ ngx_mail_ssl_module);
+ if (sslcf->starttls) {
+ c->read->handler = ngx_mail_starttls_handler;
+
+ /*
+ * RFC3207 requires us to discard any knowledge
+ * obtained from client before STARTTLS.
+ */
+
+ s->smtp_helo.len = 0;
+ s->smtp_helo.data = NULL;
+
+ text = smtp_ok;
+ size = sizeof(smtp_ok) - 1;
+
+ break;
+ }
+ }
+
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
+#endif
+
+ default:
+ rc = NGX_MAIL_PARSE_INVALID_COMMAND;
+ break;
}
break;
diff --git a/src/mail/ngx_mail_parse.c b/src/mail/ngx_mail_parse.c
index 7bab21b57..fa0fda31b 100644
--- a/src/mail/ngx_mail_parse.c
+++ b/src/mail/ngx_mail_parse.c
@@ -354,6 +354,27 @@ ngx_int_t ngx_imap_parse_command(ngx_mail_session_t *s)
}
break;
+ case 12:
+ if ((c[0] == 'A'|| c[0] == 'a')
+ && (c[1] == 'U'|| c[1] == 'u')
+ && (c[2] == 'T'|| c[2] == 't')
+ && (c[3] == 'H'|| c[3] == 'h')
+ && (c[4] == 'E'|| c[4] == 'e')
+ && (c[5] == 'N'|| c[5] == 'n')
+ && (c[6] == 'T'|| c[6] == 't')
+ && (c[7] == 'I'|| c[7] == 'i')
+ && (c[8] == 'C'|| c[8] == 'c')
+ && (c[9] == 'A'|| c[9] == 'a')
+ && (c[10] == 'T'|| c[10] == 't')
+ && (c[11] == 'E'|| c[11] == 'e'))
+ {
+ s->command = NGX_IMAP_AUTHENTICATE;
+
+ } else {
+ goto invalid;
+ }
+ break;
+
default:
goto invalid;
}
@@ -573,7 +594,7 @@ done:
s->literal_len = 0;
}
- s->state = sw_start;
+ s->state = (s->command != NGX_IMAP_AUTHENTICATE) ? sw_start : sw_argument;
return NGX_OK;
@@ -646,10 +667,43 @@ ngx_int_t ngx_smtp_parse_command(ngx_mail_session_t *s)
{
s->command = NGX_SMTP_RSET;
+ } else if (c0 == 'R' && c1 == 'C' && c2 == 'P' && c3 == 'T')
+ {
+ s->command = NGX_SMTP_RCPT;
+
+ } else if (c0 == 'V' && c1 == 'R' && c2 == 'F' && c3 == 'Y')
+ {
+ s->command = NGX_SMTP_VRFY;
+
+ } else if (c0 == 'E' && c1 == 'X' && c2 == 'P' && c3 == 'N')
+ {
+ s->command = NGX_SMTP_EXPN;
+
+ } else if (c0 == 'H' && c1 == 'E' && c2 == 'L' && c3 == 'P')
+ {
+ s->command = NGX_SMTP_HELP;
+
} else {
goto invalid;
}
+#if (NGX_MAIL_SSL)
+ } else if (p - c == 8) {
+
+ if ((c[0] == 'S'|| c[0] == 's')
+ && (c[1] == 'T'|| c[1] == 't')
+ && (c[2] == 'A'|| c[2] == 'a')
+ && (c[3] == 'R'|| c[3] == 'r')
+ && (c[4] == 'T'|| c[4] == 't')
+ && (c[5] == 'T'|| c[5] == 't')
+ && (c[6] == 'L'|| c[6] == 'l')
+ && (c[7] == 'S'|| c[7] == 's'))
+ {
+ s->command = NGX_SMTP_STARTTLS;
+ } else {
+ goto invalid;
+ }
+#endif
} else {
goto invalid;
}
View Lorry Controller Status