One Level Up Top Level

src/mail/ngx_mail_pop3_handler.c - nginx-1.31.3 nginx/ @ 42f8df65b

Global variables defined

Functions defined

Source code


  2. /*
  3. * Copyright (C) Igor Sysoev
  4. * Copyright (C) Nginx, Inc.
  5. */


  8. #include <ngx_config.h>
  9. #include <ngx_core.h>
  10. #include <ngx_event.h>
  11. #include <ngx_mail.h>
  12. #include <ngx_mail_pop3_module.h>


  15. static ngx_int_t ngx_mail_pop3_user(ngx_mail_session_t *s, ngx_connection_t *c);
  16. static ngx_int_t ngx_mail_pop3_pass(ngx_mail_session_t *s, ngx_connection_t *c);
  17. static ngx_int_t ngx_mail_pop3_capa(ngx_mail_session_t *s, ngx_connection_t *c,
  18.     ngx_int_t stls);
  19. static ngx_int_t ngx_mail_pop3_stls(ngx_mail_session_t *s, ngx_connection_t *c);
  20. static ngx_int_t ngx_mail_pop3_apop(ngx_mail_session_t *s, ngx_connection_t *c);
  21. static ngx_int_t ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c);


  24. static u_char  pop3_greeting[] = "+OK POP3 ready" CRLF;
  25. static u_char  pop3_ok[] = "+OK" CRLF;
  26. static u_char  pop3_next[] = "+ " CRLF;
  27. static u_char  pop3_username[] = "+ VXNlcm5hbWU6" CRLF;
  28. static u_char  pop3_password[] = "+ UGFzc3dvcmQ6" CRLF;
  29. static u_char  pop3_invalid_command[] = "-ERR invalid command" CRLF;


  32. void
  33. ngx_mail_pop3_init_session(ngx_mail_session_t *s, ngx_connection_t *c)
  34. {
  35.     u_char                    *p;
  36.     ngx_mail_core_srv_conf_t  *cscf;
  37.     ngx_mail_pop3_srv_conf_t  *pscf;

  39.     pscf = ngx_mail_get_module_srv_conf(s, ngx_mail_pop3_module);
  40.     cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);

  42.     if (pscf->auth_methods
  43.         & (NGX_MAIL_AUTH_APOP_ENABLED|NGX_MAIL_AUTH_CRAM_MD5_ENABLED))
  44.     {
  45.         if (ngx_mail_salt(s, c, cscf) != NGX_OK) {
  46.             ngx_mail_session_internal_server_error(s);
  47.             return;
  48.         }

  50.         s->out.data = ngx_pnalloc(c->pool, sizeof(pop3_greeting) + s->salt.len);
  51.         if (s->out.data == NULL) {
  52.             ngx_mail_session_internal_server_error(s);
  53.             return;
  54.         }

  56.         p = ngx_cpymem(s->out.data, pop3_greeting, sizeof(pop3_greeting) - 3);
  57.         *p++ = ' ';
  58.         p = ngx_cpymem(p, s->salt.data, s->salt.len);

  60.         s->out.len = p - s->out.data;

  62.     } else {
  63.         ngx_str_set(&s->out, pop3_greeting);
  64.     }

  66.     c->read->handler = ngx_mail_pop3_init_protocol;

  68.     ngx_add_timer(c->read, cscf->timeout);

  70.     if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  71.         ngx_mail_close_connection(c);
  72.         return;
  73.     }

  75.     ngx_mail_send(c->write);
  76. }


  79. void
  80. ngx_mail_pop3_init_protocol(ngx_event_t *rev)
  81. {
  82.     ngx_connection_t    *c;
  83.     ngx_mail_session_t  *s;

  85.     c = rev->data;

  87.     c->log->action = "in auth state";

  89.     if (rev->timedout) {
  90.         ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
  91.         c->timedout = 1;
  92.         ngx_mail_close_connection(c);
  93.         return;
  94.     }

  96.     s = c->data;

  98.     if (s->buffer == NULL) {
  99.         if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t))
  100.             == NGX_ERROR)
  101.         {
  102.             ngx_mail_session_internal_server_error(s);
  103.             return;
  104.         }

  106.         s->buffer = ngx_create_temp_buf(c->pool, 128);
  107.         if (s->buffer == NULL) {
  108.             ngx_mail_session_internal_server_error(s);
  109.             return;
  110.         }
  111.     }

  113.     s->mail_state = ngx_pop3_start;
  114.     c->read->handler = ngx_mail_pop3_auth_state;

  116.     ngx_mail_pop3_auth_state(rev);
  117. }


  120. void
  121. ngx_mail_pop3_auth_state(ngx_event_t *rev)
  122. {
  123.     ngx_int_t            rc;
  124.     ngx_connection_t    *c;
  125.     ngx_mail_session_t  *s;

  127.     c = rev->data;
  128.     s = c->data;

  130.     ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 auth state");

  132.     if (rev->timedout) {
  133.         ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
  134.         c->timedout = 1;
  135.         ngx_mail_close_connection(c);
  136.         return;
  137.     }

  139.     if (s->out.len) {
  140.         ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "pop3 send handler busy");
  141.         s->blocked = 1;

  143.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  144.             ngx_mail_close_connection(c);
  145.             return;
  146.         }

  148.         return;
  149.     }

  151.     s->blocked = 0;

  153.     rc = ngx_mail_read_command(s, c);

  155.     if (rc == NGX_AGAIN) {
  156.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  157.             ngx_mail_session_internal_server_error(s);
  158.             return;
  159.         }

  161.         return;
  162.     }

  164.     if (rc == NGX_ERROR) {
  165.         return;
  166.     }

  168.     ngx_str_set(&s->out, pop3_ok);

  170.     if (rc == NGX_OK) {
  171.         switch (s->mail_state) {

  173.         case ngx_pop3_start:

  175.             switch (s->command) {

  177.             case NGX_POP3_USER:
  178.                 rc = ngx_mail_pop3_user(s, c);
  179.                 break;

  181.             case NGX_POP3_CAPA:
  182.                 rc = ngx_mail_pop3_capa(s, c, 1);
  183.                 break;

  185.             case NGX_POP3_APOP:
  186.                 rc = ngx_mail_pop3_apop(s, c);
  187.                 break;

  189.             case NGX_POP3_AUTH:
  190.                 rc = ngx_mail_pop3_auth(s, c);
  191.                 break;

  193.             case NGX_POP3_QUIT:
  194.                 s->quit = 1;
  195.                 break;

  197.             case NGX_POP3_NOOP:
  198.                 break;

  200.             case NGX_POP3_STLS:
  201.                 rc = ngx_mail_pop3_stls(s, c);
  202.                 break;

  204.             default:
  205.                 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
  206.                 break;
  207.             }

  209.             break;

  211.         case ngx_pop3_user:

  213.             switch (s->command) {

  215.             case NGX_POP3_PASS:
  216.                 rc = ngx_mail_pop3_pass(s, c);
  217.                 break;

  219.             case NGX_POP3_CAPA:
  220.                 rc = ngx_mail_pop3_capa(s, c, 0);
  221.                 break;

  223.             case NGX_POP3_QUIT:
  224.                 s->quit = 1;
  225.                 break;

  227.             case NGX_POP3_NOOP:
  228.                 break;

  230.             default:
  231.                 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
  232.                 break;
  233.             }

  235.             break;

  237.         /* suppress warnings */
  238.         case ngx_pop3_passwd:
  239.             break;

  241.         case ngx_pop3_auth_login_username:
  242.             rc = ngx_mail_auth_login_username(s, c, 0);

  244.             ngx_str_set(&s->out, pop3_password);
  245.             s->mail_state = ngx_pop3_auth_login_password;
  246.             break;

  248.         case ngx_pop3_auth_login_password:
  249.             rc = ngx_mail_auth_login_password(s, c);
  250.             break;

  252.         case ngx_pop3_auth_plain:
  253.             rc = ngx_mail_auth_plain(s, c, 0);
  254.             break;

  256.         case ngx_pop3_auth_cram_md5:
  257.             rc = ngx_mail_auth_cram_md5(s, c);
  258.             break;

  260.         case ngx_pop3_auth_external:
  261.             rc = ngx_mail_auth_external(s, c, 0);
  262.             break;
  263.         }
  264.     }

  266.     if (s->buffer->pos < s->buffer->last) {
  267.         s->blocked = 1;
  268.     }

  270.     switch (rc) {

  272.     case NGX_DONE:
  273.         ngx_mail_auth(s, c);
  274.         return;

  276.     case NGX_ERROR:
  277.         ngx_mail_session_internal_server_error(s);
  278.         return;

  280.     case NGX_MAIL_PARSE_INVALID_COMMAND:
  281.         s->mail_state = ngx_pop3_start;
  282.         s->state = 0;

  284.         ngx_str_set(&s->out, pop3_invalid_command);

  286.         /* fall through */

  288.     case NGX_OK:

  290.         s->args.nelts = 0;

  292.         if (s->buffer->pos == s->buffer->last) {
  293.             s->buffer->pos = s->buffer->start;
  294.             s->buffer->last = s->buffer->start;
  295.         }

  297.         if (s->state) {
  298.             s->arg_start = s->buffer->pos;
  299.         }

  301.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  302.             ngx_mail_session_internal_server_error(s);
  303.             return;
  304.         }

  306.         ngx_mail_send(c->write);
  307.     }
  308. }

  310. static ngx_int_t
  311. ngx_mail_pop3_user(ngx_mail_session_t *s, ngx_connection_t *c)
  312. {
  313.     ngx_str_t  *arg;

  315. #if (NGX_MAIL_SSL)
  316.     if (ngx_mail_starttls_only(s, c)) {
  317.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  318.     }
  319. #endif

  321.     if (s->args.nelts != 1) {
  322.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  323.     }

  325.     arg = s->args.elts;
  326.     s->login.len = arg[0].len;
  327.     s->login.data = ngx_pnalloc(c->pool, s->login.len);
  328.     if (s->login.data == NULL) {
  329.         return NGX_ERROR;
  330.     }

  332.     ngx_memcpy(s->login.data, arg[0].data, s->login.len);

  334.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  335.                    "pop3 login: \"%V\"", &s->login);

  337.     s->mail_state = ngx_pop3_user;

  339.     return NGX_OK;
  340. }


  343. static ngx_int_t
  344. ngx_mail_pop3_pass(ngx_mail_session_t *s, ngx_connection_t *c)
  345. {
  346.     ngx_str_t  *arg;

  348.     if (s->args.nelts != 1) {
  349.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  350.     }

  352.     arg = s->args.elts;
  353.     s->passwd.len = arg[0].len;
  354.     s->passwd.data = ngx_pnalloc(c->pool, s->passwd.len);
  355.     if (s->passwd.data == NULL) {
  356.         return NGX_ERROR;
  357.     }

  359.     ngx_memcpy(s->passwd.data, arg[0].data, s->passwd.len);

  361. #if (NGX_DEBUG_MAIL_PASSWD)
  362.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  363.                    "pop3 passwd: \"%V\"", &s->passwd);
  364. #endif

  366.     return NGX_DONE;
  367. }


  370. static ngx_int_t
  371. ngx_mail_pop3_capa(ngx_mail_session_t *s, ngx_connection_t *c, ngx_int_t stls)
  372. {
  373.     ngx_mail_pop3_srv_conf_t  *pscf;

  375.     pscf = ngx_mail_get_module_srv_conf(s, ngx_mail_pop3_module);

  377. #if (NGX_MAIL_SSL)

  379.     if (stls && c->ssl == NULL) {
  380.         ngx_mail_ssl_conf_t  *sslcf;

  382.         sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);

  384.         if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
  385.             s->out = pscf->starttls_capability;
  386.             return NGX_OK;
  387.         }

  389.         if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
  390.             s->out = pscf->starttls_only_capability;
  391.             return NGX_OK;
  392.         }
  393.     }

  395. #endif

  397.     s->out = pscf->capability;
  398.     return NGX_OK;
  399. }


  402. static ngx_int_t
  403. ngx_mail_pop3_stls(ngx_mail_session_t *s, ngx_connection_t *c)
  404. {
  405. #if (NGX_MAIL_SSL)
  406.     ngx_mail_ssl_conf_t  *sslcf;

  408.     if (c->ssl == NULL) {
  409.         sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
  410.         if (sslcf->starttls) {
  411.             s->buffer->pos = s->buffer->start;
  412.             s->buffer->last = s->buffer->start;
  413.             c->read->handler = ngx_mail_starttls_handler;
  414.             return NGX_OK;
  415.         }
  416.     }

  418. #endif

  420.     return NGX_MAIL_PARSE_INVALID_COMMAND;
  421. }


  424. static ngx_int_t
  425. ngx_mail_pop3_apop(ngx_mail_session_t *s, ngx_connection_t *c)
  426. {
  427.     ngx_str_t                 *arg;
  428.     ngx_mail_pop3_srv_conf_t  *pscf;

  430. #if (NGX_MAIL_SSL)
  431.     if (ngx_mail_starttls_only(s, c)) {
  432.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  433.     }
  434. #endif

  436.     if (s->args.nelts != 2) {
  437.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  438.     }

  440.     pscf = ngx_mail_get_module_srv_conf(s, ngx_mail_pop3_module);

  442.     if (!(pscf->auth_methods & NGX_MAIL_AUTH_APOP_ENABLED)) {
  443.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  444.     }

  446.     arg = s->args.elts;

  448.     s->login.len = arg[0].len;
  449.     s->login.data = ngx_pnalloc(c->pool, s->login.len);
  450.     if (s->login.data == NULL) {
  451.         return NGX_ERROR;
  452.     }

  454.     ngx_memcpy(s->login.data, arg[0].data, s->login.len);

  456.     s->passwd.len = arg[1].len;
  457.     s->passwd.data = ngx_pnalloc(c->pool, s->passwd.len);
  458.     if (s->passwd.data == NULL) {
  459.         return NGX_ERROR;
  460.     }

  462.     ngx_memcpy(s->passwd.data, arg[1].data, s->passwd.len);

  464.     ngx_log_debug2(NGX_LOG_DEBUG_MAIL, c->log, 0,
  465.                    "pop3 apop: \"%V\" \"%V\"", &s->login, &s->passwd);

  467.     s->auth_method = NGX_MAIL_AUTH_APOP;

  469.     return NGX_DONE;
  470. }


  473. static ngx_int_t
  474. ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c)
  475. {
  476.     ngx_int_t                  rc;
  477.     ngx_mail_pop3_srv_conf_t  *pscf;

  479. #if (NGX_MAIL_SSL)
  480.     if (ngx_mail_starttls_only(s, c)) {
  481.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  482.     }
  483. #endif

  485.     pscf = ngx_mail_get_module_srv_conf(s, ngx_mail_pop3_module);

  487.     if (s->args.nelts == 0) {
  488.         s->out = pscf->auth_capability;
  489.         s->state = 0;

  491.         return NGX_OK;
  492.     }

  494.     rc = ngx_mail_auth_parse(s, c);

  496.     switch (rc) {

  498.     case NGX_MAIL_AUTH_LOGIN:

  500.         ngx_str_set(&s->out, pop3_username);
  501.         s->mail_state = ngx_pop3_auth_login_username;

  503.         return NGX_OK;

  505.     case NGX_MAIL_AUTH_LOGIN_USERNAME:

  507.         ngx_str_set(&s->out, pop3_password);
  508.         s->mail_state = ngx_pop3_auth_login_password;

  510.         return ngx_mail_auth_login_username(s, c, 1);

  512.     case NGX_MAIL_AUTH_PLAIN:

  514.         ngx_str_set(&s->out, pop3_next);
  515.         s->mail_state = ngx_pop3_auth_plain;

  517.         return NGX_OK;

  519.     case NGX_MAIL_AUTH_CRAM_MD5:

  521.         if (!(pscf->auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)) {
  522.             return NGX_MAIL_PARSE_INVALID_COMMAND;
  523.         }

  525.         if (ngx_mail_auth_cram_md5_salt(s, c, "+ ", 2) == NGX_OK) {
  526.             s->mail_state = ngx_pop3_auth_cram_md5;
  527.             return NGX_OK;
  528.         }

  530.         return NGX_ERROR;

  532.     case NGX_MAIL_AUTH_EXTERNAL:

  534.         if (!(pscf->auth_methods & NGX_MAIL_AUTH_EXTERNAL_ENABLED)) {
  535.             return NGX_MAIL_PARSE_INVALID_COMMAND;
  536.         }

  538.         ngx_str_set(&s->out, pop3_username);
  539.         s->mail_state = ngx_pop3_auth_external;

  541.         return NGX_OK;
  542.     }

  544.     return rc;
  545. }

One Level Up Top Level