One Level Up Top Level

src/mail/ngx_mail_smtp_handler.c - nginx-1.31.3 nginx/ @ 42f8df65b

Global variables defined

Functions defined

Source code


  2. /*
  3. * Copyright (C) Igor Sysoev
  4. * Copyright (C) Nginx, Inc.
  5. */


  8. #include <ngx_config.h>
  9. #include <ngx_core.h>
  10. #include <ngx_event.h>
  11. #include <ngx_mail.h>
  12. #include <ngx_mail_smtp_module.h>


  15. static void ngx_mail_smtp_resolve_addr_handler(ngx_resolver_ctx_t *ctx);
  16. static ngx_int_t ngx_mail_smtp_validate_host(ngx_str_t *name);
  17. static void ngx_mail_smtp_resolve_name(ngx_event_t *rev);
  18. static void ngx_mail_smtp_resolve_name_handler(ngx_resolver_ctx_t *ctx);
  19. static void ngx_mail_smtp_block_reading(ngx_event_t *rev);
  20. static void ngx_mail_smtp_greeting(ngx_mail_session_t *s, ngx_connection_t *c);
  21. static void ngx_mail_smtp_invalid_pipelining(ngx_event_t *rev);
  22. static ngx_int_t ngx_mail_smtp_create_buffer(ngx_mail_session_t *s,
  23.     ngx_connection_t *c);

  25. static ngx_int_t ngx_mail_smtp_helo(ngx_mail_session_t *s, ngx_connection_t *c);
  26. static ngx_int_t ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c);
  27. static ngx_int_t ngx_mail_smtp_mail(ngx_mail_session_t *s, ngx_connection_t *c);
  28. static ngx_int_t ngx_mail_smtp_starttls(ngx_mail_session_t *s,
  29.     ngx_connection_t *c);
  30. static ngx_int_t ngx_mail_smtp_rset(ngx_mail_session_t *s, ngx_connection_t *c);
  31. static ngx_int_t ngx_mail_smtp_rcpt(ngx_mail_session_t *s, ngx_connection_t *c);

  33. static ngx_int_t ngx_mail_smtp_discard_command(ngx_mail_session_t *s,
  34.     ngx_connection_t *c, char *err);
  35. static void ngx_mail_smtp_log_rejected_command(ngx_mail_session_t *s,
  36.     ngx_connection_t *c, char *err);


  39. static u_char  smtp_ok[] = "250 2.0.0 OK" CRLF;
  40. static u_char  smtp_bye[] = "221 2.0.0 Bye" CRLF;
  41. static u_char  smtp_starttls[] = "220 2.0.0 Start TLS" CRLF;
  42. static u_char  smtp_next[] = "334 " CRLF;
  43. static u_char  smtp_username[] = "334 VXNlcm5hbWU6" CRLF;
  44. static u_char  smtp_password[] = "334 UGFzc3dvcmQ6" CRLF;
  45. static u_char  smtp_invalid_command[] = "500 5.5.1 Invalid command" CRLF;
  46. static u_char  smtp_invalid_pipelining[] =
  47.     "503 5.5.0 Improper use of SMTP command pipelining" CRLF;
  48. static u_char  smtp_invalid_argument[] = "501 5.5.4 Invalid argument" CRLF;
  49. static u_char  smtp_auth_required[] = "530 5.7.1 Authentication required" CRLF;
  50. static u_char  smtp_bad_sequence[] = "503 5.5.1 Bad sequence of commands" CRLF;


  53. static ngx_str_t  smtp_unavailable = ngx_string("[UNAVAILABLE]");
  54. static ngx_str_t  smtp_tempunavail = ngx_string("[TEMPUNAVAIL]");


  57. void
  58. ngx_mail_smtp_init_session(ngx_mail_session_t *s, ngx_connection_t *c)
  59. {
  60.     ngx_resolver_ctx_t        *ctx;
  61.     ngx_mail_core_srv_conf_t  *cscf;

  63.     cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);

  65.     if (cscf->resolver == NULL) {
  66.         s->host = smtp_unavailable;
  67.         ngx_mail_smtp_greeting(s, c);
  68.         return;
  69.     }

  71. #if (NGX_HAVE_UNIX_DOMAIN)
  72.     if (c->sockaddr->sa_family == AF_UNIX) {
  73.         s->host = smtp_tempunavail;
  74.         ngx_mail_smtp_greeting(s, c);
  75.         return;
  76.     }
  77. #endif

  79.     c->log->action = "in resolving client address";

  81.     ctx = ngx_resolve_start(cscf->resolver, NULL);
  82.     if (ctx == NULL) {
  83.         ngx_mail_close_connection(c);
  84.         return;
  85.     }

  87.     ctx->addr.sockaddr = c->sockaddr;
  88.     ctx->addr.socklen = c->socklen;
  89.     ctx->handler = ngx_mail_smtp_resolve_addr_handler;
  90.     ctx->data = s;
  91.     ctx->timeout = cscf->resolver_timeout;

  93.     s->resolver_ctx = ctx;
  94.     c->read->handler = ngx_mail_smtp_block_reading;

  96.     if (ngx_resolve_addr(ctx) != NGX_OK) {
  97.         ngx_mail_close_connection(c);
  98.     }
  99. }


  102. static void
  103. ngx_mail_smtp_resolve_addr_handler(ngx_resolver_ctx_t *ctx)
  104. {
  105.     ngx_connection_t    *c;
  106.     ngx_mail_session_t  *s;

  108.     s = ctx->data;
  109.     c = s->connection;

  111.     if (ctx->state) {
  112.         ngx_log_error(NGX_LOG_ERR, c->log, 0,
  113.                       "%V could not be resolved (%i: %s)",
  114.                       &c->addr_text, ctx->state,
  115.                       ngx_resolver_strerror(ctx->state));

  117.         if (ctx->state == NGX_RESOLVE_NXDOMAIN) {
  118.             s->host = smtp_unavailable;

  120.         } else {
  121.             s->host = smtp_tempunavail;
  122.         }

  124.         ngx_resolve_addr_done(ctx);

  126.         ngx_mail_smtp_greeting(s, s->connection);

  128.         return;
  129.     }

  131.     if (ngx_mail_smtp_validate_host(&ctx->name) != NGX_OK) {
  132.         ngx_log_error(NGX_LOG_ERR, c->log, 0,
  133.                       "%V resolved to invalid host name \"%V\"",
  134.                       &c->addr_text, &ctx->name);

  136.         s->host = smtp_tempunavail;

  138.         ngx_resolve_addr_done(ctx);

  140.         ngx_mail_smtp_greeting(s, s->connection);

  142.         return;
  143.     }

  145.     c->log->action = "in resolving client hostname";

  147.     s->host.data = ngx_pstrdup(c->pool, &ctx->name);
  148.     if (s->host.data == NULL) {
  149.         ngx_resolve_addr_done(ctx);
  150.         ngx_mail_close_connection(c);
  151.         return;
  152.     }

  154.     s->host.len = ctx->name.len;

  156.     ngx_resolve_addr_done(ctx);

  158.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  159.                    "address resolved: %V", &s->host);

  161.     c->read->handler = ngx_mail_smtp_resolve_name;

  163.     ngx_post_event(c->read, &ngx_posted_events);
  164. }


  167. static ngx_int_t
  168. ngx_mail_smtp_validate_host(ngx_str_t *name)
  169. {
  170.     u_char      ch;
  171.     ngx_uint_t  i;

  173.     if (name->len == 0) {
  174.         return NGX_DECLINED;
  175.     }

  177.     for (i = 0; i < name->len; i++) {
  178.         ch = name->data[i];

  180.         /* allow only characters from RFC 1034, Section 3.5 */

  182.         if ((ch >= 'a' && ch <= 'z')
  183.             || (ch >= 'A' && ch <= 'Z')
  184.             || (ch >= '0' && ch <= '9')
  185.             || ch == '-' || ch == '.')
  186.         {
  187.             continue;
  188.         }

  190.         return NGX_DECLINED;
  191.     }

  193.     return NGX_OK;
  194. }


  197. static void
  198. ngx_mail_smtp_resolve_name(ngx_event_t *rev)
  199. {
  200.     ngx_connection_t          *c;
  201.     ngx_mail_session_t        *s;
  202.     ngx_resolver_ctx_t        *ctx;
  203.     ngx_mail_core_srv_conf_t  *cscf;

  205.     c = rev->data;
  206.     s = c->data;

  208.     cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);

  210.     ctx = ngx_resolve_start(cscf->resolver, NULL);
  211.     if (ctx == NULL) {
  212.         ngx_mail_close_connection(c);
  213.         return;
  214.     }

  216.     ctx->name = s->host;
  217.     ctx->handler = ngx_mail_smtp_resolve_name_handler;
  218.     ctx->data = s;
  219.     ctx->timeout = cscf->resolver_timeout;

  221.     s->resolver_ctx = ctx;
  222.     c->read->handler = ngx_mail_smtp_block_reading;

  224.     if (ngx_resolve_name(ctx) != NGX_OK) {
  225.         ngx_mail_close_connection(c);
  226.     }
  227. }


  230. static void
  231. ngx_mail_smtp_resolve_name_handler(ngx_resolver_ctx_t *ctx)
  232. {
  233.     ngx_uint_t           i;
  234.     ngx_connection_t    *c;
  235.     ngx_mail_session_t  *s;

  237.     s = ctx->data;
  238.     c = s->connection;

  240.     if (ctx->state) {
  241.         ngx_log_error(NGX_LOG_ERR, c->log, 0,
  242.                       "\"%V\" could not be resolved (%i: %s)",
  243.                       &ctx->name, ctx->state,
  244.                       ngx_resolver_strerror(ctx->state));

  246.         if (ctx->state == NGX_RESOLVE_NXDOMAIN) {
  247.             s->host = smtp_unavailable;

  249.         } else {
  250.             s->host = smtp_tempunavail;
  251.         }

  253.     } else {

  255. #if (NGX_DEBUG)
  256.         {
  257.         u_char     text[NGX_SOCKADDR_STRLEN];
  258.         ngx_str_t  addr;

  260.         addr.data = text;

  262.         for (i = 0; i < ctx->naddrs; i++) {
  263.             addr.len = ngx_sock_ntop(ctx->addrs[i].sockaddr,
  264.                                      ctx->addrs[i].socklen,
  265.                                      text, NGX_SOCKADDR_STRLEN, 0);

  267.             ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  268.                            "name was resolved to %V", &addr);
  269.         }
  270.         }
  271. #endif

  273.         for (i = 0; i < ctx->naddrs; i++) {
  274.             if (ngx_cmp_sockaddr(ctx->addrs[i].sockaddr, ctx->addrs[i].socklen,
  275.                                  c->sockaddr, c->socklen, 0)
  276.                 == NGX_OK)
  277.             {
  278.                 goto found;
  279.             }
  280.         }

  282.         s->host = smtp_unavailable;
  283.     }

  285. found:

  287.     ngx_resolve_name_done(ctx);

  289.     ngx_mail_smtp_greeting(s, c);
  290. }


  293. static void
  294. ngx_mail_smtp_block_reading(ngx_event_t *rev)
  295. {
  296.     ngx_connection_t    *c;
  297.     ngx_mail_session_t  *s;
  298.     ngx_resolver_ctx_t  *ctx;

  300.     c = rev->data;
  301.     s = c->data;

  303.     ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp reading blocked");

  305.     if (ngx_handle_read_event(rev, 0) != NGX_OK) {

  307.         if (s->resolver_ctx) {
  308.             ctx = s->resolver_ctx;

  310.             if (ctx->handler == ngx_mail_smtp_resolve_addr_handler) {
  311.                 ngx_resolve_addr_done(ctx);

  313.             } else if (ctx->handler == ngx_mail_smtp_resolve_name_handler) {
  314.                 ngx_resolve_name_done(ctx);
  315.             }

  317.             s->resolver_ctx = NULL;
  318.         }

  320.         ngx_mail_close_connection(c);
  321.     }
  322. }


  325. static void
  326. ngx_mail_smtp_greeting(ngx_mail_session_t *s, ngx_connection_t *c)
  327. {
  328.     ngx_msec_t                 timeout;
  329.     ngx_mail_core_srv_conf_t  *cscf;
  330.     ngx_mail_smtp_srv_conf_t  *sscf;

  332.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  333.                    "smtp greeting for \"%V\"", &s->host);

  335.     cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
  336.     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  338.     timeout = sscf->greeting_delay ? sscf->greeting_delay : cscf->timeout;
  339.     ngx_add_timer(c->read, timeout);

  341.     if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  342.         ngx_mail_close_connection(c);
  343.         return;
  344.     }

  346.     if (c->read->ready) {
  347.         ngx_post_event(c->read, &ngx_posted_events);
  348.     }

  350.     if (sscf->greeting_delay) {
  351.         c->read->handler = ngx_mail_smtp_invalid_pipelining;
  352.         return;
  353.     }

  355.     c->read->handler = ngx_mail_smtp_init_protocol;

  357.     s->out = sscf->greeting;

  359.     ngx_mail_send(c->write);
  360. }


  363. static void
  364. ngx_mail_smtp_invalid_pipelining(ngx_event_t *rev)
  365. {
  366.     ngx_connection_t          *c;
  367.     ngx_mail_session_t        *s;
  368.     ngx_mail_core_srv_conf_t  *cscf;
  369.     ngx_mail_smtp_srv_conf_t  *sscf;

  371.     c = rev->data;
  372.     s = c->data;

  374.     c->log->action = "in delay pipelining state";

  376.     if (rev->timedout) {

  378.         ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "delay greeting");

  380.         rev->timedout = 0;

  382.         cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);

  384.         c->read->handler = ngx_mail_smtp_init_protocol;

  386.         ngx_add_timer(c->read, cscf->timeout);

  388.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  389.             ngx_mail_close_connection(c);
  390.             return;
  391.         }

  393.         sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  395.         s->out = sscf->greeting;

  397.     } else {

  399.         ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "invalid pipelining");

  401.         if (s->buffer == NULL) {
  402.             if (ngx_mail_smtp_create_buffer(s, c) != NGX_OK) {
  403.                 return;
  404.             }
  405.         }

  407.         if (ngx_mail_smtp_discard_command(s, c,
  408.                                 "client was rejected before greeting: \"%V\"")
  409.             != NGX_OK)
  410.         {
  411.             return;
  412.         }

  414.         ngx_str_set(&s->out, smtp_invalid_pipelining);
  415.         s->quit = 1;
  416.     }

  418.     ngx_mail_send(c->write);
  419. }


  422. void
  423. ngx_mail_smtp_init_protocol(ngx_event_t *rev)
  424. {
  425.     ngx_connection_t    *c;
  426.     ngx_mail_session_t  *s;

  428.     c = rev->data;

  430.     c->log->action = "in auth state";

  432.     if (rev->timedout) {
  433.         ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
  434.         c->timedout = 1;
  435.         ngx_mail_close_connection(c);
  436.         return;
  437.     }

  439.     s = c->data;

  441.     if (s->buffer == NULL) {
  442.         if (ngx_mail_smtp_create_buffer(s, c) != NGX_OK) {
  443.             return;
  444.         }
  445.     }

  447.     s->mail_state = ngx_smtp_start;
  448.     c->read->handler = ngx_mail_smtp_auth_state;

  450.     ngx_mail_smtp_auth_state(rev);
  451. }


  454. static ngx_int_t
  455. ngx_mail_smtp_create_buffer(ngx_mail_session_t *s, ngx_connection_t *c)
  456. {
  457.     ngx_mail_smtp_srv_conf_t  *sscf;

  459.     if (ngx_array_init(&s->args, c->pool, 2, sizeof(ngx_str_t)) == NGX_ERROR) {
  460.         ngx_mail_session_internal_server_error(s);
  461.         return NGX_ERROR;
  462.     }

  464.     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  466.     s->buffer = ngx_create_temp_buf(c->pool, sscf->client_buffer_size);
  467.     if (s->buffer == NULL) {
  468.         ngx_mail_session_internal_server_error(s);
  469.         return NGX_ERROR;
  470.     }

  472.     return NGX_OK;
  473. }


  476. void
  477. ngx_mail_smtp_auth_state(ngx_event_t *rev)
  478. {
  479.     ngx_int_t            rc;
  480.     ngx_connection_t    *c;
  481.     ngx_mail_session_t  *s;

  483.     c = rev->data;
  484.     s = c->data;

  486.     ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp auth state");

  488.     if (rev->timedout) {
  489.         ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
  490.         c->timedout = 1;
  491.         ngx_mail_close_connection(c);
  492.         return;
  493.     }

  495.     if (s->out.len) {
  496.         ngx_log_debug0(NGX_LOG_DEBUG_MAIL, c->log, 0, "smtp send handler busy");
  497.         s->blocked = 1;

  499.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  500.             ngx_mail_close_connection(c);
  501.             return;
  502.         }

  504.         return;
  505.     }

  507.     s->blocked = 0;

  509.     rc = ngx_mail_read_command(s, c);

  511.     if (rc == NGX_AGAIN) {
  512.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  513.             ngx_mail_session_internal_server_error(s);
  514.             return;
  515.         }

  517.         return;
  518.     }

  520.     if (rc == NGX_ERROR) {
  521.         return;
  522.     }

  524.     ngx_str_set(&s->out, smtp_ok);

  526.     if (rc == NGX_OK) {
  527.         switch (s->mail_state) {

  529.         case ngx_smtp_start:

  531.             switch (s->command) {

  533.             case NGX_SMTP_HELO:
  534.             case NGX_SMTP_EHLO:
  535.                 rc = ngx_mail_smtp_helo(s, c);
  536.                 break;

  538.             case NGX_SMTP_AUTH:
  539.                 rc = ngx_mail_smtp_auth(s, c);
  540.                 break;

  542.             case NGX_SMTP_QUIT:
  543.                 s->quit = 1;
  544.                 ngx_str_set(&s->out, smtp_bye);
  545.                 break;

  547.             case NGX_SMTP_MAIL:
  548.                 rc = ngx_mail_smtp_mail(s, c);
  549.                 break;

  551.             case NGX_SMTP_RCPT:
  552.                 rc = ngx_mail_smtp_rcpt(s, c);
  553.                 break;

  555.             case NGX_SMTP_RSET:
  556.                 rc = ngx_mail_smtp_rset(s, c);
  557.                 break;

  559.             case NGX_SMTP_NOOP:
  560.                 break;

  562.             case NGX_SMTP_STARTTLS:
  563.                 rc = ngx_mail_smtp_starttls(s, c);
  564.                 ngx_str_set(&s->out, smtp_starttls);
  565.                 break;

  567.             default:
  568.                 rc = NGX_MAIL_PARSE_INVALID_COMMAND;
  569.                 break;
  570.             }

  572.             break;

  574.         case ngx_smtp_auth_login_username:
  575.             rc = ngx_mail_auth_login_username(s, c, 0);

  577.             ngx_str_set(&s->out, smtp_password);
  578.             s->mail_state = ngx_smtp_auth_login_password;
  579.             break;

  581.         case ngx_smtp_auth_login_password:
  582.             rc = ngx_mail_auth_login_password(s, c);
  583.             break;

  585.         case ngx_smtp_auth_plain:
  586.             rc = ngx_mail_auth_plain(s, c, 0);
  587.             break;

  589.         case ngx_smtp_auth_cram_md5:
  590.             rc = ngx_mail_auth_cram_md5(s, c);
  591.             break;

  593.         case ngx_smtp_auth_external:
  594.             rc = ngx_mail_auth_external(s, c, 0);
  595.             break;
  596.         }
  597.     }

  599.     if (s->buffer->pos < s->buffer->last) {
  600.         s->blocked = 1;
  601.     }

  603.     switch (rc) {

  605.     case NGX_DONE:
  606.         ngx_mail_auth(s, c);
  607.         return;

  609.     case NGX_ERROR:
  610.         ngx_mail_session_internal_server_error(s);
  611.         return;

  613.     case NGX_MAIL_PARSE_INVALID_COMMAND:
  614.         s->mail_state = ngx_smtp_start;
  615.         s->state = 0;
  616.         ngx_str_set(&s->out, smtp_invalid_command);

  618.         /* fall through */

  620.     case NGX_OK:
  621.         s->args.nelts = 0;

  623.         if (s->buffer->pos == s->buffer->last) {
  624.             s->buffer->pos = s->buffer->start;
  625.             s->buffer->last = s->buffer->start;
  626.         }

  628.         if (s->state) {
  629.             s->arg_start = s->buffer->pos;
  630.         }

  632.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  633.             ngx_mail_session_internal_server_error(s);
  634.             return;
  635.         }

  637.         ngx_mail_send(c->write);
  638.     }
  639. }


  642. static ngx_int_t
  643. ngx_mail_smtp_helo(ngx_mail_session_t *s, ngx_connection_t *c)
  644. {
  645.     ngx_str_t                 *arg;
  646.     ngx_mail_smtp_srv_conf_t  *sscf;

  648.     if (s->args.nelts != 1) {
  649.         ngx_str_set(&s->out, smtp_invalid_argument);
  650.         s->state = 0;
  651.         return NGX_OK;
  652.     }

  654.     arg = s->args.elts;

  656.     s->smtp_helo.len = arg[0].len;

  658.     s->smtp_helo.data = ngx_pnalloc(c->pool, arg[0].len);
  659.     if (s->smtp_helo.data == NULL) {
  660.         return NGX_ERROR;
  661.     }

  663.     ngx_memcpy(s->smtp_helo.data, arg[0].data, arg[0].len);

  665.     ngx_str_null(&s->smtp_from);
  666.     ngx_str_null(&s->smtp_to);

  668.     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  670.     if (s->command == NGX_SMTP_HELO) {
  671.         s->out = sscf->server_name;

  673.     } else {
  674.         s->esmtp = 1;

  676. #if (NGX_MAIL_SSL)

  678.         if (c->ssl == NULL) {
  679.             ngx_mail_ssl_conf_t  *sslcf;

  681.             sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);

  683.             if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) {
  684.                 s->out = sscf->starttls_capability;
  685.                 return NGX_OK;
  686.             }

  688.             if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
  689.                 s->out = sscf->starttls_only_capability;
  690.                 return NGX_OK;
  691.             }
  692.         }
  693. #endif

  695.         s->out = sscf->capability;
  696.     }

  698.     return NGX_OK;
  699. }


  702. static ngx_int_t
  703. ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
  704. {
  705.     ngx_int_t                  rc;
  706.     ngx_mail_core_srv_conf_t  *cscf;
  707.     ngx_mail_smtp_srv_conf_t  *sscf;

  709. #if (NGX_MAIL_SSL)
  710.     if (ngx_mail_starttls_only(s, c)) {
  711.         return NGX_MAIL_PARSE_INVALID_COMMAND;
  712.     }
  713. #endif

  715.     if (s->args.nelts == 0) {
  716.         ngx_str_set(&s->out, smtp_invalid_argument);
  717.         s->state = 0;
  718.         return NGX_OK;
  719.     }

  721.     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  723.     rc = ngx_mail_auth_parse(s, c);

  725.     switch (rc) {

  727.     case NGX_MAIL_AUTH_LOGIN:

  729.         ngx_str_set(&s->out, smtp_username);
  730.         s->mail_state = ngx_smtp_auth_login_username;

  732.         return NGX_OK;

  734.     case NGX_MAIL_AUTH_LOGIN_USERNAME:

  736.         ngx_str_set(&s->out, smtp_password);
  737.         s->mail_state = ngx_smtp_auth_login_password;

  739.         return ngx_mail_auth_login_username(s, c, 1);

  741.     case NGX_MAIL_AUTH_PLAIN:

  743.         ngx_str_set(&s->out, smtp_next);
  744.         s->mail_state = ngx_smtp_auth_plain;

  746.         return NGX_OK;

  748.     case NGX_MAIL_AUTH_CRAM_MD5:

  750.         if (!(sscf->auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)) {
  751.             return NGX_MAIL_PARSE_INVALID_COMMAND;
  752.         }

  754.         if (s->salt.data == NULL) {
  755.             cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);

  757.             if (ngx_mail_salt(s, c, cscf) != NGX_OK) {
  758.                 return NGX_ERROR;
  759.             }
  760.         }

  762.         if (ngx_mail_auth_cram_md5_salt(s, c, "334 ", 4) == NGX_OK) {
  763.             s->mail_state = ngx_smtp_auth_cram_md5;
  764.             return NGX_OK;
  765.         }

  767.         return NGX_ERROR;

  769.     case NGX_MAIL_AUTH_EXTERNAL:

  771.         if (!(sscf->auth_methods & NGX_MAIL_AUTH_EXTERNAL_ENABLED)) {
  772.             return NGX_MAIL_PARSE_INVALID_COMMAND;
  773.         }

  775.         ngx_str_set(&s->out, smtp_username);
  776.         s->mail_state = ngx_smtp_auth_external;

  778.         return NGX_OK;
  779.     }

  781.     return rc;
  782. }


  785. static ngx_int_t
  786. ngx_mail_smtp_mail(ngx_mail_session_t *s, ngx_connection_t *c)
  787. {
  788.     ngx_str_t                 *arg, cmd;
  789.     ngx_mail_smtp_srv_conf_t  *sscf;

  791.     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);

  793.     if (!(sscf->auth_methods & NGX_MAIL_AUTH_NONE_ENABLED)) {
  794.         ngx_mail_smtp_log_rejected_command(s, c, "client was rejected: \"%V\"");
  795.         ngx_str_set(&s->out, smtp_auth_required);
  796.         return NGX_OK;
  797.     }

  799.     /* auth none */

  801.     if (s->smtp_from.len) {
  802.         ngx_str_set(&s->out, smtp_bad_sequence);
  803.         return NGX_OK;
  804.     }

  806.     if (s->args.nelts == 0) {
  807.         ngx_str_set(&s->out, smtp_invalid_argument);
  808.         return NGX_OK;
  809.     }

  811.     arg = s->args.elts;
  812.     arg += s->args.nelts - 1;

  814.     cmd.len = arg->data + arg->len - s->cmd.data;
  815.     cmd.data = s->cmd.data;

  817.     s->smtp_from.len = cmd.len;

  819.     s->smtp_from.data = ngx_pnalloc(c->pool, cmd.len);
  820.     if (s->smtp_from.data == NULL) {
  821.         return NGX_ERROR;
  822.     }

  824.     ngx_memcpy(s->smtp_from.data, cmd.data, cmd.len);

  826.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  827.                    "smtp mail from:\"%V\"", &s->smtp_from);

  829.     ngx_str_set(&s->out, smtp_ok);

  831.     ngx_str_null(&s->login);
  832.     ngx_str_null(&s->passwd);

  834.     return NGX_OK;
  835. }


  838. static ngx_int_t
  839. ngx_mail_smtp_rcpt(ngx_mail_session_t *s, ngx_connection_t *c)
  840. {
  841.     ngx_str_t  *arg, cmd;

  843.     if (s->smtp_from.len == 0) {
  844.         ngx_str_set(&s->out, smtp_bad_sequence);
  845.         return NGX_OK;
  846.     }

  848.     if (s->args.nelts == 0) {
  849.         ngx_str_set(&s->out, smtp_invalid_argument);
  850.         return NGX_OK;
  851.     }

  853.     arg = s->args.elts;
  854.     arg += s->args.nelts - 1;

  856.     cmd.len = arg->data + arg->len - s->cmd.data;
  857.     cmd.data = s->cmd.data;

  859.     s->smtp_to.len = cmd.len;

  861.     s->smtp_to.data = ngx_pnalloc(c->pool, cmd.len);
  862.     if (s->smtp_to.data == NULL) {
  863.         return NGX_ERROR;
  864.     }

  866.     ngx_memcpy(s->smtp_to.data, cmd.data, cmd.len);

  868.     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
  869.                    "smtp rcpt to:\"%V\"", &s->smtp_to);

  871.     s->auth_method = NGX_MAIL_AUTH_NONE;

  873.     return NGX_DONE;
  874. }


  877. static ngx_int_t
  878. ngx_mail_smtp_rset(ngx_mail_session_t *s, ngx_connection_t *c)
  879. {
  880.     ngx_str_null(&s->smtp_from);
  881.     ngx_str_null(&s->smtp_to);
  882.     ngx_str_set(&s->out, smtp_ok);

  884.     return NGX_OK;
  885. }


  888. static ngx_int_t
  889. ngx_mail_smtp_starttls(ngx_mail_session_t *s, ngx_connection_t *c)
  890. {
  891. #if (NGX_MAIL_SSL)
  892.     ngx_mail_ssl_conf_t  *sslcf;

  894.     if (c->ssl == NULL) {
  895.         sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
  896.         if (sslcf->starttls) {

  898.             /*
  899.              * RFC3207 requires us to discard any knowledge
  900.              * obtained from client before STARTTLS.
  901.              */

  903.             ngx_str_null(&s->smtp_helo);
  904.             ngx_str_null(&s->smtp_from);
  905.             ngx_str_null(&s->smtp_to);

  907.             s->buffer->pos = s->buffer->start;
  908.             s->buffer->last = s->buffer->start;

  910.             c->read->handler = ngx_mail_starttls_handler;
  911.             return NGX_OK;
  912.         }
  913.     }

  915. #endif

  917.     return NGX_MAIL_PARSE_INVALID_COMMAND;
  918. }


  921. static ngx_int_t
  922. ngx_mail_smtp_discard_command(ngx_mail_session_t *s, ngx_connection_t *c,
  923.     char *err)
  924. {
  925.     ssize_t    n;

  927.     n = c->recv(c, s->buffer->last, s->buffer->end - s->buffer->last);

  929.     if (n == NGX_ERROR || n == 0) {
  930.         ngx_mail_close_connection(c);
  931.         return NGX_ERROR;
  932.     }

  934.     if (n > 0) {
  935.         s->buffer->last += n;
  936.     }

  938.     if (n == NGX_AGAIN) {
  939.         if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
  940.             ngx_mail_session_internal_server_error(s);
  941.             return NGX_ERROR;
  942.         }

  944.         return NGX_AGAIN;
  945.     }

  947.     ngx_mail_smtp_log_rejected_command(s, c, err);

  949.     s->buffer->pos = s->buffer->start;
  950.     s->buffer->last = s->buffer->start;

  952.     return NGX_OK;
  953. }


  956. static void
  957. ngx_mail_smtp_log_rejected_command(ngx_mail_session_t *s, ngx_connection_t *c,
  958.     char *err)
  959. {
  960.     u_char      ch;
  961.     ngx_str_t   cmd;
  962.     ngx_uint_t  i;

  964.     if (c->log->log_level < NGX_LOG_INFO) {
  965.         return;
  966.     }

  968.     cmd.len = s->buffer->last - s->buffer->start;
  969.     cmd.data = s->buffer->start;

  971.     for (i = 0; i < cmd.len; i++) {
  972.         ch = cmd.data[i];

  974.         if (ch != CR && ch != LF) {
  975.             continue;
  976.         }

  978.         cmd.data[i] = '_';
  979.     }

  981.     cmd.len = i;

  983.     ngx_log_error(NGX_LOG_INFO, c->log, 0, err, &cmd);
  984. }

One Level Up Top Level