mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-18 10:16:27 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

optimizations

Browse Source
This commit is contained in:
Igor Sysoev 2007-09-13 21:24:27 +00:00
parent 05d1de757f
commit 5fbe12146e
6 changed files with 185 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/mail/ngx_mail.h
View File

@ -313,6 +313,7 @@ typedef ngx_int_t (*ngx_mail_parse_command_pt)(ngx_mail_session_t *s);
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
void ngx_mail_starttls_handler(ngx_event_t *rev); void ngx_mail_starttls_handler(ngx_event_t *rev);
ngx_int_t ngx_mail_starttls_only(ngx_mail_session_t *s, ngx_connection_t *c);
#endif #endif
@ -330,6 +331,8 @@ ngx_int_t ngx_mail_auth_login_username(ngx_mail_session_t *s,
ngx_connection_t *c); ngx_connection_t *c);
ngx_int_t ngx_mail_auth_login_password(ngx_mail_session_t *s, ngx_int_t ngx_mail_auth_login_password(ngx_mail_session_t *s,
ngx_connection_t *c); ngx_connection_t *c);
ngx_int_t ngx_mail_auth_cram_md5_salt(ngx_mail_session_t *s,
ngx_connection_t *c, char *prefix, size_t len);
ngx_int_t ngx_mail_auth_cram_md5(ngx_mail_session_t *s, ngx_connection_t *c); ngx_int_t ngx_mail_auth_cram_md5(ngx_mail_session_t *s, ngx_connection_t *c);
void ngx_mail_send(ngx_event_t *wev); void ngx_mail_send(ngx_event_t *wev);
@ -351,6 +354,7 @@ void ngx_mail_smtp_init_protocol(ngx_event_t *rev);
ngx_int_t ngx_mail_pop3_parse_command(ngx_mail_session_t *s); ngx_int_t ngx_mail_pop3_parse_command(ngx_mail_session_t *s);
ngx_int_t ngx_mail_imap_parse_command(ngx_mail_session_t *s); ngx_int_t ngx_mail_imap_parse_command(ngx_mail_session_t *s);
ngx_int_t ngx_mail_smtp_parse_command(ngx_mail_session_t *s); ngx_int_t ngx_mail_smtp_parse_command(ngx_mail_session_t *s);
ngx_int_t ngx_mail_auth_parse(ngx_mail_session_t *s, ngx_connection_t *c);
/* STUB */ /* STUB */

52
src/mail/ngx_mail_handler.c
View File

@ -285,6 +285,29 @@ ngx_mail_salt(ngx_mail_session_t *s, ngx_connection_t *c,
} }
#if (NGX_MAIL_SSL)
ngx_int_t
ngx_mail_starttls_only(ngx_mail_session_t *s, ngx_connection_t *c)
{
ngx_mail_ssl_conf_t *sslcf;
if (c->ssl) {
return 0;
}
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return 1;
}
return 0;
}
#endif
ngx_int_t ngx_int_t
ngx_mail_auth_plain(ngx_mail_session_t *s, ngx_connection_t *c, ngx_uint_t n) ngx_mail_auth_plain(ngx_mail_session_t *s, ngx_connection_t *c, ngx_uint_t n)
{ {
@ -404,6 +427,35 @@ ngx_mail_auth_login_password(ngx_mail_session_t *s, ngx_connection_t *c)
} }
ngx_int_t
ngx_mail_auth_cram_md5_salt(ngx_mail_session_t *s, ngx_connection_t *c,
char *prefix, size_t len)
{
u_char *p;
ngx_str_t salt;
ngx_uint_t n;
p = ngx_palloc(c->pool, len + ngx_base64_encoded_length(s->salt.len) + 2);
if (p == NULL) {
return NGX_ERROR;
}
salt.data = ngx_cpymem(p, prefix, len);
s->salt.len -= 2;
ngx_encode_base64(&salt, &s->salt);
s->salt.len += 2;
n = len + salt.len;
p[n++] = CR; p[n++] = LF;
s->out.len = n;
s->out.data = p;
return NGX_OK;
}
ngx_int_t ngx_int_t
ngx_mail_auth_cram_md5(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_auth_cram_md5(ngx_mail_session_t *s, ngx_connection_t *c)
{ {

74
src/mail/ngx_mail_imap_handler.c
View File

@ -177,11 +177,7 @@ ngx_mail_imap_auth_state(ngx_event_t *rev)
case NGX_IMAP_AUTHENTICATE: case NGX_IMAP_AUTHENTICATE:
rc = ngx_mail_imap_authenticate(s, c); rc = ngx_mail_imap_authenticate(s, c);
tag = (rc != NGX_OK);
if (rc == NGX_OK) {
tag = 0;
}
break; break;
case NGX_IMAP_CAPABILITY: case NGX_IMAP_CAPABILITY:
@ -307,16 +303,11 @@ static ngx_int_t
ngx_mail_imap_login(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_imap_login(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
ngx_str_t *arg; ngx_str_t *arg;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
arg = s->args.elts; arg = s->args.elts;
@ -357,31 +348,20 @@ ngx_mail_imap_login(ngx_mail_session_t *s, ngx_connection_t *c)
static ngx_int_t static ngx_int_t
ngx_mail_imap_authenticate(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_imap_authenticate(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
u_char *p; ngx_int_t rc;
ngx_str_t *arg, salt;
ngx_uint_t n;
ngx_mail_core_srv_conf_t *cscf; ngx_mail_core_srv_conf_t *cscf;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
if (s->args.nelts != 1) { rc = ngx_mail_auth_parse(s, c);
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
arg = s->args.elts; switch (rc) {
if (arg[0].len == 5) { case NGX_MAIL_AUTH_LOGIN:
if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) == 0) {
s->out.len = sizeof(imap_username) - 1; s->out.len = sizeof(imap_username) - 1;
s->out.data = imap_username; s->out.data = imap_username;
@ -389,21 +369,15 @@ ngx_mail_imap_authenticate(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_OK; return NGX_OK;
} else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", 5) == 0) { case NGX_MAIL_AUTH_PLAIN:
s->out.len = sizeof(imap_plain_next) - 1; s->out.len = sizeof(imap_plain_next) - 1;
s->out.data = imap_plain_next; s->out.data = imap_plain_next;
s->mail_state = ngx_imap_auth_plain; s->mail_state = ngx_imap_auth_plain;
return NGX_OK; return NGX_OK;
}
} else if (arg[0].len == 8 case NGX_MAIL_AUTH_CRAM_MD5:
&& ngx_strncasecmp(arg[0].data, (u_char *) "CRAM-MD5", 8) == 0)
{
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
@ -411,31 +385,15 @@ ngx_mail_imap_authenticate(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
p = ngx_palloc(c->pool, if (ngx_mail_auth_cram_md5_salt(s, c, "+ ", 2) == NGX_OK) {
sizeof("+ " CRLF) - 1
+ ngx_base64_encoded_length(s->salt.len));
if (p == NULL) {
return NGX_ERROR;
}
p[0] = '+'; p[1]= ' ';
salt.data = &p[2];
s->salt.len -= 2;
ngx_encode_base64(&salt, &s->salt);
s->salt.len += 2;
n = 2 + salt.len;
p[n++] = CR; p[n++] = LF;
s->out.len = n;
s->out.data = p;
s->mail_state = ngx_imap_auth_cram_md5; s->mail_state = ngx_imap_auth_cram_md5;
return NGX_OK; return NGX_OK;
} }
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_ERROR;
}
return rc;
} }

53
src/mail/ngx_mail_parse.c
View File

@ -825,3 +825,56 @@ invalid:
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
ngx_int_t
ngx_mail_auth_parse(ngx_mail_session_t *s, ngx_connection_t *c)
{
ngx_str_t *arg;
#if (NGX_MAIL_SSL)
if (ngx_mail_starttls_only(s, c)) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
#endif
arg = s->args.elts;
if (arg[0].len == 5) {
if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) == 0) {
if (s->args.nelts == 1) {
return NGX_MAIL_AUTH_LOGIN;
}
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", 5) == 0) {
if (s->args.nelts == 1) {
return NGX_MAIL_AUTH_PLAIN;
}
if (s->args.nelts == 2) {
return ngx_mail_auth_plain(s, c, 1);
}
}
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
if (arg[0].len == 8) {
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
if (ngx_strncasecmp(arg[0].data, (u_char *) "CRAM-MD5", 8) == 0) {
return NGX_MAIL_AUTH_CRAM_MD5;
}
}
return NGX_MAIL_PARSE_INVALID_COMMAND;
}

95
src/mail/ngx_mail_pop3_handler.c
View File

@ -275,17 +275,11 @@ static ngx_int_t
ngx_mail_pop3_user(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_pop3_user(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
ngx_str_t *arg; ngx_str_t *arg;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
if (s->args.nelts != 1) { if (s->args.nelts != 1) {
@ -395,17 +389,11 @@ ngx_mail_pop3_apop(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
ngx_str_t *arg; ngx_str_t *arg;
ngx_mail_core_srv_conf_t *cscf; ngx_mail_core_srv_conf_t *cscf;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
if (s->args.nelts != 2) { if (s->args.nelts != 2) {
@ -448,21 +436,13 @@ ngx_mail_pop3_apop(ngx_mail_session_t *s, ngx_connection_t *c)
static ngx_int_t static ngx_int_t
ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
size_t n; ngx_int_t rc;
u_char *p;
ngx_str_t *arg, salt;
ngx_mail_core_srv_conf_t *cscf; ngx_mail_core_srv_conf_t *cscf;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
@ -474,15 +454,11 @@ ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_OK; return NGX_OK;
} }
arg = s->args.elts; rc = ngx_mail_auth_parse(s, c);
if (arg[0].len == 5) { switch (rc) {
if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) == 0) { case NGX_MAIL_AUTH_LOGIN:
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
s->out.len = sizeof(pop3_username) - 1; s->out.len = sizeof(pop3_username) - 1;
s->out.data = pop3_username; s->out.data = pop3_username;
@ -490,64 +466,27 @@ ngx_mail_pop3_auth(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_OK; return NGX_OK;
} else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", 5) == 0) { case NGX_MAIL_AUTH_PLAIN:
if (s->args.nelts == 1) {
s->out.len = sizeof(pop3_next) - 1; s->out.len = sizeof(pop3_next) - 1;
s->out.data = pop3_next; s->out.data = pop3_next;
s->mail_state = ngx_pop3_auth_plain; s->mail_state = ngx_pop3_auth_plain;
return NGX_OK; return NGX_OK;
}
if (s->args.nelts == 2) { case NGX_MAIL_AUTH_CRAM_MD5:
/*
* workaround for Eudora for Mac: it sends
* AUTH PLAIN [base64 encoded]
*/
return ngx_mail_auth_plain(s, c, 1);
}
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
} else if (arg[0].len == 8
&& ngx_strncasecmp(arg[0].data, (u_char *) "CRAM-MD5", 8) == 0)
{
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
if (!(cscf->pop3_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)) { if (!(cscf->pop3_auth_methods & NGX_MAIL_AUTH_CRAM_MD5_ENABLED)) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
p = ngx_palloc(c->pool, if (ngx_mail_auth_cram_md5_salt(s, c, "+ ", 2) == NGX_OK) {
sizeof("+ " CRLF) - 1
+ ngx_base64_encoded_length(s->salt.len));
if (p == NULL) {
return NGX_ERROR;
}
p[0] = '+'; p[1]= ' ';
salt.data = &p[2];
s->salt.len -= 2;
ngx_encode_base64(&salt, &s->salt);
s->salt.len += 2;
n = 2 + salt.len;
p[n++] = CR; p[n++] = LF;
s->out.len = n;
s->out.data = p;
s->mail_state = ngx_pop3_auth_cram_md5; s->mail_state = ngx_pop3_auth_cram_md5;
return NGX_OK; return NGX_OK;
} }
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_ERROR;
}
return rc;
} }

64
src/mail/ngx_mail_smtp_handler.c
View File

@ -284,21 +284,13 @@ ngx_mail_smtp_helo(ngx_mail_session_t *s, ngx_connection_t *c)
static ngx_int_t static ngx_int_t
ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c) ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
{ {
u_char *p; ngx_int_t rc;
ngx_str_t *arg, salt;
ngx_uint_t n;
ngx_mail_core_srv_conf_t *cscf; ngx_mail_core_srv_conf_t *cscf;
#if (NGX_MAIL_SSL) #if (NGX_MAIL_SSL)
ngx_mail_ssl_conf_t *sslcf; if (ngx_mail_starttls_only(s, c)) {
if (c->ssl == NULL) {
sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) {
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
}
#endif #endif
if (s->args.nelts == 0) { if (s->args.nelts == 0) {
@ -308,19 +300,11 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_OK; return NGX_OK;
} }
if (s->args.nelts != 1) { rc = ngx_mail_auth_parse(s, c);
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
arg = s->args.elts; switch (rc) {
if (arg[0].len == 5) { case NGX_MAIL_AUTH_LOGIN:
if (ngx_strncasecmp(arg[0].data, (u_char *) "LOGIN", 5) == 0) {
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
s->out.len = sizeof(smtp_username) - 1; s->out.len = sizeof(smtp_username) - 1;
s->out.data = smtp_username; s->out.data = smtp_username;
@ -328,21 +312,15 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_OK; return NGX_OK;
} else if (ngx_strncasecmp(arg[0].data, (u_char *) "PLAIN", 5) == 0) { case NGX_MAIL_AUTH_PLAIN:
s->out.len = sizeof(smtp_next) - 1; s->out.len = sizeof(smtp_next) - 1;
s->out.data = smtp_next; s->out.data = smtp_next;
s->mail_state = ngx_smtp_auth_plain; s->mail_state = ngx_smtp_auth_plain;
return NGX_OK; return NGX_OK;
}
} else if (arg[0].len == 8 case NGX_MAIL_AUTH_CRAM_MD5:
&& ngx_strncasecmp(arg[0].data, (u_char *) "CRAM-MD5", 8) == 0)
{
if (s->args.nelts != 1) {
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
@ -350,31 +328,15 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_MAIL_PARSE_INVALID_COMMAND;
} }
p = ngx_palloc(c->pool, if (ngx_mail_auth_cram_md5_salt(s, c, "334 ", 4) == NGX_OK) {
sizeof("334 " CRLF) - 1
+ ngx_base64_encoded_length(s->salt.len));
if (p == NULL) {
return NGX_ERROR;
}
p[0] = '3'; p[1]= '3'; p[2] = '4'; p[3]= ' ';
salt.data = &p[4];
s->salt.len -= 2;
ngx_encode_base64(&salt, &s->salt);
s->salt.len += 2;
n = 4 + salt.len;
p[n++] = CR; p[n++] = LF;
s->out.len = n;
s->out.data = p;
s->mail_state = ngx_smtp_auth_cram_md5; s->mail_state = ngx_smtp_auth_cram_md5;
return NGX_OK; return NGX_OK;
} }
return NGX_MAIL_PARSE_INVALID_COMMAND; return NGX_ERROR;
}
return rc;
} }