3 * Copyright (C) Igor Sysoev
7 #include <ngx_config.h>
10 #include <ngx_event_connect.h>
15 ngx_peer_addr_t *peer;
19 ngx_str_t host_header;
27 } ngx_mail_auth_http_conf_t;
30 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t;
32 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s,
33 ngx_mail_auth_http_ctx_t *ctx);
35 struct ngx_mail_auth_http_ctx_s {
38 ngx_peer_connection_t peer;
40 ngx_mail_auth_http_handler_pt handler;
44 u_char *header_name_start;
45 u_char *header_name_end;
61 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev);
62 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev);
63 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s,
64 ngx_mail_auth_http_ctx_t *ctx);
65 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s,
66 ngx_mail_auth_http_ctx_t *ctx);
67 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev);
68 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s,
69 ngx_mail_auth_http_ctx_t *ctx);
70 static void ngx_mail_auth_http_block_read(ngx_event_t *rev);
71 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev);
72 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s,
73 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf);
74 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text,
77 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf);
78 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent,
80 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
81 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd,
85 static ngx_command_t ngx_mail_auth_http_commands[] = {
87 { ngx_string("auth_http"),
88 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
90 NGX_MAIL_SRV_CONF_OFFSET,
94 { ngx_string("auth_http_timeout"),
95 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
96 ngx_conf_set_msec_slot,
97 NGX_MAIL_SRV_CONF_OFFSET,
98 offsetof(ngx_mail_auth_http_conf_t, timeout),
101 { ngx_string("auth_http_header"),
102 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2,
103 ngx_mail_auth_http_header,
104 NGX_MAIL_SRV_CONF_OFFSET,
112 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = {
115 NULL, /* create main configuration */
116 NULL, /* init main configuration */
118 ngx_mail_auth_http_create_conf, /* create server configuration */
119 ngx_mail_auth_http_merge_conf /* merge server configuration */
123 ngx_module_t ngx_mail_auth_http_module = {
125 &ngx_mail_auth_http_module_ctx, /* module context */
126 ngx_mail_auth_http_commands, /* module directives */
127 NGX_MAIL_MODULE, /* module type */
128 NULL, /* init master */
129 NULL, /* init module */
130 NULL, /* init process */
131 NULL, /* init thread */
132 NULL, /* exit thread */
133 NULL, /* exit process */
134 NULL, /* exit master */
135 NGX_MODULE_V1_PADDING
139 static ngx_str_t ngx_mail_auth_http_method[] = {
143 ngx_string("cram-md5"),
147 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0");
151 ngx_mail_auth_http_init(ngx_mail_session_t *s)
155 ngx_mail_auth_http_ctx_t *ctx;
156 ngx_mail_auth_http_conf_t *ahcf;
158 s->connection->log->action = "in http auth state";
160 pool = ngx_create_pool(2048, s->connection->log);
162 ngx_mail_session_internal_server_error(s);
166 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t));
168 ngx_destroy_pool(pool);
169 ngx_mail_session_internal_server_error(s);
175 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module);
177 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf);
178 if (ctx->request == NULL) {
179 ngx_destroy_pool(ctx->pool);
180 ngx_mail_session_internal_server_error(s);
184 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module);
186 ctx->peer.sockaddr = ahcf->peer->sockaddr;
187 ctx->peer.socklen = ahcf->peer->socklen;
188 ctx->peer.name = &ahcf->peer->name;
189 ctx->peer.get = ngx_event_get_peer;
190 ctx->peer.log = s->connection->log;
191 ctx->peer.log_error = NGX_ERROR_ERR;
193 rc = ngx_event_connect_peer(&ctx->peer);
195 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
196 if (ctx->peer.connection) {
197 ngx_close_connection(ctx->peer.connection);
200 ngx_destroy_pool(ctx->pool);
201 ngx_mail_session_internal_server_error(s);
205 ctx->peer.connection->data = s;
206 ctx->peer.connection->pool = s->connection->pool;
208 s->connection->read->handler = ngx_mail_auth_http_block_read;
209 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler;
210 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler;
212 ctx->handler = ngx_mail_auth_http_ignore_status_line;
214 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout);
215 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout);
218 ngx_mail_auth_http_write_handler(ctx->peer.connection->write);
225 ngx_mail_auth_http_write_handler(ngx_event_t *wev)
229 ngx_mail_session_t *s;
230 ngx_mail_auth_http_ctx_t *ctx;
231 ngx_mail_auth_http_conf_t *ahcf;
236 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module);
238 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0,
239 "mail auth http write handler");
242 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT,
243 "auth http server %V timed out", ctx->peer.name);
244 ngx_close_connection(c);
245 ngx_destroy_pool(ctx->pool);
246 ngx_mail_session_internal_server_error(s);
250 size = ctx->request->last - ctx->request->pos;
252 n = ngx_send(c, ctx->request->pos, size);
254 if (n == NGX_ERROR) {
255 ngx_close_connection(c);
256 ngx_destroy_pool(ctx->pool);
257 ngx_mail_session_internal_server_error(s);
262 ctx->request->pos += n;
265 wev->handler = ngx_mail_auth_http_dummy_handler;
267 if (wev->timer_set) {
271 if (ngx_handle_write_event(wev, 0) != NGX_OK) {
272 ngx_close_connection(c);
273 ngx_destroy_pool(ctx->pool);
274 ngx_mail_session_internal_server_error(s);
281 if (!wev->timer_set) {
282 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module);
283 ngx_add_timer(wev, ahcf->timeout);
289 ngx_mail_auth_http_read_handler(ngx_event_t *rev)
293 ngx_mail_session_t *s;
294 ngx_mail_auth_http_ctx_t *ctx;
299 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
300 "mail auth http read handler");
302 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module);
305 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT,
306 "auth http server %V timed out", ctx->peer.name);
307 ngx_close_connection(c);
308 ngx_destroy_pool(ctx->pool);
309 ngx_mail_session_internal_server_error(s);
313 if (ctx->response == NULL) {
314 ctx->response = ngx_create_temp_buf(ctx->pool, 1024);
315 if (ctx->response == NULL) {
316 ngx_close_connection(c);
317 ngx_destroy_pool(ctx->pool);
318 ngx_mail_session_internal_server_error(s);
323 size = ctx->response->end - ctx->response->last;
325 n = ngx_recv(c, ctx->response->pos, size);
328 ctx->response->last += n;
330 ctx->handler(s, ctx);
334 if (n == NGX_AGAIN) {
338 ngx_close_connection(c);
339 ngx_destroy_pool(ctx->pool);
340 ngx_mail_session_internal_server_error(s);
345 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s,
346 ngx_mail_auth_http_ctx_t *ctx)
359 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
360 "mail auth http process status line");
364 for (p = ctx->response->pos; p < ctx->response->last; p++) {
405 /* any text until end of line */
409 state = sw_almost_done;
417 /* end of status line */
423 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
424 "auth http server &V sent invalid response",
426 ngx_close_connection(ctx->peer.connection);
427 ngx_destroy_pool(ctx->pool);
428 ngx_mail_session_internal_server_error(s);
433 ctx->response->pos = p;
440 p = ctx->response->start - 1;
444 ctx->response->pos = p + 1;
446 ctx->handler = ngx_mail_auth_http_process_headers;
447 ctx->handler(s, ctx);
452 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s,
453 ngx_mail_auth_http_ctx_t *ctx)
458 ngx_int_t rc, port, n;
459 ngx_peer_addr_t *peer;
460 struct sockaddr_in *sin;
462 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
463 "mail auth http process headers");
466 rc = ngx_mail_auth_http_parse_header_line(s, ctx);
472 ngx_str_t key, value;
474 key.len = ctx->header_name_end - ctx->header_name_start;
475 key.data = ctx->header_name_start;
476 value.len = ctx->header_end - ctx->header_start;
477 value.data = ctx->header_start;
479 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
480 "mail auth http header: \"%V: %V\"",
485 len = ctx->header_name_end - ctx->header_name_start;
487 if (len == sizeof("Auth-Status") - 1
488 && ngx_strncasecmp(ctx->header_name_start,
489 (u_char *) "Auth-Status",
490 sizeof("Auth-Status") - 1)
493 len = ctx->header_end - ctx->header_start;
496 && ctx->header_start[0] == 'O'
497 && ctx->header_start[1] == 'K')
503 && ctx->header_start[0] == 'W'
504 && ctx->header_start[1] == 'A'
505 && ctx->header_start[2] == 'I'
506 && ctx->header_start[3] == 'T')
512 ctx->errmsg.len = len;
513 ctx->errmsg.data = ctx->header_start;
515 switch (s->protocol) {
517 case NGX_MAIL_POP3_PROTOCOL:
518 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1;
521 case NGX_MAIL_IMAP_PROTOCOL:
522 size = s->tag.len + sizeof("NO ") - 1 + len
526 default: /* NGX_MAIL_SMTP_PROTOCOL */
527 ctx->err = ctx->errmsg;
531 p = ngx_pnalloc(s->connection->pool, size);
533 ngx_close_connection(ctx->peer.connection);
534 ngx_destroy_pool(ctx->pool);
535 ngx_mail_session_internal_server_error(s);
541 switch (s->protocol) {
543 case NGX_MAIL_POP3_PROTOCOL:
544 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' ';
547 case NGX_MAIL_IMAP_PROTOCOL:
548 p = ngx_cpymem(p, s->tag.data, s->tag.len);
549 *p++ = 'N'; *p++ = 'O'; *p++ = ' ';
552 default: /* NGX_MAIL_SMTP_PROTOCOL */
556 p = ngx_cpymem(p, ctx->header_start, len);
557 *p++ = CR; *p++ = LF;
559 ctx->err.len = p - ctx->err.data;
564 if (len == sizeof("Auth-Server") - 1
565 && ngx_strncasecmp(ctx->header_name_start,
566 (u_char *) "Auth-Server",
567 sizeof("Auth-Server") - 1)
570 ctx->addr.len = ctx->header_end - ctx->header_start;
571 ctx->addr.data = ctx->header_start;
576 if (len == sizeof("Auth-Port") - 1
577 && ngx_strncasecmp(ctx->header_name_start,
578 (u_char *) "Auth-Port",
579 sizeof("Auth-Port") - 1)
582 ctx->port.len = ctx->header_end - ctx->header_start;
583 ctx->port.data = ctx->header_start;
588 if (len == sizeof("Auth-User") - 1
589 && ngx_strncasecmp(ctx->header_name_start,
590 (u_char *) "Auth-User",
591 sizeof("Auth-User") - 1)
594 s->login.len = ctx->header_end - ctx->header_start;
596 s->login.data = ngx_pnalloc(s->connection->pool, s->login.len);
597 if (s->login.data == NULL) {
598 ngx_close_connection(ctx->peer.connection);
599 ngx_destroy_pool(ctx->pool);
600 ngx_mail_session_internal_server_error(s);
604 ngx_memcpy(s->login.data, ctx->header_start, s->login.len);
609 if (len == sizeof("Auth-Pass") - 1
610 && ngx_strncasecmp(ctx->header_name_start,
611 (u_char *) "Auth-Pass",
612 sizeof("Auth-Pass") - 1)
615 s->passwd.len = ctx->header_end - ctx->header_start;
617 s->passwd.data = ngx_pnalloc(s->connection->pool,
619 if (s->passwd.data == NULL) {
620 ngx_close_connection(ctx->peer.connection);
621 ngx_destroy_pool(ctx->pool);
622 ngx_mail_session_internal_server_error(s);
626 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len);
631 if (len == sizeof("Auth-Wait") - 1
632 && ngx_strncasecmp(ctx->header_name_start,
633 (u_char *) "Auth-Wait",
634 sizeof("Auth-Wait") - 1)
637 n = ngx_atoi(ctx->header_start,
638 ctx->header_end - ctx->header_start);
640 if (n != NGX_ERROR) {
647 if (len == sizeof("Auth-Error-Code") - 1
648 && ngx_strncasecmp(ctx->header_name_start,
649 (u_char *) "Auth-Error-Code",
650 sizeof("Auth-Error-Code") - 1)
653 ctx->errcode.len = ctx->header_end - ctx->header_start;
655 ctx->errcode.data = ngx_pnalloc(s->connection->pool,
657 if (ctx->errcode.data == NULL) {
658 ngx_close_connection(ctx->peer.connection);
659 ngx_destroy_pool(ctx->pool);
660 ngx_mail_session_internal_server_error(s);
664 ngx_memcpy(ctx->errcode.data, ctx->header_start,
670 /* ignore other headers */
675 if (rc == NGX_DONE) {
676 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
677 "mail auth http header done");
679 ngx_close_connection(ctx->peer.connection);
683 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0,
684 "client login failed: \"%V\"", &ctx->errmsg);
686 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) {
688 if (ctx->errcode.len == 0) {
689 ctx->errcode = ngx_mail_smtp_errcode;
692 ctx->err.len = ctx->errcode.len + ctx->errmsg.len
693 + sizeof(" " CRLF) - 1;
695 p = ngx_pnalloc(s->connection->pool, ctx->err.len);
697 ngx_close_connection(ctx->peer.connection);
698 ngx_destroy_pool(ctx->pool);
699 ngx_mail_session_internal_server_error(s);
705 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len);
707 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len);
714 ngx_destroy_pool(ctx->pool);
718 ngx_mail_send(s->connection->write);
722 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000));
724 s->connection->read->handler = ngx_mail_auth_sleep_handler;
732 ngx_destroy_pool(ctx->pool);
735 ngx_mail_auth_http_init(s);
739 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000));
741 s->connection->read->handler = ngx_mail_auth_sleep_handler;
746 if (ctx->addr.len == 0 || ctx->port.len == 0) {
747 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
748 "auth http server %V did not send server or port",
750 ngx_destroy_pool(ctx->pool);
751 ngx_mail_session_internal_server_error(s);
755 if (s->passwd.data == NULL
756 && s->protocol != NGX_MAIL_SMTP_PROTOCOL)
758 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
759 "auth http server %V did not send password",
761 ngx_destroy_pool(ctx->pool);
762 ngx_mail_session_internal_server_error(s);
766 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_peer_addr_t));
768 ngx_destroy_pool(ctx->pool);
769 ngx_mail_session_internal_server_error(s);
773 sin = ngx_pcalloc(s->connection->pool, sizeof(struct sockaddr_in));
775 ngx_destroy_pool(ctx->pool);
776 ngx_mail_session_internal_server_error(s);
780 sin->sin_family = AF_INET;
782 port = ngx_atoi(ctx->port.data, ctx->port.len);
783 if (port == NGX_ERROR || port < 1 || port > 65536) {
784 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
785 "auth http server %V sent invalid server "
787 ctx->peer.name, &ctx->port);
788 ngx_destroy_pool(ctx->pool);
789 ngx_mail_session_internal_server_error(s);
793 sin->sin_port = htons((in_port_t) port);
795 ctx->addr.data[ctx->addr.len] = '\0';
796 sin->sin_addr.s_addr = inet_addr((char *) ctx->addr.data);
797 if (sin->sin_addr.s_addr == INADDR_NONE) {
798 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
799 "auth http server %V sent invalid server "
801 ctx->peer.name, &ctx->addr);
802 ngx_destroy_pool(ctx->pool);
803 ngx_mail_session_internal_server_error(s);
807 peer->sockaddr = (struct sockaddr *) sin;
808 peer->socklen = sizeof(struct sockaddr_in);
810 len = ctx->addr.len + 1 + ctx->port.len;
812 peer->name.len = len;
814 peer->name.data = ngx_pnalloc(s->connection->pool, len);
815 if (peer->name.data == NULL) {
816 ngx_destroy_pool(ctx->pool);
817 ngx_mail_session_internal_server_error(s);
823 ngx_memcpy(peer->name.data, ctx->addr.data, len);
825 peer->name.data[len++] = ':';
827 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len);
829 ngx_destroy_pool(ctx->pool);
830 ngx_mail_proxy_init(s, peer);
835 if (rc == NGX_AGAIN ) {
839 /* rc == NGX_ERROR */
841 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
842 "auth http server %V sent invalid header in response",
844 ngx_close_connection(ctx->peer.connection);
845 ngx_destroy_pool(ctx->pool);
846 ngx_mail_session_internal_server_error(s);
854 ngx_mail_auth_sleep_handler(ngx_event_t *rev)
857 ngx_mail_session_t *s;
858 ngx_mail_core_srv_conf_t *cscf;
860 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler");
871 ngx_mail_auth_http_init(s);
875 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
877 rev->handler = cscf->protocol->auth_state;
880 s->auth_method = NGX_MAIL_AUTH_PLAIN;
882 c->log->action = "in auth state";
884 ngx_mail_send(c->write);
890 ngx_add_timer(rev, cscf->timeout);
897 if (ngx_handle_read_event(rev, 0) != NGX_OK) {
898 ngx_mail_close_connection(c);
905 if (ngx_handle_read_event(rev, 0) != NGX_OK) {
906 ngx_mail_close_connection(c);
913 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s,
914 ngx_mail_auth_http_ctx_t *ctx)
920 sw_space_before_value,
922 sw_space_after_value,
924 sw_header_almost_done
929 for (p = ctx->response->pos; p < ctx->response->last; p++) {
940 state = sw_header_almost_done;
947 ctx->header_name_start = p;
949 c = (u_char) (ch | 0x20);
950 if (c >= 'a' && c <= 'z') {
954 if (ch >= '0' && ch <= '9') {
964 c = (u_char) (ch | 0x20);
965 if (c >= 'a' && c <= 'z') {
970 ctx->header_name_end = p;
971 state = sw_space_before_value;
979 if (ch >= '0' && ch <= '9') {
984 ctx->header_name_end = p;
985 ctx->header_start = p;
987 state = sw_almost_done;
992 ctx->header_name_end = p;
993 ctx->header_start = p;
1000 /* space* before header value */
1001 case sw_space_before_value:
1006 ctx->header_start = p;
1007 ctx->header_end = p;
1008 state = sw_almost_done;
1011 ctx->header_start = p;
1012 ctx->header_end = p;
1015 ctx->header_start = p;
1025 ctx->header_end = p;
1026 state = sw_space_after_value;
1029 ctx->header_end = p;
1030 state = sw_almost_done;
1033 ctx->header_end = p;
1038 /* space* before end of header line */
1039 case sw_space_after_value:
1044 state = sw_almost_done;
1054 /* end of header line */
1055 case sw_almost_done:
1064 case sw_header_almost_done:
1074 ctx->response->pos = p;
1081 ctx->response->pos = p + 1;
1082 ctx->state = sw_start;
1088 ctx->response->pos = p + 1;
1089 ctx->state = sw_start;
1096 ngx_mail_auth_http_block_read(ngx_event_t *rev)
1098 ngx_connection_t *c;
1099 ngx_mail_session_t *s;
1100 ngx_mail_auth_http_ctx_t *ctx;
1102 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0,
1103 "mail auth http block read");
1105 if (ngx_handle_read_event(rev, 0) != NGX_OK) {
1109 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module);
1111 ngx_close_connection(ctx->peer.connection);
1112 ngx_destroy_pool(ctx->pool);
1113 ngx_mail_session_internal_server_error(s);
1119 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev)
1121 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0,
1122 "mail auth http dummy handler");
1127 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool,
1128 ngx_mail_auth_http_conf_t *ahcf)
1132 ngx_str_t login, passwd;
1133 ngx_mail_core_srv_conf_t *cscf;
1135 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) {
1139 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) {
1143 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
1145 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1
1146 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1
1147 + sizeof("Auth-Method: ") - 1
1148 + ngx_mail_auth_http_method[s->auth_method].len
1150 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1
1151 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1
1152 + sizeof("Auth-Salt: ") - 1 + s->salt.len
1153 + sizeof("Auth-Protocol: ") - 1 + cscf->protocol->name.len
1155 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN
1157 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len
1159 + sizeof("Client-Host: ") - 1 + s->host.len + sizeof(CRLF) - 1
1160 + sizeof("Auth-SMTP-Helo: ") - 1 + s->smtp_helo.len
1161 + sizeof("Auth-SMTP-From: ") - 1 + s->smtp_from.len
1162 + sizeof("Auth-SMTP-To: ") - 1 + s->smtp_to.len
1166 b = ngx_create_temp_buf(pool, len);
1171 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1);
1172 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len);
1173 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF,
1174 sizeof(" HTTP/1.0" CRLF) - 1);
1176 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1);
1177 b->last = ngx_copy(b->last, ahcf->host_header.data,
1178 ahcf->host_header.len);
1179 *b->last++ = CR; *b->last++ = LF;
1181 b->last = ngx_cpymem(b->last, "Auth-Method: ",
1182 sizeof("Auth-Method: ") - 1);
1183 b->last = ngx_cpymem(b->last,
1184 ngx_mail_auth_http_method[s->auth_method].data,
1185 ngx_mail_auth_http_method[s->auth_method].len);
1186 *b->last++ = CR; *b->last++ = LF;
1188 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1);
1189 b->last = ngx_copy(b->last, login.data, login.len);
1190 *b->last++ = CR; *b->last++ = LF;
1192 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1);
1193 b->last = ngx_copy(b->last, passwd.data, passwd.len);
1194 *b->last++ = CR; *b->last++ = LF;
1196 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) {
1197 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1);
1198 b->last = ngx_copy(b->last, s->salt.data, s->salt.len);
1200 s->passwd.data = NULL;
1203 b->last = ngx_cpymem(b->last, "Auth-Protocol: ",
1204 sizeof("Auth-Protocol: ") - 1);
1205 b->last = ngx_cpymem(b->last, cscf->protocol->name.data,
1206 cscf->protocol->name.len);
1207 *b->last++ = CR; *b->last++ = LF;
1209 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF,
1212 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1);
1213 b->last = ngx_copy(b->last, s->connection->addr_text.data,
1214 s->connection->addr_text.len);
1215 *b->last++ = CR; *b->last++ = LF;
1218 b->last = ngx_cpymem(b->last, "Client-Host: ",
1219 sizeof("Client-Host: ") - 1);
1220 b->last = ngx_copy(b->last, s->host.data, s->host.len);
1221 *b->last++ = CR; *b->last++ = LF;
1224 if (s->auth_method == NGX_MAIL_AUTH_NONE) {
1226 /* HELO, MAIL FROM, and RCPT TO can't contain CRLF, no need to escape */
1228 b->last = ngx_cpymem(b->last, "Auth-SMTP-Helo: ",
1229 sizeof("Auth-SMTP-Helo: ") - 1);
1230 b->last = ngx_copy(b->last, s->smtp_helo.data, s->smtp_helo.len);
1231 *b->last++ = CR; *b->last++ = LF;
1233 b->last = ngx_cpymem(b->last, "Auth-SMTP-From: ",
1234 sizeof("Auth-SMTP-From: ") - 1);
1235 b->last = ngx_copy(b->last, s->smtp_from.data, s->smtp_from.len);
1236 *b->last++ = CR; *b->last++ = LF;
1238 b->last = ngx_cpymem(b->last, "Auth-SMTP-To: ",
1239 sizeof("Auth-SMTP-To: ") - 1);
1240 b->last = ngx_copy(b->last, s->smtp_to.data, s->smtp_to.len);
1241 *b->last++ = CR; *b->last++ = LF;
1245 if (ahcf->header.len) {
1246 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len);
1249 /* add "\r\n" at the header end */
1250 *b->last++ = CR; *b->last++ = LF;
1252 #if (NGX_DEBUG_MAIL_PASSWD)
1256 l.len = b->last - b->pos;
1258 ngx_log_debug1(NGX_LOG_DEBUG_MAIL, s->connection->log, 0,
1259 "mail auth http header:\n\"%V\"", &l);
1268 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped)
1273 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
1280 escaped->len = text->len + n * 2;
1282 p = ngx_pnalloc(pool, escaped->len);
1287 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
1296 ngx_mail_auth_http_create_conf(ngx_conf_t *cf)
1298 ngx_mail_auth_http_conf_t *ahcf;
1300 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t));
1302 return NGX_CONF_ERROR;
1305 ahcf->timeout = NGX_CONF_UNSET_MSEC;
1307 ahcf->file = cf->conf_file->file.name.data;
1308 ahcf->line = cf->conf_file->line;
1315 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child)
1317 ngx_mail_auth_http_conf_t *prev = parent;
1318 ngx_mail_auth_http_conf_t *conf = child;
1323 ngx_table_elt_t *header;
1325 if (conf->peer == NULL) {
1326 conf->peer = prev->peer;
1327 conf->host_header = prev->host_header;
1328 conf->uri = prev->uri;
1330 if (conf->peer == NULL) {
1331 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
1332 "no \"http_auth\" is defined for server in %s:%ui",
1333 conf->file, conf->line);
1335 return NGX_CONF_ERROR;
1339 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000);
1341 if (conf->headers == NULL) {
1342 conf->headers = prev->headers;
1343 conf->header = prev->header;
1346 if (conf->headers && conf->header.len == 0) {
1348 header = conf->headers->elts;
1349 for (i = 0; i < conf->headers->nelts; i++) {
1350 len += header[i].key.len + 2 + header[i].value.len + 2;
1353 p = ngx_pnalloc(cf->pool, len);
1355 return NGX_CONF_ERROR;
1358 conf->header.len = len;
1359 conf->header.data = p;
1361 for (i = 0; i < conf->headers->nelts; i++) {
1362 p = ngx_cpymem(p, header[i].key.data, header[i].key.len);
1363 *p++ = ':'; *p++ = ' ';
1364 p = ngx_cpymem(p, header[i].value.data, header[i].value.len);
1365 *p++ = CR; *p++ = LF;
1374 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
1376 ngx_mail_auth_http_conf_t *ahcf = conf;
1381 value = cf->args->elts;
1383 ngx_memzero(&u, sizeof(ngx_url_t));
1386 u.default_port = 80;
1390 if (ngx_strncmp(u.url.data, "http://", 7) == 0) {
1395 if (ngx_parse_url(cf->pool, &u) != NGX_OK) {
1397 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
1398 "%s in auth_http \"%V\"", u.err, &u.url);
1401 return NGX_CONF_ERROR;
1404 ahcf->peer = u.addrs;
1406 ahcf->host_header = u.host;
1409 if (ahcf->uri.len == 0) {
1410 ahcf->uri.len = sizeof("/") - 1;
1411 ahcf->uri.data = (u_char *) "/";
1419 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
1421 ngx_mail_auth_http_conf_t *ahcf = conf;
1424 ngx_table_elt_t *header;
1426 if (ahcf->headers == NULL) {
1427 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t));
1428 if (ahcf->headers == NULL) {
1429 return NGX_CONF_ERROR;
1433 header = ngx_array_push(ahcf->headers);
1434 if (header == NULL) {
1435 return NGX_CONF_ERROR;
1438 value = cf->args->elts;
1440 header->key = value[1];
1441 header->value = value[2];