diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2007-07-20 18:36:04 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2007-07-20 18:36:04 +0000 |
| commit | 810dc1652dfff326ce25c621e47dc4e8c8879703 (patch) | |
| tree | 4ad52b08e957fc4a7b33dd3ad57904c5d3dca020 /src/mail/ngx_mail_handler.c | |
| parent | 90b9bfe20b262b61f74cd9b510164765cb1d649b (diff) | |
| download | nginx-810dc1652dfff326ce25c621e47dc4e8c8879703.tar.gz nginx-810dc1652dfff326ce25c621e47dc4e8c8879703.zip | |
SMTP STARTTLS
patch by Maxim Dounin
Diffstat (limited to 'src/mail/ngx_mail_handler.c')
| -rw-r--r-- | src/mail/ngx_mail_handler.c | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c index 8fee001bb..0ae9c44e8 100644 --- a/src/mail/ngx_mail_handler.c +++ b/src/mail/ngx_mail_handler.c @@ -1229,6 +1229,9 @@ ngx_smtp_auth_state(ngx_event_t *rev) ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_core_srv_conf_t *cscf; +#if (NGX_MAIL_SSL) + ngx_mail_ssl_conf_t *sslcf; +#endif c = rev->data; s = c->data; @@ -1295,6 +1298,26 @@ ngx_smtp_auth_state(ngx_event_t *rev) } else { s->esmtp = 1; + +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ON) { + size = cscf->smtp_starttls_capability.len; + text = cscf->smtp_starttls_capability.data; + break; + } + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + size = cscf->smtp_starttls_only_capability.len; + text = cscf->smtp_starttls_only_capability.data; + break; + } + } +#endif + size = cscf->smtp_capability.len; text = cscf->smtp_capability.data; } @@ -1303,6 +1326,18 @@ ngx_smtp_auth_state(ngx_event_t *rev) case NGX_SMTP_AUTH: +#if (NGX_MAIL_SSL) + + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); + + if (sslcf->starttls == NGX_MAIL_STARTTLS_ONLY) { + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; + } + } +#endif + if (s->args.nelts == 0) { text = smtp_invalid_argument; size = sizeof(smtp_invalid_argument) - 1; @@ -1453,6 +1488,38 @@ ngx_smtp_auth_state(ngx_event_t *rev) text = smtp_ok; size = sizeof(smtp_ok) - 1; break; + +#if (NGX_MAIL_SSL) + + case NGX_SMTP_STARTTLS: + if (c->ssl == NULL) { + sslcf = ngx_mail_get_module_srv_conf(s, + ngx_mail_ssl_module); + if (sslcf->starttls) { + c->read->handler = ngx_mail_starttls_handler; + + /* + * RFC3207 requires us to discard any knowledge + * obtained from client before STARTTLS. + */ + + s->smtp_helo.len = 0; + s->smtp_helo.data = NULL; + + text = smtp_ok; + size = sizeof(smtp_ok) - 1; + + break; + } + } + + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; +#endif + + default: + rc = NGX_MAIL_PARSE_INVALID_COMMAND; + break; } break; |