smtp_auth none

patch by Maxim Dounin

1 files changed, 149 insertions, 4 deletions

diff --git a/src/mail/ngx_mail_smtp_handler.c b/src/mail/ngx_mail_smtp_handler.c
index 722354aa9..1a89f1749 100644
--- a/src/mail/ngx_mail_smtp_handler.c
+++ b/src/mail/ngx_mail_smtp_handler.c
@@ -23,6 +23,8 @@ static ngx_int_t ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c);
 static ngx_int_t ngx_mail_smtp_mail(ngx_mail_session_t *s, ngx_connection_t *c);
 static ngx_int_t ngx_mail_smtp_starttls(ngx_mail_session_t *s,
     ngx_connection_t *c);
+static ngx_int_t ngx_mail_smtp_rset(ngx_mail_session_t *s, ngx_connection_t *c);
+static ngx_int_t ngx_mail_smtp_rcpt(ngx_mail_session_t *s, ngx_connection_t *c);
 
 static ngx_int_t ngx_mail_smtp_discard_command(ngx_mail_session_t *s,
     ngx_connection_t *c, char *err);
@@ -41,6 +43,7 @@ static u_char  smtp_invalid_pipelining[] =
    "503 5.5.0 Improper use of SMTP command pipelining" CRLF;
 static u_char  smtp_invalid_argument[] = "501 5.5.4 Invalid argument" CRLF;
 static u_char  smtp_auth_required[] = "530 5.7.1 Authentication required" CRLF;
+static u_char  smtp_bad_sequence[] = "503 5.5.1 Bad sequence of commands" CRLF;
 
 
 static ngx_str_t  smtp_unavailable = ngx_string("[UNAVAILABLE]");
@@ -417,8 +420,15 @@ ngx_mail_smtp_auth_state(ngx_event_t *rev)
                 rc = ngx_mail_smtp_mail(s, c);
                 break;
 
-            case NGX_SMTP_NOOP:
+            case NGX_SMTP_RCPT:
+                rc = ngx_mail_smtp_rcpt(s, c);
+                break;
+
             case NGX_SMTP_RSET:
+                rc = ngx_mail_smtp_rset(s, c);
+                break;
+
+            case NGX_SMTP_NOOP:
                 break;
 
             case NGX_SMTP_STARTTLS:
@@ -513,6 +523,11 @@ ngx_mail_smtp_helo(ngx_mail_session_t *s, ngx_connection_t *c)
 
     ngx_memcpy(s->smtp_helo.data, arg[0].data, arg[0].len);
 
+    s->smtp_from.len = 0;
+    s->smtp_from.data = NULL;
+    s->smtp_to.len = 0;
+    s->smtp_to.data = NULL;
+
     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);
 
     if (s->command == NGX_SMTP_HELO) {
@@ -618,10 +633,136 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s, ngx_connection_t *c)
 static ngx_int_t
 ngx_mail_smtp_mail(ngx_mail_session_t *s, ngx_connection_t *c)
 {
-    ngx_mail_smtp_log_rejected_command(s, c, "client was rejected: \"%V\"");
+    u_char                     ch;
+    ngx_str_t                  l;
+    ngx_uint_t                 i;
+    ngx_mail_smtp_srv_conf_t  *sscf;
+
+    sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);
+
+    if (!(sscf->auth_methods & NGX_MAIL_AUTH_NONE_ENABLED)) {
+        ngx_mail_smtp_log_rejected_command(s, c, "client was rejected: \"%V\"");
+
+        s->out.len = sizeof(smtp_auth_required) - 1;
+        s->out.data = smtp_auth_required;
+
+        return NGX_OK;
+    }
+
+    /* auth none */
+
+    if (s->smtp_from.len) {
+        s->out.len = sizeof(smtp_bad_sequence) - 1;
+        s->out.data = smtp_bad_sequence;
+        return NGX_OK;
+    }
+
+    l.len = s->buffer->last - s->buffer->start;
+    l.data = s->buffer->start;
+
+    for (i = 0; i < l.len; i++) {
+        ch = l.data[i];
+
+        if (ch != CR && ch != LF) {
+            continue;
+        }
+
+        l.data[i] = ' ';
+    }
+
+    while (i) {
+        if (l.data[i - 1] != ' ') {
+            break;
+        }
+
+        i--;
+    }
+
+    l.len = i;
+
+    s->smtp_from.len = l.len;
+
+    s->smtp_from.data = ngx_pnalloc(c->pool, l.len);
+    if (s->smtp_from.data == NULL) {
+        return NGX_ERROR;
+    }
+
+    ngx_memcpy(s->smtp_from.data, l.data, l.len);
+
+    ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+                   "smtp mail from:\"%V\"", &s->smtp_from);
+
+    s->out.len = sizeof(smtp_ok) - 1;
+    s->out.data = smtp_ok;
 
-    s->out.len = sizeof(smtp_auth_required) - 1;
-    s->out.data = smtp_auth_required;
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_mail_smtp_rcpt(ngx_mail_session_t *s, ngx_connection_t *c)
+{
+    u_char      ch;
+    ngx_str_t   l;
+    ngx_uint_t  i;
+
+    if (s->smtp_from.len == 0) {
+        s->out.len = sizeof(smtp_bad_sequence) - 1;
+        s->out.data = smtp_bad_sequence;
+        return NGX_OK;
+    }
+
+    l.len = s->buffer->last - s->buffer->start;
+    l.data = s->buffer->start;
+
+    for (i = 0; i < l.len; i++) {
+        ch = l.data[i];
+
+        if (ch != CR && ch != LF) {
+            continue;
+        }
+
+        l.data[i] = ' ';
+    }
+
+    while (i) {
+        if (l.data[i - 1] != ' ') {
+            break;
+        }
+
+        i--;
+    }
+
+    l.len = i;
+
+    s->smtp_to.len = l.len;
+
+    s->smtp_to.data = ngx_pnalloc(c->pool, l.len);
+    if (s->smtp_to.data == NULL) {
+        return NGX_ERROR;
+    }
+
+    ngx_memcpy(s->smtp_to.data, l.data, l.len);
+
+    ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+                   "smtp rcpt to:\"%V\"", &s->smtp_to);
+
+    s->auth_method = NGX_MAIL_AUTH_NONE;
+
+    return NGX_DONE;
+}
+
+
+static ngx_int_t
+ngx_mail_smtp_rset(ngx_mail_session_t *s, ngx_connection_t *c)
+{
+    s->smtp_from.len = 0;
+    s->smtp_from.data = NULL;
+    s->smtp_to.len = 0;
+    s->smtp_to.data = NULL;
+
+    s->out.len = sizeof(smtp_ok) - 1;
+    s->out.data = smtp_ok;
 
     return NGX_OK;
 }
@@ -644,6 +785,10 @@ ngx_mail_smtp_starttls(ngx_mail_session_t *s, ngx_connection_t *c)
 
             s->smtp_helo.len = 0;
             s->smtp_helo.data = NULL;
+            s->smtp_from.len = 0;
+            s->smtp_from.data = NULL;
+            s->smtp_to.len = 0;
+            s->smtp_to.data = NULL;
 
             c->read->handler = ngx_mail_starttls_handler;
             return NGX_OK;