if (s->args.nelts == 0) {
size = cscf->pop3_auth_capability.len;
text = cscf->pop3_auth_capability.data;
+ s->state = 0;
break;
}
arg = s->args.elts;
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->arg_start = s->buffer->start;
-
if (arg[0].len == 5) {
if (ngx_strncasecmp(arg[0].data, "LOGIN", 5) == 0) {
arg = s->args.elts;
s->imap_state = ngx_pop3_auth_login_password;
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->arg_start = s->buffer->start;
-
ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
"pop3 auth login username: \"%V\"", &arg[0]);
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
#if (NGX_DEBUG_IMAP_PASSWD)
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH PLAIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
p = plain.data;
while (p < last && *p++) { /* void */ }
+ if (p == last) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid login/password "
+ "in AUTH PLAIN command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
+
s->login.data = p;
while (p < last && *p) { p++; }
- s->login.len = p++ - s->login.data;
- s->passwd.data = p;
+ if (p == last) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid login/password "
+ "in AUTH PLAIN command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
- while (p < last && *p) { p++; }
+ s->login.len = p++ - s->login.data;
- s->passwd.len = p - s->passwd.data;
+ s->passwd.len = last - p;
+ s->passwd.data = p;
#if (NGX_DEBUG_IMAP_PASSWD)
ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
- "in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
p = s->login.data;
}
}
+ if (s->passwd.len != 32) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid CRAM-MD5 hash "
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
+
ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
"pop3 auth cram-md5: \"%V\" \"%V\"",
&s->login, &s->passwd);
}
if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
+ s->imap_state = ngx_pop3_start;
+ s->state = 0;
text = pop3_invalid_command;
size = sizeof(pop3_invalid_command) - 1;
}
s->buffer->pos = s->buffer->start;
s->buffer->last = s->buffer->start;
+ if (s->state) {
+ s->arg_start = s->buffer->start;
+ }
+
s->out.data = text;
s->out.len = size;
projects / nginx.git / commitdiff