ngx_pop3_auth_login_username,
ngx_pop3_auth_login_password,
ngx_pop3_auth_plain,
- ngx_pop3_auth_cram_md5
+ ngx_pop3_auth_cram_md5,
+ ngx_pop3_auth_external
} ngx_pop3_state_e;
ngx_imap_auth_login_password,
ngx_imap_auth_plain,
ngx_imap_auth_cram_md5,
+ ngx_imap_auth_external,
ngx_imap_login,
ngx_imap_user,
ngx_imap_passwd
ngx_smtp_auth_login_password,
ngx_smtp_auth_plain,
ngx_smtp_auth_cram_md5,
+ ngx_smtp_auth_external,
ngx_smtp_helo,
ngx_smtp_helo_xclient,
ngx_smtp_helo_from,
#define NGX_MAIL_AUTH_LOGIN_USERNAME 2
#define NGX_MAIL_AUTH_APOP 3
#define NGX_MAIL_AUTH_CRAM_MD5 4
-#define NGX_MAIL_AUTH_NONE 5
+#define NGX_MAIL_AUTH_EXTERNAL 5
+#define NGX_MAIL_AUTH_NONE 6
#define NGX_MAIL_AUTH_PLAIN_ENABLED 0x0002
#define NGX_MAIL_AUTH_LOGIN_ENABLED 0x0004
#define NGX_MAIL_AUTH_APOP_ENABLED 0x0008
#define NGX_MAIL_AUTH_CRAM_MD5_ENABLED 0x0010
-#define NGX_MAIL_AUTH_NONE_ENABLED 0x0020
+#define NGX_MAIL_AUTH_EXTERNAL_ENABLED 0x0020
+#define NGX_MAIL_AUTH_NONE_ENABLED 0x0040
#define NGX_MAIL_PARSE_INVALID_COMMAND 20
ngx_int_t ngx_mail_auth_cram_md5_salt(ngx_mail_session_t *s,
ngx_connection_t *c, char *prefix, size_t len);
ngx_int_t ngx_mail_auth_cram_md5(ngx_mail_session_t *s, ngx_connection_t *c);
+ngx_int_t ngx_mail_auth_external(ngx_mail_session_t *s, ngx_connection_t *c,
+ ngx_uint_t n);
ngx_int_t ngx_mail_auth_parse(ngx_mail_session_t *s, ngx_connection_t *c);
void ngx_mail_send(ngx_event_t *wev);
ngx_string("plain"),
ngx_string("apop"),
ngx_string("cram-md5"),
+ ngx_string("external"),
ngx_string("none")
};
}
+ngx_int_t
+ngx_mail_auth_external(ngx_mail_session_t *s, ngx_connection_t *c,
+ ngx_uint_t n)
+{
+ ngx_str_t *arg, external;
+
+ arg = s->args.elts;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "mail auth external: \"%V\"", &arg[n]);
+
+ external.data = ngx_pnalloc(c->pool, ngx_base64_decoded_length(arg[n].len));
+ if (external.data == NULL) {
+ return NGX_ERROR;
+ }
+
+ if (ngx_decode_base64(&external, &arg[n]) != NGX_OK) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid base64 encoding in AUTH EXTERNAL command");
+ return NGX_MAIL_PARSE_INVALID_COMMAND;
+ }
+
+ s->login.len = external.len;
+ s->login.data = external.data;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
+ "mail auth external: \"%V\"", &s->login);
+
+ s->auth_method = NGX_MAIL_AUTH_EXTERNAL;
+
+ return NGX_DONE;
+}
+
+
void
ngx_mail_send(ngx_event_t *wev)
{
case ngx_imap_auth_cram_md5:
rc = ngx_mail_auth_cram_md5(s, c);
break;
+
+ case ngx_imap_auth_external:
+ rc = ngx_mail_auth_external(s, c, 0);
+ break;
}
} else if (rc == NGX_IMAP_NEXT) {
}
return NGX_ERROR;
+
+ case NGX_MAIL_AUTH_EXTERNAL:
+
+ ngx_str_set(&s->out, imap_username);
+ s->mail_state = ngx_imap_auth_external;
+
+ return NGX_OK;
}
return rc;
{ ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED },
{ ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED },
{ ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED },
+ { ngx_string("external"), NGX_MAIL_AUTH_EXTERNAL_ENABLED },
{ ngx_null_string, 0 }
};
ngx_string("AUTH=LOGIN"),
ngx_null_string, /* APOP */
ngx_string("AUTH=CRAM-MD5"),
+ ngx_string("AUTH=EXTERNAL"),
ngx_null_string /* NONE */
};
}
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
auth = p;
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
if (arg[0].len == 8) {
- if (s->args.nelts != 1) {
- return NGX_MAIL_PARSE_INVALID_COMMAND;
- }
-
if (ngx_strncasecmp(arg[0].data, (u_char *) "CRAM-MD5", 8) == 0) {
+
+ if (s->args.nelts != 1) {
+ return NGX_MAIL_PARSE_INVALID_COMMAND;
+ }
+
return NGX_MAIL_AUTH_CRAM_MD5;
}
+
+ if (ngx_strncasecmp(arg[0].data, (u_char *) "EXTERNAL", 8) == 0) {
+
+ if (s->args.nelts == 1) {
+ return NGX_MAIL_AUTH_EXTERNAL;
+ }
+
+ if (s->args.nelts == 2) {
+ return ngx_mail_auth_external(s, c, 1);
+ }
+ }
+
+ return NGX_MAIL_PARSE_INVALID_COMMAND;
}
return NGX_MAIL_PARSE_INVALID_COMMAND;
case ngx_pop3_auth_cram_md5:
rc = ngx_mail_auth_cram_md5(s, c);
break;
+
+ case ngx_pop3_auth_external:
+ rc = ngx_mail_auth_external(s, c, 0);
+ break;
}
}
}
return NGX_ERROR;
+
+ case NGX_MAIL_AUTH_EXTERNAL:
+
+ ngx_str_set(&s->out, pop3_username);
+ s->mail_state = ngx_pop3_auth_external;
+
+ return NGX_OK;
}
return rc;
{ ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED },
{ ngx_string("apop"), NGX_MAIL_AUTH_APOP_ENABLED },
{ ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED },
+ { ngx_string("external"), NGX_MAIL_AUTH_EXTERNAL_ENABLED },
{ ngx_null_string, 0 }
};
ngx_string("LOGIN"),
ngx_null_string, /* APOP */
ngx_string("CRAM-MD5"),
+ ngx_string("EXTERNAL"),
ngx_null_string /* NONE */
};
size += sizeof("SASL") - 1 + sizeof(CRLF) - 1;
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
p = ngx_cpymem(p, "SASL", sizeof("SASL") - 1);
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
+ sizeof("." CRLF) - 1;
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
sizeof("+OK methods supported:" CRLF) - 1);
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
case ngx_smtp_auth_cram_md5:
rc = ngx_mail_auth_cram_md5(s, c);
break;
+
+ case ngx_smtp_auth_external:
+ rc = ngx_mail_auth_external(s, c, 0);
+ break;
}
}
}
return NGX_ERROR;
+
+ case NGX_MAIL_AUTH_EXTERNAL:
+
+ ngx_str_set(&s->out, smtp_username);
+ s->mail_state = ngx_smtp_auth_external;
+
+ return NGX_OK;
}
return rc;
{ ngx_string("plain"), NGX_MAIL_AUTH_PLAIN_ENABLED },
{ ngx_string("login"), NGX_MAIL_AUTH_LOGIN_ENABLED },
{ ngx_string("cram-md5"), NGX_MAIL_AUTH_CRAM_MD5_ENABLED },
+ { ngx_string("external"), NGX_MAIL_AUTH_EXTERNAL_ENABLED },
{ ngx_string("none"), NGX_MAIL_AUTH_NONE_ENABLED },
{ ngx_null_string, 0 }
};
ngx_string("LOGIN"),
ngx_null_string, /* APOP */
ngx_string("CRAM-MD5"),
+ ngx_string("EXTERNAL"),
ngx_null_string /* NONE */
};
auth_enabled = 0;
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
*p++ = 'A'; *p++ = 'U'; *p++ = 'T'; *p++ = 'H';
for (m = NGX_MAIL_AUTH_PLAIN_ENABLED, i = 0;
- m <= NGX_MAIL_AUTH_CRAM_MD5_ENABLED;
+ m <= NGX_MAIL_AUTH_EXTERNAL_ENABLED;
m <<= 1, i++)
{
if (m & conf->auth_methods) {
projects / nginx.git / commitdiff