Google Git
Sign in
nginx / nginx / nginx-0.1.35 / . / src / imap / ngx_imap_auth_http_module.c
blob: 7e6c44b23e07195fa844fd984052438842a4d0d7 [file] [log] [blame]
/*
* Copyright (C) Igor Sysoev
*/
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_event.h>
#include <ngx_event_connect.h>
#include <ngx_imap.h>
typedef struct {
ngx_peers_t *peers;
ngx_msec_t timeout;
ngx_str_t host_header;
ngx_str_t uri;
} ngx_imap_auth_http_conf_t;
typedef struct {
ngx_buf_t *request;
ngx_peer_connection_t peer;
} ngx_imap_auth_http_ctx_t;
static void ngx_imap_auth_http_write_handler(ngx_event_t *wev);
static void ngx_imap_auth_http_read_handler(ngx_event_t *rev);
static void ngx_imap_auth_http_block_read(ngx_event_t *rev);
static void ngx_imap_auth_http_dummy_handler(ngx_event_t *ev);
static ngx_buf_t *ngx_imap_auth_http_create_request(ngx_imap_session_t *s,
ngx_imap_auth_http_conf_t *ahcf);
static void *ngx_imap_auth_http_create_conf(ngx_conf_t *cf);
static char *ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent,
void *child);
static char *ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
static ngx_command_t ngx_imap_auth_http_commands[] = {
{ ngx_string("auth_http"),
NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1,
ngx_imap_auth_http,
NGX_IMAP_SRV_CONF_OFFSET,
0,
NULL },
{ ngx_string("auth_http_timeout"),
NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1,
ngx_conf_set_msec_slot,
NGX_IMAP_SRV_CONF_OFFSET,
offsetof(ngx_imap_auth_http_conf_t, timeout),
NULL },
ngx_null_command
};
static ngx_imap_module_t ngx_imap_auth_http_module_ctx = {
NULL, /* create main configuration */
NULL, /* init main configuration */
ngx_imap_auth_http_create_conf, /* create server configuration */
ngx_imap_auth_http_merge_conf /* merge server configuration */
};
ngx_module_t ngx_imap_auth_http_module = {
NGX_MODULE_V1,
&ngx_imap_auth_http_module_ctx, /* module context */
ngx_imap_auth_http_commands, /* module directives */
NGX_IMAP_MODULE, /* module type */
NULL, /* init module */
NULL /* init process */
};
static char *ngx_imap_auth_http_protocol[] = { "pop3", "imap" };
void
ngx_imap_auth_http_init(ngx_imap_session_t *s)
{
ngx_int_t rc;
ngx_imap_auth_http_ctx_t *ctx;
ngx_imap_auth_http_conf_t *ahcf;
ctx = ngx_pcalloc(s->connection->pool, sizeof(ngx_imap_auth_http_ctx_t));
if (ctx == NULL) {
ngx_imap_close_connection(s->connection);
return;
}
ahcf = ngx_imap_get_module_srv_conf(s, ngx_imap_auth_http_module);
ctx->request = ngx_imap_auth_http_create_request(s, ahcf);
if (ctx->request == NULL) {
ngx_imap_close_connection(s->connection);
return;
}
ngx_imap_set_ctx(s, ctx, ngx_imap_auth_http_module);
ctx->peer.peers = ahcf->peers;
ctx->peer.log = s->connection->log;
ctx->peer.log_error = NGX_ERROR_ERR;
rc = ngx_event_connect_peer(&ctx->peer);
if (rc == NGX_ERROR) {
ngx_imap_close_connection(s->connection);
return;
}
ctx->peer.connection->data = s;
ctx->peer.connection->pool = s->connection->pool;
s->connection->read->handler = ngx_imap_auth_http_block_read;
ctx->peer.connection->read->handler = ngx_imap_auth_http_read_handler;
ctx->peer.connection->write->handler = ngx_imap_auth_http_write_handler;
if (rc == NGX_OK) {
ngx_imap_auth_http_write_handler(ctx->peer.connection->write);
return;
}
ngx_add_timer(ctx->peer.connection->read, ahcf->timeout);
ngx_add_timer(ctx->peer.connection->write, ahcf->timeout);
}
static void
ngx_imap_auth_http_write_handler(ngx_event_t *wev)
{
ssize_t n, size;
ngx_connection_t *c;
ngx_imap_session_t *s;
ngx_imap_auth_http_ctx_t *ctx;
ngx_imap_auth_http_conf_t *ahcf;
c = wev->data;
s = c->data;
ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module);
ngx_log_debug0(NGX_LOG_DEBUG_IMAP, wev->log, 0,
"imap auth http write handler");
if (wev->timedout) {
ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT,
"auth http server timed out");
ngx_imap_close_connection(ctx->peer.connection);
ngx_imap_close_connection(s->connection);
return;
}
size = ctx->request->last - ctx->request->pos;
n = ngx_send(c, ctx->request->pos, size);
if (n == NGX_ERROR) {
ngx_imap_close_connection(ctx->peer.connection);
ngx_imap_close_connection(s->connection);
return;
}
if (n > 0) {
ctx->request->pos += n;
if (n == size) {
wev->handler = ngx_imap_auth_http_dummy_handler;
if (wev->timer_set) {
ngx_del_timer(wev);
}
return;
}
}
if (!wev->timer_set) {
ahcf = ngx_imap_get_module_srv_conf(s, ngx_imap_auth_http_module);
ngx_add_timer(wev, ahcf->timeout);
}
}
static void
ngx_imap_auth_http_read_handler(ngx_event_t *rev)
{
ngx_peers_t *peers;
ngx_connection_t *c;
ngx_imap_session_t *s;
#if 0
ngx_imap_auth_http_ctx_t *ctx;
#endif
c = rev->data;
s = c->data;
#if 0
ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module);
#endif
ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0,
"imap auth http read handler");
peers = NULL;
ngx_imap_proxy_init(s, peers);
}
static void
ngx_imap_auth_http_block_read(ngx_event_t *rev)
{
ngx_connection_t *c;
ngx_imap_session_t *s;
ngx_imap_auth_http_ctx_t *ctx;
ngx_log_debug0(NGX_LOG_DEBUG_IMAP, rev->log, 0,
"imap auth http block read");
if (ngx_handle_read_event(rev, 0) == NGX_ERROR) {
c = rev->data;
s = c->data;
ctx = ngx_imap_get_module_ctx(s, ngx_imap_auth_http_module);
ngx_imap_close_connection(ctx->peer.connection);
ngx_imap_close_connection(s->connection);
}
}
static void
ngx_imap_auth_http_dummy_handler(ngx_event_t *ev)
{
ngx_log_debug0(NGX_LOG_DEBUG_IMAP, ev->log, 0,
"imap auth http dummy handler");
}
static ngx_buf_t *
ngx_imap_auth_http_create_request(ngx_imap_session_t *s,
ngx_imap_auth_http_conf_t *ahcf)
{
size_t len;
ngx_buf_t *b;
len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1
+ sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1
+ sizeof("Auth-Method: plain" CRLF) - 1
+ sizeof("Auth-User: ") - 1 + s->login.len + sizeof(CRLF) - 1
+ sizeof("Auth-Pass: ") - 1 + s->passwd.len + sizeof(CRLF) - 1
+ sizeof("Auth-Protocol: imap" CRLF) - 1
+ sizeof("Client-IP: ") - 1 + s->connection->addr_text.len
+ sizeof(CRLF) - 1
+ sizeof(CRLF) - 1;
b = ngx_create_temp_buf(s->connection->pool, len);
if (b == NULL) {
return NULL;
}
b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1);
b->last = ngx_cpymem(b->last, ahcf->uri.data, ahcf->uri.len);
b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF,
sizeof(" HTTP/1.0" CRLF) - 1);
b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1);
b->last = ngx_cpymem(b->last, ahcf->host_header.data,
ahcf->host_header.len);
*b->last++ = CR; *b->last++ = LF;
b->last = ngx_cpymem(b->last, "Auth-Method: plain" CRLF,
sizeof("Auth-Method: plain" CRLF) - 1);
b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1);
b->last = ngx_cpymem(b->last, s->login.data, s->login.len);
*b->last++ = CR; *b->last++ = LF;
b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1);
b->last = ngx_cpymem(b->last, s->passwd.data, s->passwd.len);
*b->last++ = CR; *b->last++ = LF;
b->last = ngx_cpymem(b->last, "Auth-Protocol: ",
sizeof("Auth-Protocol: ") - 1);
b->last = ngx_cpymem(b->last, ngx_imap_auth_http_protocol[s->protocol],
sizeof("imap") - 1);
*b->last++ = CR; *b->last++ = LF;
b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1);
b->last = ngx_cpymem(b->last, s->connection->addr_text.data,
s->connection->addr_text.len);
*b->last++ = CR; *b->last++ = LF;
/* add "\r\n" at the header end */
*b->last++ = CR; *b->last++ = LF;
#if (NGX_DEBUG)
{
ngx_str_t l;
l.len = b->last - b->pos;
l.data = b->pos;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, s->connection->log, 0,
"imap auth http header:\n\"%V\"", &l);
}
#endif
return b;
}
static void *
ngx_imap_auth_http_create_conf(ngx_conf_t *cf)
{
ngx_imap_auth_http_conf_t *ahcf;
ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_imap_auth_http_conf_t));
if (ahcf == NULL) {
return NGX_CONF_ERROR;
}
ahcf->timeout = NGX_CONF_UNSET_MSEC;
return ahcf;
}
static char *
ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child)
{
ngx_imap_auth_http_conf_t *prev = parent;
ngx_imap_auth_http_conf_t *conf = child;
if (conf->peers == NULL) {
conf->peers = prev->peers;
conf->host_header = prev->host_header;
conf->uri = prev->uri;
}
ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000);
return NGX_CONF_OK;
}
static char *
ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_imap_auth_http_conf_t *ahcf = conf;
ngx_uint_t i;
ngx_str_t *value, *url;
ngx_inet_upstream_t inet_upstream;
#if (NGX_HAVE_UNIX_DOMAIN)
ngx_unix_domain_upstream_t unix_upstream;
#endif
value = cf->args->elts;
url = &value[1];
if (ngx_strncasecmp(url->data, "unix:", 5) == 0) {
#if (NGX_HAVE_UNIX_DOMAIN)
ngx_memzero(&unix_upstream, sizeof(ngx_unix_domain_upstream_t));
unix_upstream.name = *url;
unix_upstream.url = *url;
unix_upstream.uri_part = 1;
ahcf->peers = ngx_unix_upstream_parse(cf, &unix_upstream);
if (ahcf->peers == NULL) {
return NGX_CONF_ERROR;
}
ahcf->peers->peer[0].uri_separator = ":";
ahcf->host_header.len = sizeof("localhost") - 1;
ahcf->host_header.data = (u_char *) "localhost";
ahcf->uri = unix_upstream.uri;
#else
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"the unix domain sockets are not supported "
"on this platform");
return NGX_CONF_ERROR;
#endif
} else {
ngx_memzero(&inet_upstream, sizeof(ngx_inet_upstream_t));
inet_upstream.name = *url;
inet_upstream.url = *url;
inet_upstream.default_port_value = 80;
inet_upstream.uri_part = 1;
ahcf->peers = ngx_inet_upstream_parse(cf, &inet_upstream);
if (ahcf->peers == NULL) {
return NGX_CONF_ERROR;
}
for (i = 0; i < ahcf->peers->number; i++) {
ahcf->peers->peer[i].uri_separator = ":";
}
ahcf->host_header = inet_upstream.host_header;
ahcf->uri = inet_upstream.uri;
}
return NGX_CONF_OK;
}