nginx.git/src/mail/ngx_mail_handler.c, branch release-1.28.3 nginx Mail: improved error handling in plain/login/cram-md5 auth methods. 2025-12-23T18:40:33+00:00 Sergey Kandaurov pluknet@nginx.com 2025-08-12T11:55:02+00:00 fbbbf189dadf3bd59c2462af68c16f2c2874d4ee Previously, login and password storage could be left in inconsistent state in a session after decoding errors. 
Previously, login and password storage could be left in inconsistent
state in a session after decoding errors.
SSL: removed the "ssl" directive. 2023-06-08T10:49:27+00:00 Roman Arutyunyan arut@nginx.com 2023-06-08T10:49:27+00:00 d32f66f1e8dc81a0edbadbacf74191684a653d09 It has been deprecated since 7270:46c0c7ef4913 (1.15.0) in favour of the "ssl" parameter of the "listen" directive, which has been available since 2224:109849282793 (0.7.14). 
It has been deprecated since 7270:46c0c7ef4913 (1.15.0) in favour of
the "ssl" parameter of the "listen" directive, which has been available
since 2224:109849282793 (0.7.14).
Mail: max_errors directive. 2021-05-19T00:13:31+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-19T00:13:31+00:00 173f16f736c10eae46cd15dd861b04b82d91a37a Similarly to smtpd_hard_error_limit in Postfix and smtp_max_unknown_commands in Exim, specifies the number of errors after which the connection is closed. 
Similarly to smtpd_hard_error_limit in Postfix and smtp_max_unknown_commands
in Exim, specifies the number of errors after which the connection is closed.
Mail: fixed reading with fully filled buffer (ticket #2159). 2021-04-21T20:24:59+00:00 Maxim Dounin mdounin@mdounin.ru 2021-04-21T20:24:59+00:00 7b9920aad80299d79f4dba08de36693804f8751c With SMTP pipelining, ngx_mail_read_command() can be called with s->buffer without any space available, to parse additional commands received to the buffer on previous calls. Previously, this resulted in recv() being called with zero length, resulting in zero being returned, which was interpreted as a connection close by the client, so nginx silently closed connection. Fix is to avoid calling c->recv() if there is no free space in the buffer, but continue parsing of the already received commands. 
With SMTP pipelining, ngx_mail_read_command() can be called with s->buffer
without any space available, to parse additional commands received to the
buffer on previous calls.  Previously, this resulted in recv() being called
with zero length, resulting in zero being returned, which was interpreted
as a connection close by the client, so nginx silently closed connection.

Fix is to avoid calling c->recv() if there is no free space in the buffer,
but continue parsing of the already received commands.
Mail: fixed build without SSL. 2021-03-11T01:46:26+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-11T01:46:26+00:00 3bbec30739b17783394e34924ca732b946550323 Broken by d84f13618277 and 12ea1de7d87c (1.19.8). Reported by Sergey Osokin. 
Broken by d84f13618277 and 12ea1de7d87c (1.19.8).

Reported by Sergey Osokin.
Mail: realip module. 2021-03-05T14:16:29+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-05T14:16:29+00:00 c2e22bcf325ee0031d1c86fbdfb79a2f8e1b4a7b When configured with the "set_real_ip_from", it can set client's IP address as visible in logs to the one obtained via the PROXY protocol. 
When configured with the "set_real_ip_from", it can set client's IP
address as visible in logs to the one obtained via the PROXY protocol.
Mail: parsing of the PROXY protocol from clients. 2021-03-05T14:16:24+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-05T14:16:24+00:00 1fce224f01b5a9b503315bd24e99421e5ca5bd7c Activated with the "proxy_protocol" parameter of the "listen" directive. Obtained information is passed to the auth_http script in Proxy-Protocol-Addr, Proxy-Protocol-Port, Proxy-Protocol-Server-Addr, and Proxy-Protocol-Server-Port headers. 
Activated with the "proxy_protocol" parameter of the "listen" directive.
Obtained information is passed to the auth_http script in Proxy-Protocol-Addr,
Proxy-Protocol-Port, Proxy-Protocol-Server-Addr, and Proxy-Protocol-Server-Port
headers.
Mail: fixed log action after SSL handshake. 2021-03-05T14:16:20+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-05T14:16:20+00:00 83de0868b1bb5275e51698545e2165782bb5421d 






Mail: postponed session initialization under accept mutex.
2021-03-05T14:16:19+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-03-05T14:16:19+00:00

7d4cd6cff428cb8717f8560a00f825d72b49f68a

Similarly to 40e8ce405859 in the stream module, this reduces the time
accept mutex is held.  This also simplifies following changes to
introduce PROXY protocol support.





Similarly to 40e8ce405859 in the stream module, this reduces the time
accept mutex is held.  This also simplifies following changes to
introduce PROXY protocol support.







Mail: added missing event handling after reading data.
2021-03-05T14:16:17+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-03-05T14:16:17+00:00

065a1641b242538073e92065e20fd788203108ab

If we need to be notified about further events, ngx_handle_read_event()
needs to be called after a read event is processed.  Without this,
an event can be removed from the kernel and won't be reported again,
notably when using oneshot event methods, such as eventport on Solaris.

For consistency, existing ngx_handle_read_event() call removed from
ngx_mail_read_command(), as this call only covers one of the code paths
where ngx_mail_read_command() returns NGX_AGAIN.  Instead, appropriate
processing added to the callers, covering all code paths where NGX_AGAIN
is returned.





If we need to be notified about further events, ngx_handle_read_event()
needs to be called after a read event is processed.  Without this,
an event can be removed from the kernel and won't be reported again,
notably when using oneshot event methods, such as eventport on Solaris.

For consistency, existing ngx_handle_read_event() call removed from
ngx_mail_read_command(), as this call only covers one of the code paths
where ngx_mail_read_command() returns NGX_AGAIN.  Instead, appropriate
processing added to the callers, covering all code paths where NGX_AGAIN
is returned.