nginx for Windows - WSASend() socket error 10057

Sergey Brester serg.brester at sebres.de
Thu Feb 27 10:20:41 UTC 2020


 

Hmmm... 

I could imagine that this doesn't work as expected because
mail::auth_http simply makes fewer requests as you may assume (due to
keep-alive + some internal "cache" for established connections).
I have no time to trace it right now (you can enable debug and look how
often /cgi-bin/nginxauth.cgi will be called internally). 

Normally it would be more proper to place limit_req into mail/server
sections, but I'm pretty sure you would get something like "limit_req
directive is not allowed here". One should extend this module to allow
that in mail/server sections. 

So it looks like this method is not suitable for you at the moment. 

@nginx-devel: I don't see a troubles to extend directives of
"ngx_http_limit_req_module" to consider mail/server too.
Are there some objections against that? 

Regards,
Serg. 

Am 26.02.2020 21:36, schrieb Yury Shpakov: 

> Hi Sergey, 
> 
> I added couple lines in my config and re-ran nginx: 
> === === === 
> 
> worker_processes 1; 
> 
> events { 
> worker_connections 1024; 
> } 
> 
> #error_log logs/error-mail.log debug; 
> 
> mail { 
> server_name localhost; 
> auth_http localhost:9000/cgi-bin/nginxauth.cgi; 
> 
> smtp_auth none; 
> xclient off; 
> 
> server { 
> listen 8025; 
> protocol smtp; 
> proxy on; 
> proxy_pass_error_message on; 
> } 
> } 
> 
> http { 
> limit_req_zone $binary_remote_addr zone=ip:10m rate=5r/s; 
> server { 
> listen 9000; 
> listen [::]:9000 ipv6only=on; 
> 
> location /cgi-bin/nginxauth.cgi { 
> limit_req zone=ip burst=12 delay=8; 
> add_header Auth-Status OK; 
> add_header Auth-Server 127.0.0.1; # backend ip 
> add_header Auth-Port 25; # backend port 
> return 204; 
> } 
> } 
> } 
> === === === 
> 
> My C# test code is very simple: 
> 
> using (var smtpClient = new SmtpClient("localhost", 8025) {Timeout = 60 * 60 * 1000})
> {
> for (int i = 0; i < 1000; i++)
> {
> smtpClient.Send("noreply at wmata.com", "ys at wmata.com", "Email subject", "Email body");
> }
> }
> 
> And with no delays or failures upstream (Fake) SMTP Server receives all 1000 emails (actually within 3 seconds): 
> 
> Received from 03:22:16 to 03:22:19 all 1000. 
> 
> So latency is not working. Maybe I missed some step? Maybe I needed to add module ngx_http_limit_req_module and recompile nginx? 
> But if there is no such module in nginx, I would see configuration errors (like with this typo in config): 
> 
> Regards, 
> Yury 
> 
> -------------------------
> 
> FROM: Sergey Brester <serg.brester at sebres.de>
> SENT: Wednesday, February 26, 2020 4:50 AM
> TO: Yury Shpakov <yshpakov at hotmail.com>
> CC: nginx-devel at nginx.org <nginx-devel at nginx.org>
> SUBJECT: Re: nginx for Windows - WSASend() socket error 10057 
> 
> There are several possibilities to introduce a latency in nginx: 
> 
> - limit_req - https://www.nginx.com/blog/rate-limiting-nginx/#Two-Stage-Rate-Limiting [2] 
> 
> - Maxim's ngx_http_delay (I used it more for development purposes, like test or simulation of load etc); 
> 
> - some "slow" upstream backend that doing nothing, just waiting (preferably asynchronous). 
> 
> You seems to have some upstream (php?) serving auth_http requests, so you could for example implement some delay in case of failed attempt within php (or whatever you use there as backend).
> Note that it is always good if the latency will be implemented asynchronously (without a real "sleep") in order to avoid possible overload under DDoS similar circumstances. 
> 
> Regards,
> Sergey. 
> 
> Am 26.02.2020 01:59, schrieb Yury Shpakov: 
> Hi Sergey, 
> 
> You mentioned that you can set up some delays in responses. 
> How can I do it? 
> Adding this module during compilation? 
> https://github.com/openresty/echo-nginx-module [3] 
> 
> I tried but it didn't want to compile. I got many compilation errors. 
> 
> Maybe I can set up delays somehow else? 
> 
> Thank you, 
> Yury 
> 
> -------------------------
> 
> FROM: nginx-devel <nginx-devel-bounces at nginx.org> on behalf of Yury Shpakov <yshpakov at hotmail.com>
> SENT: Friday, February 14, 2020 6:08 PM
> TO: Sergey Brester <serg.brester at sebres.de>
> CC: nginx-devel at nginx.org <nginx-devel at nginx.org>
> SUBJECT: Re: nginx for Windows - WSASend() socket error 10057 
> 
> So what is the meaning of Auth-Server and Auth-Port headers? So it's relevant only when nginx works as SMTP Proxy (not SMTP Server)? And these are host/port where to redirect SMTP requests? 
> Yeah, I was all the time surprised -- how come, it's set as Proxy but there is no setting where it redirects SMTP communication to. A little bit unexpected place for those setting. 
> 
> Well, let me try... 
> 
> I ran Fake SMTP Server on port 25.(I found on Internet some fake SMTP Server). I configured my test SMTP client to localhost:25 (later to 127.0.0.1:25). They send/receive successfully. So both SMTP Client and (fake) SMTP Server work fine. 
> 127.0.0.1 works fine too. 
> 
> I re-configured my test SMTP client to localhost:8025 (tried 127.0.0.1:8025 too). As well, I changed this section of config as follows: 
> http {
> 
> server { 
> listen 9000; 
> 
> location /cgi-bin/nginxauth.cgi { 
> add_header Auth-Status OK; 
> add_header Auth-Server 127.0.0.1; # backend ip 
> add_header Auth-Port 25; # backend port 
> return 204; 
> } 
> } 
> } 
> The same error: 
> 2020/02/14 17:37:18 [error] 15260#3328: *5 WSASend() failed (10057: A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied) while in http auth state, client: 127.0.0.1, server: 0.0.0.0:8025 
> 
> UPDATE: 
> Detailed logging with debug information helped a lot. 
> This is what I noticed in there: 
> 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 smtp auth state
> 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 WSARecv: fd:584 rc:0 24 of 4096 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 smtp rcpt to:"RCPT TO:<ys at wmata.com>" 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 event timer del: 584: 1172123084 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 malloc: 02F8C260:2048 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 stream socket 588 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 connect to [::1]:9000, fd:588 #2 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 select add event fd:588 ev:768 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 select add event fd:588 ev:16 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 event timer add: 588: 60000:1172123084 
> 2020/02/14 17:40:28 [debug] 3940#22096: *1 event timer add: 588: 60000:1172123084 
> So it's trying to use IP6 rather than IP4. 
> And below: 
> 
> 2020/02/14 17:40:29 [debug] 3940#22096: *1 delete posted event 03171170
> 
> 2020/02/14 17:40:29 [debug] 3940#22096: *1 mail auth http write handler 
> 2020/02/14 17:40:29 [debug] 3940#22096: *1 WSASend: fd:588, -1, 0 of 306 
> 2020/02/14 17:40:29 [error] 3940#22096: *1 WSASend() failed (10057: A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied) while in http auth state, client: 127.0.0.1, server: 0.0.0.0:8025 
> 2020/02/14 17:40:29 [debug] 3940#22096: *1 event timer del: 588: 1172123084 
> 2020/02/14 17:40:29 [debug] 3940#22096: *1 event timer del: 588: 1172123084 
> So, I replaced localhost with 127.0.0.1 like this: 
> auth_http 127.0.0.1:9000/cgi-bin/nginxauth.cgi;
> 
> And it worked. Since I forced it to use IP4. 
> Any idea how to use host name instead of IP address and still have it working? 
> 
> UPDATE 2: 
> I figured it out. Googled a little bit and ended up with the following change to my config: 
> 
> http {
> 
> server { 
> listen 9000; 
> listen [::]:9000 ipv6only=on; 
> 
> location /cgi-bin/nginxauth.cgi { 
> add_header Auth-Status OK; 
> add_header Auth-Server 127.0.0.1; # backend ip 
> add_header Auth-Port 25; # backend port 
> return 204; 
> } 
> } 
> } 
> Now it works. 
> But why just "listen 9000" doesn't listen on both IP4 and IP6? 
> Is it a bug? 
> 
> Yury 
> 
> -------------------------
> 
> FROM: Sergey Brester <serg.brester at sebres.de>
> SENT: Friday, February 14, 2020 5:59 AM
> TO: Yury Shpakov <yshpakov at hotmail.com>
> CC: nginx-devel at nginx.org <nginx-devel at nginx.org>
> SUBJECT: Re: nginx for Windows - WSASend() socket error 10057 
> 
> I don't know what is wrong with your config... I guess your smtp server does not answer properly. 
> 
> Is 127.0.0.2:143 really your SMTP-server? 
> Because port 143 is mostly an IMAP port - but you've specified PROTOCOL SMTP in the server section. 
> 
> Anyway I tested your config with my settings (replaced name and smtp-server, here 192.0.2.222:25) and enabled debug: 
> 
> + error_log logs/error-mail.log DEBUG;
> mail {
> - server_name localhost;
> + server_name EXAMPLE.COM;
> ...
> http {
> ...
> - add_header Auth-Server 127.0.0.2;
> - add_header Auth-Port 143;
> + add_header Auth-Server 192.0.2.222;
> + add_header Auth-Port 25; 
> 
> it works well - I see the test incoming mail (I send to myself via 8025 port) and following output in the log (a lot of irrelevant messages are removed): 
> 
>>>>>>>>>> 
> 
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 smtp mail from:"mail FROM:<test at example.com>"
> ...
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http request line: "GET /cgi-bin/nginxauth.cgi HTTP/1.0"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http uri: "/cgi-bin/nginxauth.cgi"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http args: ""
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http exten: "cgi"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http process request header line
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Host: localhost"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-Method: none"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-User: "
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-Pass: "
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-Protocol: smtp"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-Login-Attempt: 1"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Client-IP: 127.0.0.1"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Client-Host: [UNAVAILABLE]"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-SMTP-Helo: myhost.example.com"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-SMTP-From: mail FROM:<test at example.com>"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header: "Auth-SMTP-To: rcpt TO:<test at example.com>"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http header done
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 event timer del: 512: 1127939767
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 generic phase: 0
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 rewrite phase: 1
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 search through nested static locations of ""
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 test location: "/cgi-bin/nginxauth.cgi"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 using configuration "/cgi-bin/nginxauth.cgi"
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http cl:-1 max:1048576
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 rewrite phase: 3
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http set discard body
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 HTTP/1.1 204 No Content
> Server: nginx/1.17.4
> Date: Fri, 14 Feb 2020 10:24:04 GMT
> Connection: close
> Auth-Status: OK
> Auth-Server: 192.0.2.222
> Auth-Port: 25
> 
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 write new buf t:1 f:0 008AD6A0, pos 008AD6A0, size: 164 file: 0, size: 0
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http write filter: l:1 f:0 s:164
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http write filter limit 0
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 WSASend: fd:512, s:164
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http write filter 00000000
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http finalize request: 0, "/cgi-bin/nginxauth.cgi?" a:1, c:1
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http request count:1 blk:0
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http close request
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 http log handler
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 free: 008ACC50, unused: 1161
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 close http connection: 512
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 reusable connection: 0
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 free: 008AC848
> 2020/02/14 11:24:04 [debug] 121280#128244: *3 free: 0039FDE0, unused: 28
> 2020/02/14 11:24:04 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http read handler
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 164 of 1024
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http process status line
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http process headers
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Server: nginx/1.17.4"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Date: Fri, 14 Feb 2020 10:24:04 GMT"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Connection: close"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Auth-Status: OK"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Auth-Server: 192.0.2.222"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header: "Auth-Port: 25"
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail auth http header done
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 event timer del: 496: 1127939764
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 reusable connection: 0
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 free: 008AC040, unused: 196
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 stream socket 496
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 connect to 192.0.2.222:25, fd:496 #4
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 event timer add: 496: 60000:1127939769
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 malloc: 008AC040:4096
> 2020/02/14 11:24:04 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 post event 00897120
> 2020/02/14 11:24:04 [debug] 121280#128244: posted event 00897120
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 delete posted event 00897120
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail proxy dummy handler
> 2020/02/14 11:24:04 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail proxy smtp auth handler
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 22 of 4096
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 mail proxy send ehlo
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 malloc: 0039FDE0:256
> 2020/02/14 11:24:04 [debug] 121280#128244: *1 WSASend: fd:496, 0, 25 of 25
> 2020/02/14 11:24:04 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy smtp auth handler
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 196 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy send mail from
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:496, 0, 47 of 47
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy smtp auth handler
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 60 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy send rcpt to
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:496, 0, 45 of 45
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy smtp auth handler
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 63 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 event timer add: 492: 86400000:1214280441
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 event timer del: 496: 1127939769
> 2020/02/14 11:24:05 [info] 121280#128244: *1 client logged in, client: 127.0.0.1, server: 0.0.0.0:8025
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy handler: 1, #496 > #492
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:492, 0, 63 of 63
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 event timer: 492, old: 1214280441, new: 1214280441
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 post event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: posted event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 delete posted event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy handler: 0, #492 > #496
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:492 rc:0 6 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:496, 0, 6 of 6
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 event timer: 492, old: 1214280441, new: 1214280441
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy handler: 0, #496 > #492
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 50 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:492, 0, 50 of 50
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 post event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: posted event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 delete posted event 008830C8
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy handler: 0, #492 > #496
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:492 rc:0 170 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:496, 0, 170 of 170
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 event timer: 492, old: 1214280441, new: 1214280535
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 mail proxy handler: 0, #496 > #492
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSARecv: fd:496 rc:0 56 of 4096
> 2020/02/14 11:24:05 [debug] 121280#128244: *1 WSASend: fd:492, 0, 56 of 56
> 2020/02/14 11:24:05 [debug] 121280#128244: worker cycle
> ... 
> 
> <<<<<<<<< 
> 
> Regards,
> Sergey 
> 
> 13.02.2020 22:45, Yury Shpakov wrote: 
> Hi Sergey, 
> 
> I reconfigured the config file as follows: 
> 
> === === === 
> 
> #user nobody; 
> worker_processes 1; 
> 
> #error_log logs/error.log; 
> #error_log logs/error.log notice; 
> #error_log logs/error.log info; 
> 
> #pid logs/nginx.pid; 
> 
> events { 
> worker_connections 1024; 
> } 
> 
> mail { 
> server_name localhost; 
> auth_http localhost:9000/cgi-bin/nginxauth.cgi; 
> # auth_http none; 
> 
> smtp_auth none; 
> # smtp_auth login plain cram-md5; 
> # smtp_capabilities "SIZE 10485760" ENHANCEDSTATUSCODES 8BITMIME DSN; 
> xclient off; 
> 
> server { 
> listen 8025; 
> protocol smtp; 
> proxy on; 
> proxy_pass_error_message on; 
> } 
> } 
> 
> http { 
> server { 
> listen 9000; 
> 
> location /cgi-bin/nginxauth.cgi { 
> add_header Auth-Status OK; 
> add_header Auth-Server 127.0.0.2; # backend ip 
> add_header Auth-Port 143; # backend port 
> return 204; 
> } 
> } 
> } 
> === === === 
> 
> And now it's responding on port 9000 as expected: 
> 
> === === === 
> C:WINDOWSsystem32>curl -H "Auth-Method: plain" -H "Auth-User: user" -H "Auth-Pass: pwd" -H "Auth-Protocol: imap" -H "Auth-Login-Attempt: 1" -i http://127.0.0.1:9000/cgi-bin/nginxauth.cgi
> 
> HTTP/1.1 204 No Content 
> Server: nginx/1.17.9 
> Date: Thu, 13 Feb 2020 21:30:54 GMT 
> Connection: keep-alive 
> Auth-Status: OK 
> Auth-Server: 127.0.0.2 Auth-Port: 143 
> === === === 
> 
> However I'm still experiencing the same issue (in log file): 
> 
> === === === 
> 2020/02/13 16:29:24 [notice] 35048#26192: signal process started
> 
> 2020/02/13 16:29:34 [error] 31732#22720: *1 WSASend() failed (10057: A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied) while in http auth state, client: 127.0.0.1, server: 0.0.0.0:8025 === === === 
> 
> Tried under both admin and regular user. 
> 
> Any further ideas how to get it fixed please? 
> 
> Thank you, 
> Yury 
> 
> -------------------------
> 
> FROM: Sergey Brester <serg.brester at sebres.de>
> SENT: Wednesday, February 12, 2020 1:51 PM
> TO: Yury Shpakov <yshpakov at hotmail.com>
> CC: nginx-devel at nginx.org <nginx-devel at nginx.org>
> SUBJECT: Re: nginx for Windows - WSASend() socket error 10057 
> 
> I answered inline... 
> 
> 12.02.2020 18:59, Yury Shpakov wrote: 
> Hi Sergey, 
> 
> Thank you for you response. 
> 
> I tried netstat /nabo and I don't see any reference to port 9000 at all. 
> So a problem is to make nginx to listen on port 9000 (as server)? 
> Or nginx is not listening on port 9000 but rather sending requests to port 9000 (as client)? 
> With setting of `auth_http`, you are defining an URL to the service responsible for authentication (and upstream choice). 
> Of course then you should have something that would response to the auth-requests (your own upstream, or some nginx location, or some "foreign" http-server). 
> 
> See https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/ [4] for more examples. 
> Maybe it's easier not to use auth_http at all? I was trying to remove it from configuration file but nginx was not happy. 
> 
> I have my own auth-module so I don't know how it can be solved in stock-nginx without this directive. 
> 
> Take a look here - https://serverfault.com/questions/594962/nginx-understanding-the-purpose-of-auth-http-imap-proxy [5] - you can use some nginx location (and internal URL to same nginx instance) to specify that.
> 
> Anyway it is recommended to use some auth (on nginx side), because it'd preserve the resources of mail-servers, allow you to authenticate email clients with same user/password for all mail-servers (smtp, imap, pop3, etc) as well as the same user/pwd as for some other http-services. And it is used to choose an upstream server (if multiple) for the email processing. 
> At this point I don't need any authentication. I was told by my boss to use nginx for load testing of our service sending emails (SMTP client). I've got some SMTP Server and nginx would be used as SMTP proxy because it allows to set up delays. 
> Well, an auth request to some nginx-location would allow you to set up delays even on authentication phase. 
> And take into account that I REMOVED "--with-http_ssl_module" from parameters when I was building nginx. 
> 
> And you advised to download some nginx.exe files but I believe they were built without "--with-mail" parameter (which I need). 
> Although, it was compiled with "--with-mail" (you can see all parameters in provided GH-link [6]) 
> But it would not help, because basically your issue seems to be the configuration (not the nginx.exe). 
> 
> Thank you, 
> Yury 
> 
> -------------------------
> 
> FROM: Sergey Brester <serg.brester at sebres.de>
> SENT: Wednesday, February 12, 2020 7:38 AM
> TO: nginx-devel at nginx.org <nginx-devel at nginx.org>
> CC: Yury Shpakov <yshpakov at hotmail.com>
> SUBJECT: Re: nginx for Windows - WSASend() socket error 10057 
> 
> It looks like your service defined in auth_http doesn't answer (or no listener on 127.0.0.1 port 9000?)... 
> 
> try netstat (in cmd as admin): 
> 
> netstat /nabo
> netstat /nabo | grep -A 1 ":9000b" 
> 
> and check whether the listener on port 9000 is bound to 127.0.0.1 (or it is 0.0.0.0 only?) and it is the process you expect to see there (can be "reserved" by some other windows-service). 
> 
> additionally try to telnet or curl it: 
> 
> curl -H "Auth-Method: plain" -H "Auth-User: user" -H "Auth-Pass: pwd" -H "Auth-Protocol: imap" -H "Auth-Login-Attempt: 1" -i http://127.0.0.1:9000/cgi-bin/nginxauth.cgi 
> 
> if it does not answer, make another attempt by replace 127.0.0.1 with 0.0.0.0 (or a host-name). 
> 
> If it answers - see whether it is the expected response (some examples of good and bad responses are described in http://nginx.org/en/docs/mail/ngx_mail_auth_http_module.html [7]). 
> 
> But I guess if WSASend fails, it would probably (unexpected) reject the connection during the send (or even connect) process.
> It can be also invalid (unexpected) content-length in keep-alive connect to auth-upstream - so send but still receive is expected (or vice versa). 
> 
> Also follow this forum topic addressing similar issue: https://forum.nginx.org/read.php?2,257206,257207#msg-257207 [8] 
> 
> Anyway it doesn't look to me like an issue of nginx (regardless windows or not), but you can also try some other ready build (for example on my GH [6] - nginx.zip [9], where it works well). 
> 
> Regards,
> Sergey 
> 
> 12.02.2020 03:01, Yury Shpakov wrote: 
> Hi there, 
> 
> Trying to make nginx work as SMTP server and/or SMTP proxy. Done everything according to: 
> http://nginx.org/en/docs/howto_build_on_win32.html [10] 
> But excluded (don't care about SSL at this point so don't want to install/configure Perl now): 
> --with-openssl=objs/lib/openssl-master 
> 
> --with-openssl-opt=no-asm 
> --with-http_ssl_module 
> And added: 
> --with-mail
> 
> nmake was successful and nginx.exe was created. 
> However nginx.exe keeps failing with the error: 
> WSASend() failed (10057: A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied) while in http auth state, client: 127.0.0.1, server: 0.0.0.0:8025 
> Windows API says the following about this error: 
> 
> WSAENOTCONN10057
> Socket is not connected.A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using SENDTO [11]) no address was supplied. Any other type of operation might also return this error--for example, SETSOCKOPT [12] setting SO_KEEPALIVE [13] if the connection has been reset.
> 
> https://docs.microsoft.com/en-us/windows/win32/winsock/windows-sockets-error-codes-2 [14]
> 
> Windows Sockets Error Codes (Winsock2.h) - Win32 apps | Microsoft Docs [14] 
> Return code/value Description; WSA_INVALID_HANDLE 6: Specified event object handle is invalid. An application attempts to use an event object, but the specified handle is not valid. 
> docs.microsoft.com 
> 
> Managed to debug your code in VS 2010 a little bit but it's brutal C so it's hard to figure your code out. And this debugger doesn't show you any local variables values. 
> Any recommendation for me to make it work? 
> Tried to play with config (commenting/uncommenting): 
> 
> #user nobody; 
> worker_processes 1; 
> #error_log logs/error.log; 
> #error_log logs/error.log notice; 
> #error_log logs/error.log info; 
> #pid logs/nginx.pid; 
> events { 
> worker_connections 1024; 
> } 
> mail { 
> server_name localhost; 
> auth_http localhost:9000/cgi-bin/nginxauth.cgi; 
> # auth_http none; 
> smtp_auth none; 
> # smtp_auth login plain cram-md5; 
> # smtp_capabilities "SIZE 10485760" ENHANCEDSTATUSCODES 8BITMIME DSN; 
> xclient off; 
> server { 
> listen 8025; 
> protocol smtp; 
> proxy on; 
> proxy_pass_error_message on; 
> } 
> } Tried both under a regular user and under admin. Tried on 25, 1025 and 8025 ports. 
> Thank you, 
> Yury 
> 
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx-devel [1]
 

Links:
------
[1] http://mailman.nginx.org/mailman/listinfo/nginx-devel
[2]
https://www.nginx.com/blog/rate-limiting-nginx/#Two-Stage-Rate-Limiting
[3] https://github.com/openresty/echo-nginx-module
[4] https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/
[5]
https://serverfault.com/questions/594962/nginx-understanding-the-purpose-of-auth-http-imap-proxy
[6] https://github.com/sebres/nginx/releases/tag/release-1.13.0
[7] http://nginx.org/en/docs/mail/ngx_mail_auth_http_module.html
[8] https://forum.nginx.org/read.php?2,257206,257207#msg-257207
[9] https://github.com/sebres/nginx/files/2246440/nginx.zip
[10] http://nginx.org/en/docs/howto_build_on_win32.html
[11]
https://docs.microsoft.com/en-us/windows/desktop/api/winsock/nf-winsock-sendto
[12]
https://docs.microsoft.com/en-us/windows/desktop/api/winsock/nf-winsock-setsockopt
[13]
https://docs.microsoft.com/en-us/windows/desktop/winsock/so-keepalive
[14]
https://docs.microsoft.com/en-us/windows/win32/winsock/windows-sockets-error-codes-2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20200227/300052e4/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 42105 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20200227/300052e4/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 9367 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20200227/300052e4/attachment-0003.png>


More information about the nginx-devel mailing list