Phil Carmody [Mon, 9 Jun 2014 20:02:52 +0000 (23:02 +0300)]
lib-test: test_assert helper for loops
If you're repeatedly testing the same expression in a loop, it's
good to know where you are in the loop. Add an additional parameter
for these cases.
Phil Carmody [Mon, 9 Jun 2014 20:02:52 +0000 (23:02 +0300)]
lib: bit twiddles
bits_requiredXX() gives the number of bits required to store an unsigned
integer. Here, XX is 8, 16, 32, 64, reperesenting the size of the operand.
It belongs in the same file as nearest_power(), which makes most sense
in a separate bit twiddles file. Universal enough to stay in lib.h by
inclusion.
Phil Carmody [Mon, 9 Jun 2014 19:59:59 +0000 (22:59 +0300)]
lib: Fix MEM_ALIGN to cope with huge allocations
Attempting to allocate 2^32+1 bytes will look like it succeeds, as MEM_ALIGN
will set alloc_size = 8. The caller will then think it's got 4 gig to play
with.
e.g. t_malloc0 will wipe vast areas of memory before segfaulting, which might
include useful information we'd like in a corefile.
Timo Sirainen [Mon, 9 Jun 2014 19:53:16 +0000 (22:53 +0300)]
lib-index: modseq -> {log file, offset} lookup often ignored dovecot.index.log.2
This caused the code to think that the modseq was too old and fall back into
slower sync.
So this change should fix the dsync "Modseq .. nom longer in transaction
log" warnings as well as improve IMAP QRESYNC efficiency.
Timo Sirainen [Mon, 9 Jun 2014 15:15:51 +0000 (18:15 +0300)]
lib: Added some kind of a unit test for hash table.
Just try out some insert+deletes randomly. Mainly I wrote this to check if
there is some obvious problem, but looks like not.
Timo Sirainen [Mon, 9 Jun 2014 12:11:50 +0000 (15:11 +0300)]
lib-ssl-iostream: Implement get_used_size() method.
Previously we were always returning that we didn't have anything buffered,
which could have caused huge memory usage (or malloc failures) with its
users (e.g. dsync).
Timo Sirainen [Thu, 5 Jun 2014 10:43:11 +0000 (13:43 +0300)]
lib-storage: Mailbox list index updating didn't check properly if modseq tracking is enabled.
mail_index_modseq_enable() can be enabled (e.g. by virtual plugin) without
enabling MAILBOX_FEATURE_CONDSTORE.
(Actually the MAILBOX_FEATURE_* probably should be removed from lib-storage
entirely. They're too much of an IMAP feature.)
Timo Sirainen [Thu, 5 Jun 2014 10:38:36 +0000 (13:38 +0300)]
maildir: Mailbox list index refreshing shouldn't check cur/new dirs with maildir_very_dirty_syncs=yes
The recent mailbox_list_index_very_dirty_syncs change broke this. Just
because maildir_very_dirty_syncs=yes, it doesn't mean that
mailbox_list_index_very_dirty_syncs=yes also.
Timo Sirainen [Thu, 5 Jun 2014 08:30:19 +0000 (11:30 +0300)]
*-login: Flush SSL output when logging out.
The BYE and LOGOUT replies weren't being sent when they were sent from
imap-login process (before logging in).
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: make uid_lookup_idx hold a sequence number, not a 0-based C array index
Rename it to _seq, and make it hold values 1.. rather than 0.. . Several
uses of the value are simplified by this change, and none are made more
confusing, so I think it helps improve maintainability of the code.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: use _REC_AT_SEQ not _MAP_IDX in view_sync_get_log_lost_changes
Shifting i and j up by one to use in the new macro means we don't
need the +1's in the calls to view_sync_apply_lost_changes and
mail_index_map_lookup_keywords. Rename them as seq variables too.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: use _REC_AT_SEQ not _MAP_IDX in loops over every record
Just change the loop bounds from [0..count) to [1..count], and make the
loop variale explicitly a seq.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: trivial robomatic migration from _MAP_IDX to new helper
All users which have a '-1' in their MAIL_INDEX_MAP_IDX have been changed
to the new mail_index_rec_at_seq() helper using this sed script:
$ sed -ie 's/MAIL_INDEX_MAP_IDX(\([^,]*[^)]*[^ ]\) \?- \?1)/MAIL_INDEX_REC_AT_SEQ(\1)/' src/lib-index/*.[ch]
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: new helper macro with more user-friendly semantics
As the record ids range from 1..records_count, but the data is
stored as if in a C-style 0-based array, current clients of
MAIL_INDEX_MAP_IDX() must subtract 1 from the index themselved.
New MAIL_INDEX_REC_AT_SEQ() macro does the subtraction for you,
it gives you (the address of) the record from a seq number.
Uglified users of the former will be migrated to the latter.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: optimise memmoves in expunge, only move each region once
Rather than shifting things back and back and back with potentially O(N^2)
(more precisely O(count*rec_count')) work factor, move each slice of memory
only once, directly where we want it to end up (O(rec_count') work factor).
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: trivial paranoia check in expunge loop
We will later be moving the zone between the current seqs and the
(end of the) previous seqs - this check ensures that the range is
indeed monotonic, and thus that zone is positive in size. It can
be zero right at the start, if the first seqs is (1,...)
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: Preparatory HACK - reverse the loop order in the expunge
This is the final step before the actual optimisation of the memmoves.
HACK, as it it de-optimises the moves so as much as possible gets moved
as many times as possible. It clears the path for a later patch which
optimises them far better.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: explicitly inline contents of sync_expunge()
To later optimise the memmoves, we will need to be aware of previous seqs.
It's easier to just have the guts inlined, so too much state doesn't need
to be passed around.
For review, this change is best viewed with a whitespace-insensitive diff,
to verify that the new contents of the loop are identical to the contents of
the now-absorbed function.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: call all expunge handlers first
Firstly, the init checking only needs to be done once. More importantly,
moving this preparatory stage into its own per-seqs loop means there's
less to juggle when we optimise the memmoving loop in subequent patches.
Phil Carmody [Mon, 2 Jun 2014 11:50:34 +0000 (14:50 +0300)]
mail-index: move expunge handler init into helper function
Preparatory for later optimisation patches where the call to this will
be lifted out of the expunge(seq1,seq2) inner function and done once
for the whole range of seqs in one go.
Timo Sirainen [Mon, 2 Jun 2014 01:16:08 +0000 (04:16 +0300)]
director: If we detect that a user is being proxied to multiple backends, disconnect wrong connections.
Especially IMAP connections can otherwise stay alive for a long time and
cause problems.
Timo Sirainen [Wed, 28 May 2014 01:20:58 +0000 (04:20 +0300)]
lib-storage: "Message has no NUL characters" flag was being set wrong to cache file.
Only the first MIME part was checked for its existence.
When this flag was wrong, IMAP FETCH may have returned NUL characters
instead of converting them to 0x80 character. This apparently caused Outlook
to hang.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
auth: checkpassword callback callback type bike-shedding
This change doesn't change the compiler's (gcc) view on the correctness of
the code. It moves sparse's attention of where the potential issues are
though. Sparse used to complain about dodgy function pointer conversions on
both the way out (passing the callback function pointer), and on the way in
(entering the callback). Making the callback not lie about what it receives
gets rid of the way in warnings, but adds warnings as we pass the new
function pointer out. However, it already complains about that call anyway.
So it complains about 6 things in 3 functions rather than 6 things in 6
functions.
Of dubious worth, but it at least reduces the number of lines you need to
inspect to verify correctness.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
imap: use human-readable helper macro in remote_ip_is_usable
More readable, but helpfully shuts up sparse which complained about some
constants being long.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
imap: cmd_getmetadata_stream_continue returns bool, not int
The behaviour is unchanged, but we shouldn't pretend that -1 is different
from TRUE in a boolean context. Its only caller only cares about whether
it's 0 or not.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
indexer: fix indexer_queue_cancel_all behaviour
-1 is TRUE. Presumably -1 was intended to be passed to the callbacks via
indexer_queue_request_status_int(), not 100.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
auth: master-connection - bail on malformed list
If master is not communicating to us in a syntax we understand, just ask for
it to be unplugged. This changes the behaviour in this error case.
Previously, we returned -1, which is TRUE when converted to a boolean, and
thus this changes the error semantics, and may be horribly wrong. However,
the i_error()s in auth_master_input_line follow the same pattern.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
auth: set_credentials callback being passed an enum, not a bool
This changes the behaviour, as the error case is now mapped onto FALSE.
All non-zero values of course get squashed into true. Found by sparse.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
lib-otp: cast to the correct type of function pointer
sparse complains about the result of the F() cast being the wrong type
for the initialisation, which is true. So just cast to the right type
in the first place.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
imap: fix missing-command check
It's impossible for the command's pointer to be NULL at this point.
Previously, the command_find() would have returned NULL, but this check
presumably short-circuits that search in the trivial case, so has some
real use.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
auth: sparse static cleanup, and some const cleanup
All the consts that are added to pointers represent deep const semantics.
There are other shallow consts that I've not added, as sometimes it's
better to not be const than have something you rely on change when you
think it won't.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
lib: pair VA_COPY with va_end
A va_copy creates a initialised va_list, as if a va_start had been done on it.
Therefore, pedantically, a va_end should also be done on it. On most platforms
this is a no-op, and for those where it isn't, the pairing is important.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
fts: parser-html - parser can fail on attributes='with values in single quotes'
If that value were to contain an odd number of double quotes, then the
HTML_STATE_TAG_(D)QUOTED state would be entered and not exited.
The two quoting types behave basically the same, so just add two new cases
and duplicate the state transition code.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
fts: parser-html - parse_tag_name returns wrong value for comments
This function returns 1 more than the number of additional
characters to be swallowed up by the state transition.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
fts: parser-html - parse_tag_name really does return an integer not a bool
It seems to return 1 more than the number of additional characters
(after '<') are swallowed up by the state change, not a bool. This
would imply that '3' is wrong.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
lib-storage: functions returning bool actually return ints
Their return values are compared as if they are at least tri-state
(-ve, 0, +ve), so really aren't bools at all.
Note - this should cause the code to change in behaviour, and thus might
introduce regressions as previously all non-zeroes would have been mapped
to 1.
Phil Carmody [Tue, 27 May 2014 18:17:34 +0000 (21:17 +0300)]
lib-storage: context's dotlock_last_stale really is bool
It's only ever read as if it's a bool, so it really is a bool. Fix a write
treating it as an int.
Timo Sirainen [Thu, 22 May 2014 01:12:05 +0000 (18:12 -0700)]
lib-storage: Added mailbox_list_index_very_dirty_syncs setting.
This setting assumes that the mailbox list index is up to date and uses it
without stat()ing backend mailbox files/dirs. (As a possible future TODO it
might be useful to still do the stat()ing, but only rarely.)
Timo Sirainen [Thu, 15 May 2014 20:41:55 +0000 (23:41 +0300)]
lib-imap: Use case-insensitive comparisons everywhere for imap_id_send setting parsing.
"os" and "os-version" were case-sensitive while others were not.
Patch by Apple.
Timo Sirainen [Mon, 12 May 2014 09:18:46 +0000 (12:18 +0300)]
acl: Empty negative rights list should be the same as NULL negative rights list.
There may be other places where this should be fixed, but this at least
fixes errors with dsync where "-user" entry without any rights was attempted
to be synced in dovecot-acl (although such entry shouldn't really have
existed in the first place).
Timo Sirainen [Sun, 11 May 2014 18:08:51 +0000 (21:08 +0300)]
lib-mail: message_header_encode_[bq]() now explicitly takes the first line length parameter.
So this change partially reverts the previous change, because
message_header_encode() was actually internally relying on this behavior.
The explicit parameter makes it clearer.
Timo Sirainen [Sun, 11 May 2014 15:28:03 +0000 (18:28 +0300)]
lib-mail: message_header_encode() no longer tries to lookup the first line's length from output string.
This function is used only by Pigeonhole, which only uses it for empty
output strings, so it's not useful there. Also that behavior is somewhat
unexpected and confusing.
The pointer will never be NULL, as it's initialised pointing to an empty
string, and can only be overridden by setting it to another string. So
the test always failed. Instead, check the 1st character of the password.
Phil Carmody [Tue, 6 May 2014 09:44:38 +0000 (12:44 +0300)]
lib: cosmetic - rename parameters so that .h and .c files match
These functions were flagging sparse warnings, but those warnings are
trivially (robotically) dismissable if the parameters are identically
named in the two contexts. Opted for whichever name seemed to be more
meaningful or sensible. e.g. char** became p rather than s, as it's
a pointer more than a string.
Phil Carmody [Wed, 7 May 2014 13:52:22 +0000 (16:52 +0300)]
lib: a couple of trivial sparse cleanups
The #include isn't needed on modern linux, as the macros are already defined
The compiler seems to silently ignore redefinitions in system header files,
so didn't throw a warning, but probably should have, as redefinitions can lead
to insanity.
The cast just makes it explicit that we're changing the prototype.
Phil Carmody [Tue, 6 May 2014 15:10:55 +0000 (18:10 +0300)]
treewide sparse cleanup - make single-unit-only data static
Helps keep the global namespace clean. Not all the things suggested by
sparse have been moved. All DOVECOT_ABI_VERSION strings, and anything
replicated in all-settings.c by src/config/settings-get.pl has been
left untouched. Some of the latter could be moved, but the script would
need to be modified to replicate the 'static' (it outputs 'extern').
Timo Sirainen [Thu, 8 May 2014 10:45:37 +0000 (13:45 +0300)]
lib-storage: Code cleanups and potential crashfix.
Usually in blocks_count_lines() the full_input stream reading doesn't return
eof=true in the last read but only on the next. If this had changed for some
reason the code would have crashed in the assert checks.
projects / thirdparty / dovecot / core.git / log
