Commit Graph

1300 Commits

Author SHA1 Message Date
Oswald Buddenhagen
a266f28f1c cancel submitted commands when canceling store
we already have some minimal asynchronicity, so there might be commands
in flight when a fatal error comes in.
2012-09-01 16:03:36 +02:00
Oswald Buddenhagen
171f7d6cd3 Socket_t + buffer_t => conn_t
remove the layering, in favor of a "buffered connection" abstraction.
2012-09-01 16:03:36 +02:00
Oswald Buddenhagen
3447694c2b security fix: failure to load the certificate file is *not* OK ... 2012-09-01 16:03:36 +02:00
Oswald Buddenhagen
ef41349035 move socket code to a separate file
this makes the layering more obvious
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
d1ee94f02c move greeting response handling into get_cmd_result()
the primary purpose of this is getting rid of the "free-standing"
buffer_gets() call.
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
584e51ed7d docs
- insert "separator comments" between driver entry points
- document driver API
- document sync_vars_t parts that are stored in the sync state header
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
2ab689b3df make imap_exec() result reporting callback-based
this makes the IMAP command submission interface asynchronous.

the functions still have synchronous return codes as well - this enables
clean error return paths. only when we invoke callbacks we resort to
refcounting.

as a "side effect", properly sequence commands after CREATE resulting
from [TRYCREATE].
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
e5d323cc47 rely on the maildir's existence with "SyncState *"
now that we open the box first, we know that it will exist at this
point.
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
3169c59e10 validate maildirs more strictly
now that "SyncState *" won't create fake mailboxes any more, we can make
a full validity check again.
2012-09-01 16:03:35 +02:00
Oswald Buddenhagen
05fd0b9970 split out drv->load() from drv->select() 2012-09-01 16:02:50 +02:00
Oswald Buddenhagen
c741d5ffb5 make creation of trash folder independent from -C option
the trash is not a box which is synced, but a "byproduct" of
manipulating synced boxes, so it makes no sense to bind it to the same
option.
2012-07-30 01:21:32 +02:00
Oswald Buddenhagen
7addc3bea8 minor cleanup: use ctx->gen instead of gctx for consistency 2012-07-30 01:21:32 +02:00
Oswald Buddenhagen
424e0e7221 make callbacks return early when canceling
even after driver->cancel() the store may complete commands successfully.
return early in this case, so we don't attempt to continue syncing.
2012-07-30 01:21:32 +02:00
Oswald Buddenhagen
ea951a697f fix error paths wrt sync drivers, take 2
synchronous error codes which are passed through callbacks aren't a
particularly good idea, after all: latest when the callback does stuff
which does not concern the caller, the return code becomes ambiguous.
instead, protect the sync_vars object with a refcount when invoking
driver functions from loops, as the callbacks they call could invalidate
the object and we would have no way of knowing that the loop should be
aborted prematurely. the upcoming async imap driver will also need a
refcount to protect the cancelation marker of the imap socket dispatcher
loop.
2012-07-30 01:21:32 +02:00
Oswald Buddenhagen
ec8f440383 don't call cancel() repeatedly on a store
erroring command replies will trickle in even after canceling
2012-07-30 01:21:32 +02:00
Oswald Buddenhagen
b0bbd23512 replace DRV_STORE_BAD with a separate bad_callback()
that way we don't have to piggy-back (possibly asynchronous) fatal
errors to particular commands.

internally, the drivers still use synchronous return values as well,
so they don't try to access the invalidated store after calling back.
2012-07-30 01:21:31 +02:00
Oswald Buddenhagen
6d86e5347e don't access free'd memory in cancel_sync()
as it happens, the 1st round *may* trash svars - if we get the
cancelation request after the slave store has already died.
2012-07-29 12:26:38 +02:00
Oswald Buddenhagen
9554026443 make drv->cancel()'s callback have no status code
this function is not going to actually execute any commands, so it
makes no sense for the callback to have a status code.
2012-07-29 12:25:24 +02:00
Oswald Buddenhagen
57444e9df9 don't decode aux pointer on DRV_CANCELED
the aux data was already free()d by the error callback by the time we
get this status code.
2012-07-22 20:19:20 +02:00
Oswald Buddenhagen
06ccac1fdd always use return value from get_cmd_result()
once we have callback-based error reporting, this will ensure that we
don't operate on invalidated data structures.
2012-07-22 17:27:42 +02:00
Oswald Buddenhagen
121ce76e46 make response code parse failure of untagged OK/NO/BYE/BAD non-fatal
as such, it does not disrupt the data stream
2012-07-22 17:27:42 +02:00
Oswald Buddenhagen
d2e13f147c de-duplicate code a bit 2012-07-22 17:27:40 +02:00
Oswald Buddenhagen
4d4de6e275 remove redundant use_ssl variables
just use the presence of an SSL object as an indicator. if something
goes wrong during the ssl handshake or certificate validation, the
socket must be immediately closed anyway.
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
fd229040d8 DRV_SERVER_BAD is and will probably stay unused => trash 2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
17dc64b414 after [TRYCREATE], just resend the same command instead of cloning it 2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
83efbe327d use return values from correct set in get_cmd_result()
DRV_OK == RESP_OK, so this worked by accident
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
99cc328f17 do away with the dreaded rcaps hack
don't pretend that the server has no literal+ for the time of the
first relevant command's synchronous execution. instead, enable the
lower layer to do the processing by telling it for which commands
trashnc ("trash's existence not confirmed") is relevant.
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
1545ed90a0 purge imap_store_t::currentnc vestiges
we always actually open the mailbox before appending to it, so we
obviously know that it exists - that's why the code was already
commented out. changing this assumption would significantly complicate
matters for little gain, so let's just assume it won't happen.

consequently, also don't set param.create when appending to regular
mailboxes.
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
c66afdc0a8 move setting of ctx->listed outside the drivers
it's essentially an external state flag
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
7bab2d6d94 de-duplicate error paths
makes the code more compact. yay for gotos.
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
f6a25b331f check return value from close() after write()
otherwise we may lose data when quota is exceeded
or nfs is in a bad mood.
2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
61d98c5a1d fix a bunch of warnings 2012-07-07 18:00:47 +02:00
Oswald Buddenhagen
4afd31a457 avoid preprocessor warnings on missing features: #if => #ifdef 2011-03-27 12:06:41 +02:00
Oswald Buddenhagen
cf6a7b4d18 less bizarre code
we know that there is only one command in progress, so there
is no need to employ tricks to access the last command.
2011-03-27 11:54:48 +02:00
Oswald Buddenhagen
7e1c16ae02 make cram() sane
- don't silently fail in release mode (expression with side effects
  inside assert())
- save some redundand strlen()s by not throwing away known lengths
- reorganize the code for legibility
2011-03-27 11:54:48 +02:00
Oswald Buddenhagen
058d01f179 don't compare find_old_done with find_new_total
this didn't have any effect as no async drivers currently exist.
2011-03-27 11:54:48 +02:00
Oswald Buddenhagen
9e10e871fd don't hang if store cannot be opened asynchronously 2011-03-27 11:54:48 +02:00
Oswald Buddenhagen
2c729bf9e6 don't leak SSL objects 2011-03-27 11:54:45 +02:00
Oswald Buddenhagen
296ac0364c add CR after TUID during LF => CRLF conversion 2011-03-27 11:54:02 +02:00
Oswald Buddenhagen
8df1ebaf40 fix (another) out-of-bounds access in CRLF conversion
if the header contained no CRs but the body (or the post-TUID part of
the header) did, the TUID insertion would add an excess CR, thus
overflowing the buffer by one byte.
2011-03-27 11:54:02 +02:00
Oswald Buddenhagen
39006d7f24 document some breakage 2010-11-14 17:23:59 +01:00
Oswald Buddenhagen
d637772339 turns out, free(NULL) is just fine ... 2010-11-14 16:44:50 +01:00
Oswald Buddenhagen
e1fa867423 fix UIDNEXT handling
UIDNEXT *can* be legally zero, so deal with it.

-REFMAIL: 4CA62BA1.4020104@lemma.co.uk
2010-10-03 14:33:24 +02:00
Oswald Buddenhagen
5ade279839 don't hang after failed start_tls()
we'd send a LOGOUT command in plain text while the server was already
expecting an encrypted command, which would typically lead to waiting
for more data and thus an indefinite hang.
so close the socket immediately instead of letting the normal shutdown
path take care of it.
inspired by a patch by Steven Flintham.

-REFMAIL: 4C9AB98E.3000400@lemma.co.uk
2010-10-03 12:37:59 +02:00
Oswald Buddenhagen
70e87eb99e remove useless message
don't complain about missing greeting response - we already complained
about an unexpected EOF anyway.
2010-10-03 12:37:59 +02:00
Oswald Buddenhagen
90a38ea810 assert valid file handles
i've seen error logs of the type
  SSL_write: Bad file descriptor
and i simply can't nail it, so go for some more drastic measures.
2010-10-03 12:37:59 +02:00
Oswald Buddenhagen
72fd2aafb7 formatting 2010-10-03 12:37:59 +02:00
Oswald Buddenhagen
122e09fe60 beautify error messages
don't print the error number - we print the error string anyway, so it
adds no value.
add some whitespace to the messages as well.
2010-10-03 12:37:10 +02:00
Oswald Buddenhagen
db2bbbfef8 fix uninitialized variable read
this is basically a security fix for nonsensical configurations:
if the specified CertificateFile did not contain any certificates,
we *might* have accepted an arbitrary server certificate.
2010-04-05 13:06:58 +02:00
Oswald Buddenhagen
516c3bfa99 remove mail addresses from man pages
apparently, some people don't see the "maintained by" bits, so make them
look harder for explicit contact information (to be found in AUTHORS).
2010-02-28 22:23:20 +01:00