X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=notmuch-insert.c;h=a1d564c78cd1eb0f52b126de7c7c4dd257c87888;hp=cd6de88f6891d230bd22048cfa9eee2d94018057;hb=dcfcb4ba7b9dfdb49ec62d8fb47a72fb60540655;hpb=957fc2e1a7d00636c7eaaf487edae65e7a63dc8f diff --git a/notmuch-insert.c b/notmuch-insert.c index cd6de88f..a1d564c7 100644 --- a/notmuch-insert.c +++ b/notmuch-insert.c @@ -67,26 +67,30 @@ safe_gethostname (char *hostname, size_t len) static notmuch_bool_t sync_dir (const char *dir) { - notmuch_bool_t ret; - int fd; + int fd, r; fd = open (dir, O_RDONLY); if (fd == -1) { - fprintf (stderr, "Error: open() dir failed: %s\n", strerror (errno)); + fprintf (stderr, "Error: open %s: %s\n", dir, strerror (errno)); return FALSE; } - ret = (fsync (fd) == 0); - if (! ret) { - fprintf (stderr, "Error: fsync() dir failed: %s\n", strerror (errno)); - } + + r = fsync (fd); + if (r) + fprintf (stderr, "Error: fsync %s: %s\n", dir, strerror (errno)); + close (fd); - return ret; + + return r == 0; } -/* Check the specified folder name does not contain a directory - * component ".." to prevent writes outside of the Maildir hierarchy. */ +/* + * Check the specified folder name does not contain a directory + * component ".." to prevent writes outside of the Maildir + * hierarchy. Return TRUE on valid folder name, FALSE otherwise. + */ static notmuch_bool_t -check_folder_name (const char *folder) +is_valid_folder_name (const char *folder) { const char *p = folder; @@ -100,97 +104,104 @@ check_folder_name (const char *folder) } } -/* Make the given directory, succeeding if it already exists. */ +/* + * Make the given directory and its parents as necessary, using the + * given mode. Return TRUE on success, FALSE otherwise. Partial + * results are not cleaned up on errors. + */ static notmuch_bool_t -make_directory (char *path, int mode) +mkdir_recursive (const void *ctx, const char *path, int mode) { - notmuch_bool_t ret; - char *slash; + struct stat st; + int r; + char *parent = NULL, *slash; - if (mkdir (path, mode) != 0) - return (errno == EEXIST); + /* First check the common case: directory already exists. */ + r = stat (path, &st); + if (r == 0) { + if (! S_ISDIR (st.st_mode)) { + fprintf (stderr, "Error: '%s' is not a directory: %s\n", + path, strerror (EEXIST)); + return FALSE; + } - /* Sync the parent directory for durability. */ - ret = TRUE; - slash = strrchr (path, '/'); - if (slash) { - *slash = '\0'; - ret = sync_dir (path); - *slash = '/'; + return TRUE; + } else if (errno != ENOENT) { + fprintf (stderr, "Error: stat '%s': %s\n", path, strerror (errno)); + return FALSE; } - return ret; -} - -/* Make the given directory including its parent directories as necessary. - * Return TRUE on success, FALSE on error. */ -static notmuch_bool_t -make_directory_and_parents (char *path, int mode) -{ - struct stat st; - char *start; - char *end; - notmuch_bool_t ret; - /* First check the common case: directory already exists. */ - if (stat (path, &st) == 0) - return S_ISDIR (st.st_mode) ? TRUE : FALSE; - - for (start = path; *start != '\0'; start = end + 1) { - /* start points to the first unprocessed character. - * Find the next slash from start onwards. */ - end = strchr (start, '/'); - - /* If there are no more slashes then all the parent directories - * have been made. Now attempt to make the whole path. */ - if (end == NULL) - return make_directory (path, mode); - - /* Make the path up to the next slash, unless the current - * directory component is actually empty. */ - if (end > start) { - *end = '\0'; - ret = make_directory (path, mode); - *end = '/'; - if (! ret) - return FALSE; + /* mkdir parents, if any */ + slash = strrchr (path, '/'); + if (slash && slash != path) { + parent = talloc_strndup (ctx, path, slash - path); + if (! parent) { + fprintf (stderr, "Error: %s\n", strerror (ENOMEM)); + return FALSE; } + + if (! mkdir_recursive (ctx, parent, mode)) + return FALSE; } - return TRUE; + if (mkdir (path, mode)) { + fprintf (stderr, "Error: mkdir '%s': %s\n", path, strerror (errno)); + return FALSE; + } + + return parent ? sync_dir (parent) : TRUE; } -/* Create the given maildir folder, i.e. dir and its subdirectories - * 'cur', 'new', 'tmp'. */ +/* + * Create the given maildir folder, i.e. maildir and its + * subdirectories cur/new/tmp. Return TRUE on success, FALSE + * otherwise. Partial results are not cleaned up on errors. + */ static notmuch_bool_t -maildir_create_folder (void *ctx, const char *dir) +maildir_create_folder (const void *ctx, const char *maildir) { + const char *subdirs[] = { "cur", "new", "tmp" }; const int mode = 0700; char *subdir; - char *tail; + unsigned int i; - /* Create 'cur' directory, including parent directories. */ - subdir = talloc_asprintf (ctx, "%s/cur", dir); - if (! subdir) { - fprintf (stderr, "Out of memory.\n"); - return FALSE; + for (i = 0; i < ARRAY_SIZE (subdirs); i++) { + subdir = talloc_asprintf (ctx, "%s/%s", maildir, subdirs[i]); + if (! subdir) { + fprintf (stderr, "Error: %s\n", strerror (ENOMEM)); + return FALSE; + } + + if (! mkdir_recursive (ctx, subdir, mode)) + return FALSE; } - if (! make_directory_and_parents (subdir, mode)) - return FALSE; - tail = subdir + strlen (subdir) - 3; + return TRUE; +} - /* Create 'new' directory. */ - strcpy (tail, "new"); - if (! make_directory (subdir, mode)) - return FALSE; +/* + * Generate a temporary file basename, no path, do not create an + * actual file. Return the basename, or NULL on errors. + */ +static char * +tempfilename (const void *ctx) +{ + char *filename; + char hostname[256]; + struct timeval tv; + pid_t pid; - /* Create 'tmp' directory. */ - strcpy (tail, "tmp"); - if (! make_directory (subdir, mode)) - return FALSE; + /* We follow the Dovecot file name generation algorithm. */ + pid = getpid (); + safe_gethostname (hostname, sizeof (hostname)); + gettimeofday (&tv, NULL); - talloc_free (subdir); - return TRUE; + filename = talloc_asprintf (ctx, "%ld.M%ldP%d.%s", + tv.tv_sec, tv.tv_usec, pid, hostname); + if (! filename) + fprintf (stderr, "Error: %s\n", strerror (ENOMEM)); + + return filename; } /* Open a unique file in the 'tmp' sub-directory of dir. @@ -202,23 +213,13 @@ static int maildir_open_tmp_file (void *ctx, const char *dir, char **tmppath, char **newpath, char **newdir) { - pid_t pid; - char hostname[256]; - struct timeval tv; char *filename; int fd = -1; - /* We follow the Dovecot file name generation algorithm. */ - pid = getpid (); - safe_gethostname (hostname, sizeof (hostname)); do { - gettimeofday (&tv, NULL); - filename = talloc_asprintf (ctx, "%ld.M%ldP%d.%s", - tv.tv_sec, tv.tv_usec, pid, hostname); - if (! filename) { - fprintf (stderr, "Out of memory\n"); + filename = tempfilename (ctx); + if (! filename) return -1; - } *tmppath = talloc_asprintf (ctx, "%s/tmp/%s", dir, filename); if (! *tmppath) { @@ -248,11 +249,12 @@ maildir_open_tmp_file (void *ctx, const char *dir, return fd; } -/* Copy the contents of standard input (fdin) into fdout. - * Returns TRUE if a non-empty file was written successfully. - * Otherwise, return FALSE. */ +/* + * Copy fdin to fdout, return TRUE on success, and FALSE on errors and + * empty input. + */ static notmuch_bool_t -copy_stdin (int fdin, int fdout) +copy_fd (int fdout, int fdin) { notmuch_bool_t empty = TRUE; @@ -291,6 +293,55 @@ copy_stdin (int fdin, int fdout) return (!interrupted && !empty); } +static notmuch_bool_t +write_message (void *ctx, int fdin, const char *dir, char **newpath) +{ + char *tmppath; + char *newdir; + char *cleanup_path; + int fdout; + + fdout = maildir_open_tmp_file (ctx, dir, &tmppath, newpath, &newdir); + if (fdout < 0) + return FALSE; + + cleanup_path = tmppath; + + if (! copy_fd (fdout, fdin)) + goto FAIL; + + if (fsync (fdout) != 0) { + fprintf (stderr, "Error: fsync failed: %s\n", strerror (errno)); + goto FAIL; + } + + close (fdout); + fdout = -1; + + /* Atomically move the new message file from the Maildir 'tmp' directory + * to the 'new' directory. We follow the Dovecot recommendation to + * simply use rename() instead of link() and unlink(). + * See also: http://wiki.dovecot.org/MailboxFormat/Maildir#Mail_delivery + */ + if (rename (tmppath, *newpath) != 0) { + fprintf (stderr, "Error: rename() failed: %s\n", strerror (errno)); + goto FAIL; + } + + cleanup_path = *newpath; + + if (! sync_dir (newdir)) + goto FAIL; + + return TRUE; + + FAIL: + if (fdout >= 0) + close (fdout); + unlink (cleanup_path); + return FALSE; +} + /* Add the specified message file to the notmuch database, applying tags. * The file is renamed to encode notmuch tags as maildir flags. */ static void @@ -337,62 +388,6 @@ add_file_to_database (notmuch_database_t *notmuch, const char *path, notmuch_message_destroy (message); } -static notmuch_bool_t -insert_message (void *ctx, notmuch_database_t *notmuch, int fdin, - const char *dir, tag_op_list_t *tag_ops, - notmuch_bool_t synchronize_flags) -{ - char *tmppath; - char *newpath; - char *newdir; - int fdout; - char *cleanup_path; - - fdout = maildir_open_tmp_file (ctx, dir, &tmppath, &newpath, &newdir); - if (fdout < 0) - return FALSE; - - cleanup_path = tmppath; - - if (! copy_stdin (fdin, fdout)) - goto FAIL; - - if (fsync (fdout) != 0) { - fprintf (stderr, "Error: fsync failed: %s\n", strerror (errno)); - goto FAIL; - } - - close (fdout); - fdout = -1; - - /* Atomically move the new message file from the Maildir 'tmp' directory - * to the 'new' directory. We follow the Dovecot recommendation to - * simply use rename() instead of link() and unlink(). - * See also: http://wiki.dovecot.org/MailboxFormat/Maildir#Mail_delivery - */ - if (rename (tmppath, newpath) != 0) { - fprintf (stderr, "Error: rename() failed: %s\n", strerror (errno)); - goto FAIL; - } - - cleanup_path = newpath; - - if (! sync_dir (newdir)) - goto FAIL; - - /* Even if adding the message to the notmuch database fails, - * the message is on disk and we consider the delivery completed. */ - add_file_to_database (notmuch, newpath, tag_ops, synchronize_flags); - - return TRUE; - - FAIL: - if (fdout >= 0) - close (fdout); - unlink (cleanup_path); - return FALSE; -} - int notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) { @@ -407,9 +402,9 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) notmuch_bool_t create_folder = FALSE; notmuch_bool_t synchronize_flags; const char *maildir; + char *newpath; int opt_index; unsigned int i; - notmuch_bool_t ret; notmuch_opt_desc_t options[] = { { NOTMUCH_OPT_STRING, &folder, "folder", 0, 0 }, @@ -431,6 +426,15 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) return EXIT_FAILURE; } for (i = 0; i < new_tags_length; i++) { + const char *error_msg; + + error_msg = illegal_tag (new_tags[i], FALSE); + if (error_msg) { + fprintf (stderr, "Error: tag '%s' in new.tags: %s\n", + new_tags[i], error_msg); + return EXIT_FAILURE; + } + if (tag_op_list_append (tag_ops, new_tags[i], FALSE)) return EXIT_FAILURE; } @@ -447,8 +451,8 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) if (folder == NULL) { maildir = db_path; } else { - if (! check_folder_name (folder)) { - fprintf (stderr, "Error: bad folder name: %s\n", folder); + if (! is_valid_folder_name (folder)) { + fprintf (stderr, "Error: invalid folder name: '%s'\n", folder); return EXIT_FAILURE; } maildir = talloc_asprintf (config, "%s/%s", db_path, folder); @@ -456,11 +460,8 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) fprintf (stderr, "Out of memory\n"); return EXIT_FAILURE; } - if (create_folder && ! maildir_create_folder (config, maildir)) { - fprintf (stderr, "Error: creating maildir %s: %s\n", - maildir, strerror (errno)); + if (create_folder && ! maildir_create_folder (config, maildir)) return EXIT_FAILURE; - } } /* Setup our handler for SIGINT. We do not set SA_RESTART so that copying @@ -475,10 +476,18 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) NOTMUCH_DATABASE_MODE_READ_WRITE, ¬much)) return EXIT_FAILURE; - ret = insert_message (config, notmuch, STDIN_FILENO, maildir, tag_ops, - synchronize_flags); + /* Write the message to the Maildir new directory. */ + if (! write_message (config, STDIN_FILENO, maildir, &newpath)) { + notmuch_database_destroy (notmuch); + return EXIT_FAILURE; + } - notmuch_database_destroy (notmuch); + /* Add the message to the index. + * Even if adding the message to the notmuch database fails, + * the message is on disk and we consider the delivery completed. */ + add_file_to_database (notmuch, newpath, tag_ops, + synchronize_flags); - return ret ? EXIT_SUCCESS : EXIT_FAILURE; + notmuch_database_destroy (notmuch); + return EXIT_SUCCESS; }