1 Return-Path: <amdragon@mit.edu>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 109F8429E27
\r
6 for <notmuch@notmuchmail.org>; Tue, 29 Jul 2014 09:48:54 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5
\r
12 tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id 6wi0IWg979Eh for <notmuch@notmuchmail.org>;
\r
16 Tue, 29 Jul 2014 09:48:47 -0700 (PDT)
\r
17 Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu
\r
19 by olra.theworths.org (Postfix) with ESMTP id 7872F431FCF
\r
20 for <notmuch@notmuchmail.org>; Tue, 29 Jul 2014 09:48:22 -0700 (PDT)
\r
21 X-AuditID: 12074422-f79be6d000007518-ed-53d7d05395ff
\r
22 Received: from mailhub-auth-3.mit.edu ( [18.9.21.43])
\r
23 (using TLS with cipher AES256-SHA (256/256 bits))
\r
24 (Client did not present a certificate)
\r
25 by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP
\r
26 id C7.02.29976.350D7D35; Tue, 29 Jul 2014 12:48:19 -0400 (EDT)
\r
27 Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11])
\r
28 by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id s6TGmI6r030917;
\r
29 Tue, 29 Jul 2014 12:48:18 -0400
\r
30 Received: from drake.dyndns.org (31-33-71.wireless.csail.mit.edu
\r
31 [128.31.33.71]) (authenticated bits=0)
\r
32 (User authenticated as amdragon@ATHENA.MIT.EDU)
\r
33 by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s6TGmFRk030274
\r
34 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
\r
35 Tue, 29 Jul 2014 12:48:17 -0400
\r
36 Received: from amthrax by drake.dyndns.org with local (Exim 4.77)
\r
37 (envelope-from <amdragon@mit.edu>)
\r
38 id 1XCAZT-0007HB-1I; Tue, 29 Jul 2014 12:48:15 -0400
\r
39 From: Austin Clements <amdragon@MIT.EDU>
\r
40 To: notmuch@notmuchmail.org
\r
41 Subject: [PATCH v2 13/14] lib: Return an error from operations that require an
\r
43 Date: Tue, 29 Jul 2014 12:48:11 -0400
\r
44 Message-Id: <1406652492-27803-14-git-send-email-amdragon@mit.edu>
\r
45 X-Mailer: git-send-email 2.0.0
\r
46 In-Reply-To: <1406652492-27803-1-git-send-email-amdragon@mit.edu>
\r
47 References: <1406652492-27803-1-git-send-email-amdragon@mit.edu>
\r
48 X-Brightmail-Tracker:
\r
49 H4sIAAAAAAAAA+NgFtrDIsWRmVeSWpSXmKPExsUixCmqrRt84XqwwZa96har5/JYXL85k9mB
\r
50 yWPnrLvsHs9W3WIOYIrisklJzcksSy3St0vgyrh94zJzwQ3tiv6unawNjM0qXYycHBICJhL7
\r
51 JtxkhrDFJC7cW8/WxcjFISQwm0liwop+NpCEkMBGRon2GZIQiWNMEr+PTmOGcOYySszd084I
\r
52 UsUmoCGxbf9yMFtEQFpi593ZrCA2s4CjxOf9i8AmCQuESUy9/AmshkVAVeLE8XksIDYvUE3b
\r
53 y2YWiDPkJBpufAKr5wSK37p3lwniCgeJQ7M2s0xg5F/AyLCKUTYlt0o3NzEzpzg1Wbc4OTEv
\r
54 L7VI11QvN7NELzWldBMjKJDYXZR2MP48qHSIUYCDUYmHd8Pca8FCrIllxZW5hxglOZiURHn1
\r
55 9l0PFuJLyk+pzEgszogvKs1JLT7EKMHBrCTCy3cWKMebklhZlVqUD5OS5mBREud9a20VLCSQ
\r
56 nliSmp2aWpBaBJOV4eBQkuA1Og/UKFiUmp5akZaZU4KQZuLgBBnOAzS8GaSGt7ggMbc4Mx0i
\r
57 f4pRUUqcN/scUEIAJJFRmgfXC4v0V4ziQK8I87aBtPMAkwRc9yugwUxAg1ldwAaXJCKkpBoY
\r
58 S78sOBr4WFjlydsDCdOlj06cc33++l5v+4RF7HnTFDY+67xzMoZRaNLS1XcVnF8GWDKt/Vze
\r
59 vHde/LW+B25FkmeskyqEF8y/33w7Z8klm0N2nQrb2lI4uN3eH9yY8W/ajeCpm2q219aUJX9S
\r
60 tU66tWjmjP1ec0UUJ6tcsnefZHvZxmLuhovsl5VYijMSDbWYi4oTAT5BzPHPAgAA
\r
61 X-BeenThere: notmuch@notmuchmail.org
\r
62 X-Mailman-Version: 2.1.13
\r
64 List-Id: "Use and development of the notmuch mail system."
\r
65 <notmuch.notmuchmail.org>
\r
66 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
67 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
68 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
69 List-Post: <mailto:notmuch@notmuchmail.org>
\r
70 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
71 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
72 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
73 X-List-Received-Date: Tue, 29 Jul 2014 16:48:54 -0000
\r
75 Previously, there was no protection against a caller invoking an
\r
76 operation on an old database version that would effectively corrupt
\r
77 the database by treating it like a newer version.
\r
79 According to notmuch.h, any caller that opens the database in
\r
80 read/write mode is supposed to check if the database needs upgrading
\r
81 and perform an upgrade if it does. This would protect against this,
\r
82 but nobody (even the CLI) actually does this.
\r
84 However, with features, it's easy to protect against incompatible
\r
85 operations on a fine-grained basis. This lightweight change allows
\r
86 callers to safely operate on old database versions, while preventing
\r
87 specific operations that would corrupt the database with an
\r
88 informative error message.
\r
90 lib/database.cc | 5 +++++
\r
91 lib/directory.cc | 5 +++++
\r
92 lib/message.cc | 8 ++++++++
\r
93 lib/notmuch.h | 16 ++++++++++++++++
\r
94 4 files changed, 34 insertions(+)
\r
96 diff --git a/lib/database.cc b/lib/database.cc
\r
97 index 987b0a6..b323691 100644
\r
98 --- a/lib/database.cc
\r
99 +++ b/lib/database.cc
\r
100 @@ -310,6 +310,8 @@ notmuch_status_to_string (notmuch_status_t status)
\r
101 return "Unbalanced number of calls to notmuch_database_begin_atomic/end_atomic";
\r
102 case NOTMUCH_STATUS_UNSUPPORTED_OPERATION:
\r
103 return "Unsupported operation";
\r
104 + case NOTMUCH_STATUS_UPGRADE_REQUIRED:
\r
105 + return "Operation requires a database upgrade";
\r
107 case NOTMUCH_STATUS_LAST_STATUS:
\r
108 return "Unknown error status value";
\r
109 @@ -2217,6 +2219,9 @@ notmuch_database_find_message_by_filename (notmuch_database_t *notmuch,
\r
110 if (message_ret == NULL)
\r
111 return NOTMUCH_STATUS_NULL_POINTER;
\r
113 + if (! (notmuch->features & NOTMUCH_FEATURE_FILE_TERMS))
\r
114 + return NOTMUCH_STATUS_UPGRADE_REQUIRED;
\r
116 /* return NULL on any failure */
\r
117 *message_ret = NULL;
\r
119 diff --git a/lib/directory.cc b/lib/directory.cc
\r
120 index 6a3ffed..8daaec8 100644
\r
121 --- a/lib/directory.cc
\r
122 +++ b/lib/directory.cc
\r
123 @@ -105,6 +105,11 @@ _notmuch_directory_create (notmuch_database_t *notmuch,
\r
124 const char *db_path;
\r
125 notmuch_bool_t create = (flags & NOTMUCH_FIND_CREATE);
\r
127 + if (! (notmuch->features & NOTMUCH_FEATURE_DIRECTORY_DOCS)) {
\r
128 + *status_ret = NOTMUCH_STATUS_UPGRADE_REQUIRED;
\r
132 *status_ret = NOTMUCH_STATUS_SUCCESS;
\r
134 path = _notmuch_database_relative_path (notmuch, path);
\r
135 diff --git a/lib/message.cc b/lib/message.cc
\r
136 index 4fc427f..1618e81 100644
\r
137 --- a/lib/message.cc
\r
138 +++ b/lib/message.cc
\r
139 @@ -653,6 +653,10 @@ _notmuch_message_add_filename (notmuch_message_t *message,
\r
140 if (filename == NULL)
\r
141 INTERNAL_ERROR ("Message filename cannot be NULL.");
\r
143 + if (! (message->notmuch->features & NOTMUCH_FEATURE_FILE_TERMS) ||
\r
144 + ! (message->notmuch->features & NOTMUCH_FEATURE_BOOL_FOLDER))
\r
145 + return NOTMUCH_STATUS_UPGRADE_REQUIRED;
\r
147 relative = _notmuch_database_relative_path (message->notmuch, filename);
\r
149 status = _notmuch_database_split_path (local, relative, &directory, NULL);
\r
150 @@ -697,6 +701,10 @@ _notmuch_message_remove_filename (notmuch_message_t *message,
\r
151 notmuch_private_status_t private_status;
\r
152 notmuch_status_t status;
\r
154 + if (! (message->notmuch->features & NOTMUCH_FEATURE_FILE_TERMS) ||
\r
155 + ! (message->notmuch->features & NOTMUCH_FEATURE_BOOL_FOLDER))
\r
156 + return NOTMUCH_STATUS_UPGRADE_REQUIRED;
\r
158 status = _notmuch_database_filename_to_direntry (
\r
159 local, message->notmuch, filename, NOTMUCH_FIND_LOOKUP, &direntry);
\r
160 if (status || !direntry)
\r
161 diff --git a/lib/notmuch.h b/lib/notmuch.h
\r
162 index 3c5ec98..cbf2ba5 100644
\r
163 --- a/lib/notmuch.h
\r
164 +++ b/lib/notmuch.h
\r
165 @@ -160,6 +160,10 @@ typedef enum _notmuch_status {
\r
167 NOTMUCH_STATUS_UNSUPPORTED_OPERATION,
\r
169 + * The operation requires a database upgrade.
\r
171 + NOTMUCH_STATUS_UPGRADE_REQUIRED,
\r
173 * Not an actual status value. Just a way to find out how many
\r
174 * valid status values there are.
\r
176 @@ -438,6 +442,9 @@ notmuch_database_end_atomic (notmuch_database_t *notmuch);
\r
178 * NOTMUCH_STATUS_XAPIAN_EXCEPTION: A Xapian exception occurred;
\r
179 * directory not retrieved.
\r
181 + * NOTMUCH_STATUS_UPGRADE_REQUIRED: The caller must upgrade the
\r
182 + * database to use this function.
\r
185 notmuch_database_get_directory (notmuch_database_t *database,
\r
186 @@ -490,6 +497,9 @@ notmuch_database_get_directory (notmuch_database_t *database,
\r
188 * NOTMUCH_STATUS_READ_ONLY_DATABASE: Database was opened in read-only
\r
189 * mode so no message can be added.
\r
191 + * NOTMUCH_STATUS_UPGRADE_REQUIRED: The caller must upgrade the
\r
192 + * database to use this function.
\r
195 notmuch_database_add_message (notmuch_database_t *database,
\r
196 @@ -520,6 +530,9 @@ notmuch_database_add_message (notmuch_database_t *database,
\r
198 * NOTMUCH_STATUS_READ_ONLY_DATABASE: Database was opened in read-only
\r
199 * mode so no message can be removed.
\r
201 + * NOTMUCH_STATUS_UPGRADE_REQUIRED: The caller must upgrade the
\r
202 + * database to use this function.
\r
205 notmuch_database_remove_message (notmuch_database_t *database,
\r
206 @@ -575,6 +588,9 @@ notmuch_database_find_message (notmuch_database_t *database,
\r
207 * NOTMUCH_STATUS_OUT_OF_MEMORY: Out of memory, creating the message object
\r
209 * NOTMUCH_STATUS_XAPIAN_EXCEPTION: A Xapian exception occurred
\r
211 + * NOTMUCH_STATUS_UPGRADE_REQUIRED: The caller must upgrade the
\r
212 + * database to use this function.
\r
215 notmuch_database_find_message_by_filename (notmuch_database_t *notmuch,
\r