user/dev discussion of public-inbox itself
 help / color / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: Eric Wong <e@80x24.org>
Cc: meta@public-inbox.org
Subject: Re: [PATCH] PublicInbox::Import Extend add with a optional raw message parameter
Date: Sun, 19 May 2019 13:14:30 -0500
Message-ID: <87woimpb09.fsf@xmission.com> (raw)
In-Reply-To: <20190518213951.ficerfsawms4z7dh@dcvr> (Eric Wong's message of "Sat, 18 May 2019 21:39:51 +0000")

Eric Wong <e@80x24.org> writes:

> "Eric W. Biederman" <ebiederm@xmission.com> wrote:
>> Eric Wong <e@80x24.org> writes:
>> 
>> > "Eric W. Biederman" <ebiederm@xmission.com> wrote:
>> >> 
>> >> I don't trust the MIME type to not munge my email messages in horrible
>> >> ways upon occasion.  Therefore  allow for passing in the raw message
>> >> value instead of trusting the mime object to preserve it.
>> >> 
>> >> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
>> >
>> > I've had the same concern in the past about Email::MIME and
>> > Email::Simple.  But after reading the code for Email::MIME,
>> > Email::Simple and Email::{MIME,Simple}::Header, I don't think
>> > the implementation of Email::MIME->as_string and all methods it
>> > calls does anything unreasonable.
>> >
>> > The only notable munging they seem to do is make irrelevant
>> > whitespace changes in headers and maybe fix quoting in headers.
>> > No body changes AFAIK.
>> 
>> I was hoping I could skip the Email::MIME stuff entirely but the headers
>> do need a bit of parsing to derive the git commit information.
>
> Perhaps parsing git commit information can be skipped, entirely
> (but it's still necessary for indexing, so I'm not sure if there's
>  any gain, there).
>
>> I will take a second look at the code.  I did not make it all of the
>> way through last time.  I just know the bazillions of warnings I could
>> not easily track down with old emails did not make me comfortable
>> with that code base as anything other than a suggestion.
>
> Ah, I added ce18b29d175ef5f01f05d59c95bcf8e0cd40e611
> ("index: warn with info about the message as context") exactly
> for that.

Knowing what the code is doing in those modules would be interesting.

>> >> The context here is because the only copy of messages that I save
>> >> I save in public-inbox I don't want to have to worry about losing
>> >> information.  So I just pass the raw email_str to add.
>> >> 
>> >> I expect if I were to export these lists public I would want to do
>> >> some more but for now I am just putting them in public-inbox
>> >> so that I can read and archive the lists locally.
>> >
>> > I worry about public archives getting badly munged, too.
>> >
>> >>  lib/PublicInbox/Import.pm     | 10 +++++-----
>> >>  lib/PublicInbox/V2Writable.pm |  8 ++++----
>> >>  2 files changed, 9 insertions(+), 9 deletions(-)
>> >
>> > Did you have plans to modify -mda/-watch or another script to
>> > use this?
>> 
>> I have been using this for a while with my own imap fetcher
>> script.  As for the others I certain could.  I don't use -mda
>> or -watch so they have not been a priority.
>
> OK.  Tangent: which IMAP module(s) did you choose? (and why?)
> I haven't gotten a chance to evaluate Perl IMAP client modules,
> yet; but I want to extend -watch to support IMAP.

The first one I found Mail::IMAPClient.  There are a few hiccups but it
seems to work for my purposes.  The hiccups are basically exceptions
thrown on failure and the PublicInbox modules not cleaning up after
themselves.  So I fork a process and let it exit when an die is called.
Instead of running the entire thing in a eval block.

I hope one of these days to upgrade it to use idle support but I haven't
gotten that far.  So far I just have a polling loop that runs every 5
minutes.

Oh that and IO::Socket::SSL.  Something that is currently missing  (or
at least missing until recently I haven't check in the last couple of
months) is ssl support for our nntp sockets.  So do imap or prevent
mischief for our nntp streams we need to use tls.  Which IO::Socket::SSL
seems to do.

But again I grabbed the first implementation that seems to work.  Going
through those modules in detail to make certain nothing goofy is going
on might be wise.

>> >> diff --git a/lib/PublicInbox/Import.pm b/lib/PublicInbox/Import.pm
>> >> index 81a38fb6987d..0a63784414f2 100644
>> >> --- a/lib/PublicInbox/Import.pm
>> >> +++ b/lib/PublicInbox/Import.pm
>> >> @@ -359,7 +359,7 @@ sub clean_tree_v2 ($$$) {
>> >>  # returns undef on duplicate
>> >>  # returns the :MARK of the most recent commit
>> >>  sub add {
>> >> -	my ($self, $mime, $check_cb) = @_; # mime = Email::MIME
>> >> +	my ($self, $mime, $check_cb, $email_str) = @_; # mime = Email::MIME
>> >
>> > I usually place callback args at the end of the arg list so
>> > it's easy to write:
>> >
>> > 	$im->add($mime, sub {
>> > 		# ...
>> > 	});
>> >
>> > So having a parameter after the sub{} is a bit ugly...
>> > If I had to support this, I think I'd accept $mime being
>> > a plain hashref:
>> >
>> > 	if (ref($mime) eq 'HASH') {
>> > 		$raw = $mime->{raw};
>> > 		$mime = $mime->{mime};
>> > 	} else {
>> > 		$raw = $mime->as_string;
>> > 	}
>> >
>> > But, I'm still on the fence about the idea...
>> >
>> > Side note: I'm also taking the opportunity to use "$raw" instead
>> > of "$str", because I've been bitten by the difference header_raw
>> > vs header_str in the Email::MIME API, so consistency with
>> > that API would be good, here.
>> 
>> Yes the distinction about "$raw" is fair,
>> and the placement in the argument list makes sense.
>> 
>> As for the hashref.  Perhaps what I should do is modify
>> PublicInbox::MIME to at least conditionally keep the original raw email
>> around.  Then the logic to get the raw email could be kept in
>> PublicInbox::MIME as well.
>
> Actually, since Perl "objects" are open-ended hashrefs with no
> restrictions, we could set:
>
> 	$mime->{-public_inbox_raw} = $raw;
> 	$im->add($mime);
>
> That would work for any code using Email::MIME, as well.  I
> don't want the PublicInbox::MIME wrapper to be necessary forever
> (it's only to workaround old bugs in Email::MIME).
>
> And I doubt Email::* authors will start using "-public_inbox"
> prefixes in their code to mess with us.
>
> One caveat is we might need to modify our (Simple|MIME)->new callers:
>
> -	::(Simple|MIME)->new(\$raw);
> +	::(Simple|MIME)->new($raw);
>
> since Email::Simple->new(\$raw) can clobber $raw in the
> interest of memory savings, while the former preserves
> the original.

Noted.

>> Which let's me think the general solution is to have a configuration
>> option somewhere that says we want to archive the raw email.  We
>> update PublicInbox::MIME to always keep the original raw email.
>> 
>> If add is not configured to drop any headers we use the raw original
>> email str.  If add drops any headers we do what we do today.
>> 
>> I think perhaps we could move all of the scrubbing into
>> PublicInbox::Filter::Base.pm::scrub.  Instead of having a hard coded
>> drop_unwanted_headers in PublicInbox::Import.  That would make it very
>> straight forward to just make this a knob that the user controls
>> for how they want their email received/imported.
>
> Not calling drop_unwanted_headers can have dangerous side-effects
> (training loops, bugs in other consumers, private data exposure),
> so I'm very hesitant to move it to Filter::Base

Usually it is my experience that dropping headers is more likely
to cause loops than keeping them.  But I definitely understand
the private data exposure angle.  However since this is my primary
archive I don't want to loose the information, in case I need it to
debug something.

> @PublicInbox::MDA::BAD_HEADERS is exposed via `our', so it could
> remain stable-but-undocumented API if people really feel the
> need to tweak it.  At most, we'd add a comment for that variable
> asking potential hackers not to move/rename it.
>
>> If that general idea sounds palatable I will investigate to see
>> if I can move the caching of the raw email into PublicInbox::MIME,
>> see about moving the dropping of headers into an appropriate config
>> knob.
>
> I think using $mime->{-public_inbox_raw} will be sufficient for
> now.  Thanks.

Then I will move in that direction.  It seems a straight forward
and simple change to make.

Eric


  reply index

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-17  2:00 Eric W. Biederman
2019-05-18  8:03 ` Eric Wong
2019-05-18 15:09   ` Eric W. Biederman
2019-05-18 21:39     ` Eric Wong
2019-05-19 18:14       ` Eric W. Biederman [this message]
2019-05-19 22:04         ` Eric Wong
2019-05-24 11:44           ` TLS support and event loops Eric Wong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://public-inbox.org/README

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87woimpb09.fsf@xmission.com \
    --to=ebiederm@xmission.com \
    --cc=e@80x24.org \
    --cc=meta@public-inbox.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

user/dev discussion of public-inbox itself

Archives are clonable:
	git clone --mirror https://public-inbox.org/meta
	git clone --mirror http://czquwvybam4bgbro.onion/meta
	git clone --mirror http://hjrcffqmbrq6wope.onion/meta
	git clone --mirror http://ou63pmih66umazou.onion/meta

Example config snippet for mirrors

Newsgroups are available over NNTP:
	nntp://news.public-inbox.org/inbox.comp.mail.public-inbox.meta
	nntp://ou63pmih66umazou.onion/inbox.comp.mail.public-inbox.meta
	nntp://czquwvybam4bgbro.onion/inbox.comp.mail.public-inbox.meta
	nntp://hjrcffqmbrq6wope.onion/inbox.comp.mail.public-inbox.meta
	nntp://news.gmane.io/gmane.mail.public-inbox.general

 note: .onion URLs require Tor: https://www.torproject.org/

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git