X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FNetReader.pm;h=c1af03a3f8b972db9a8ff38f0b081652dbb90a53;hb=961690bae47c90a4a6960952587c6f4463fb4b19;hp=f0f56431282312c37840809be755cac0007ba51e;hpb=9d11ed460ce113dd10cd098e2dfa814fcfbddde9;p=public-inbox.git

diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm
index f0f56431..c1af03a3 100644
--- a/lib/PublicInbox/NetReader.pm
+++ b/lib/PublicInbox/NetReader.pm
@@ -1,4 +1,4 @@
-# Copyright (C) 2021 all contributors <meta@public-inbox.org>
+# Copyright (C) all contributors <meta@public-inbox.org>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 
 # common reader code for IMAP and NNTP (and maybe JMAP)
@@ -35,6 +35,7 @@ sub socks_args ($) {
 		eval { require IO::Socket::Socks } or die <<EOM;
 IO::Socket::Socks missing for socks5h://$h:$p
 EOM
+		# for IO::Socket::Socks
 		return { ProxyAddr => $h, ProxyPort => $p };
 	}
 	die "$val not understood (only socks5h:// is supported)\n";
@@ -42,20 +43,64 @@ EOM
 
 sub mic_new ($$$$) {
 	my ($self, $mic_arg, $sec, $uri) = @_;
-	my %mic_arg = %$mic_arg;
+	my %mic_arg = (%$mic_arg, Keepalive => 1);
 	my $sa = $self->{cfg_opt}->{$sec}->{-proxy_cfg} || $self->{-proxy_cli};
 	if ($sa) {
-		my %opt = %$sa;
+		# this `require' needed for worker[1..Inf], since socks_args
+		# only got called in worker[0]
+		require IO::Socket::Socks;
+		my %opt = (%$sa, Keepalive => 1);
+		$opt{SocksDebug} = 1 if $mic_arg{Debug};
 		$opt{ConnectAddr} = delete $mic_arg{Server};
 		$opt{ConnectPort} = delete $mic_arg{Port};
-		$mic_arg{Socket} = IO::Socket::Socks->new(%opt) or die
-			"E: <$$uri> ".eval('$IO::Socket::Socks::SOCKS_ERROR');
+		my $s = IO::Socket::Socks->new(%opt) or die
+			"E: <$uri> ".eval('$IO::Socket::Socks::SOCKS_ERROR');
+		if ($mic_arg->{Ssl}) { # for imaps://
+			require IO::Socket::SSL;
+			$s = IO::Socket::SSL->start_SSL($s) or die
+				"E: <$uri> ".(IO::Socket::SSL->errstr // '');
+		}
+		$mic_arg{Socket} = $s;
 	}
-	PublicInbox::IMAPClient->new(%mic_arg, Keepalive => 1);
+	PublicInbox::IMAPClient->new(%mic_arg);
 }
 
 sub auth_anon_cb { '' }; # for Mail::IMAPClient::Authcallback
 
+sub onion_hint ($$) {
+	my ($lei, $uri) = @_;
+	$uri->host =~ /\.onion\z/i or return "\n";
+	my $t = $uri->isa('PublicInbox::URIimap') ? 'imap' : 'nntp';
+	my $url = PublicInbox::Config::squote_maybe(uri_section($uri));
+	my $set_cfg = 'lei config';
+	if (!$lei) { # public-inbox-watch
+		my $f = PublicInbox::Config::squote_maybe(
+				$ENV{PI_CONFIG} || '~/.public-inbox/config');
+		$set_cfg = "git config -f $f";
+	}
+	my $dq = substr($url, 0, 1) eq "'" ? '"' : '';
+	<<EOM
+
+Assuming you have Tor configured and running locally on port 9050,
+try configuring a socks5h:// proxy:
+
+	url=$url
+	$set_cfg $t.$dq\$url$dq.proxy socks5h://127.0.0.1:9050
+
+...before retrying your current command
+EOM
+}
+
+# Net::NNTP doesn't support CAPABILITIES, yet; and both IMAP+NNTP
+# servers may have multiple listen sockets.
+sub try_starttls ($) {
+	my ($host) = @_;
+	return if $host =~ /\.onion\z/si;
+	return if $host =~ /\A127\.[0-9]+\.[0-9]+\.[0-9]+\z/s;
+	return if $host eq '::1';
+	1;
+}
+
 # mic_for may prompt the user and store auth info, prepares mic_get
 sub mic_for ($$$$) { # mic = Mail::IMAPClient
 	my ($self, $uri, $mic_common, $lei) = @_;
@@ -75,17 +120,19 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
 	my $mic_arg = {
 		Port => $uri->port,
 		Server => $host,
-		Ssl => $uri->scheme eq 'imaps',
 		%$common, # may set Starttls, Compress, Debug ....
 	};
 	$mic_arg->{Ssl} = 1 if $uri->scheme eq 'imaps';
 	require PublicInbox::IMAPClient;
-	my $mic = mic_new($self, $mic_arg, $sec, $uri) or
-			die "E: <$uri> new: $@\n";
+	my $mic = mic_new($self, $mic_arg, $sec, $uri);
+	($mic && $mic->IsConnected) or
+		die "E: <$uri> new: $@".onion_hint($lei, $uri);
+
 	# default to using STARTTLS if it's available, but allow
 	# it to be disabled since I usually connect to localhost
 	if (!$mic_arg->{Ssl} && !defined($mic_arg->{Starttls}) &&
 			$mic->has_capability('STARTTLS') &&
+			try_starttls($host) &&
 			$mic->can('starttls')) {
 		$mic->starttls or die "E: <$uri> STARTTLS: $@\n";
 	}
@@ -128,25 +175,18 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
 	$mic;
 }
 
-# Net::NNTP doesn't support CAPABILITIES, yet
-sub try_starttls ($) {
-	my ($host) = @_;
-	return if $host =~ /\.onion\z/s;
-	return if $host =~ /\A127\.[0-9]+\.[0-9]+\.[0-9]+\z/s;
-	return if $host eq '::1';
-	1;
-}
-
 sub nn_new ($$$) {
 	my ($nn_arg, $nntp_cfg, $uri) = @_;
 	my $nn;
 	if (defined $nn_arg->{ProxyAddr}) {
 		require PublicInbox::NetNNTPSocks;
+		$nn_arg->{SocksDebug} = 1 if $nn_arg->{Debug};
 		eval { $nn = PublicInbox::NetNNTPSocks->new_socks(%$nn_arg) };
 		die "E: <$uri> $@\n" if $@;
 	} else {
-		$nn = Net::NNTP->new(%$nn_arg) or die "E: <$uri> new: $!\n";
+		$nn = Net::NNTP->new(%$nn_arg) or return;
 	}
+	setsockopt($nn, Socket::SOL_SOCKET(), Socket::SO_KEEPALIVE(), 1);
 
 	# default to using STARTTLS if it's available, but allow
 	# it to be disabled for localhost/VPN users
@@ -202,7 +242,8 @@ sub nn_for ($$$$) { # nn = Net::NNTP
 	$nn_arg->{SSL} = 1 if $uri->secure; # snews == nntps
 	my $sa = $self->{-proxy_cli};
 	%$nn_arg = (%$nn_arg, %$sa) if $sa;
-	my $nn = nn_new($nn_arg, $nntp_cfg, $uri);
+	my $nn = nn_new($nn_arg, $nntp_cfg, $uri) or
+		die "E: <$uri> new: $@".onion_hint($lei, $uri);
 	if ($cred) {
 		$cred->fill($lei) unless defined($p); # may prompt user here
 		if ($nn->authinfo($u, $p)) {
@@ -287,7 +328,7 @@ sub imap_common_init ($;$) {
 		my $sec = uri_section($uri);
 
 		# knobs directly for Mail::IMAPClient->new
-		for my $k (qw(Starttls Debug Compress Ignoresizeerrors)) {
+		for my $k (qw(Starttls Debug Compress)) {
 			my $bool = cfg_bool($cfg, "imap.$k", $$uri) // next;
 			$mic_common->{$sec}->{$k} = $bool;
 		}
@@ -303,10 +344,10 @@ sub imap_common_init ($;$) {
 		}
 		my $k = 'imap.fetchBatchSize';
 		my $bs = $cfg->urlmatch($k, $$uri) // next;
-		if ($bs =~ /\A([0-9]+)\z/) {
+		if ($bs =~ /\A([0-9]+)\z/ && $bs > 0) {
 			$self->{cfg_opt}->{$sec}->{batch_size} = $bs;
 		} else {
-			warn "$k=$bs is not an integer\n";
+			warn "$k=$bs is not a positive integer\n";
 		}
 	}
 	# make sure we can connect and cache the credentials in memory
@@ -318,6 +359,7 @@ sub imap_common_init ($;$) {
 				mic_for($self, $uri, $mic_common, $lei) //
 				die "Unable to continue\n";
 		next unless $self->isa('PublicInbox::NetWriter');
+		next if $self->{-skip_creat};
 		my $dst = $orig_uri->mailbox // next;
 		next if $mic->exists($dst); # already exists
 		$mic->create($dst) or die "CREATE $dst failed <$orig_uri>: $@";
@@ -439,7 +481,7 @@ sub itrk_last ($$;$$) {
 	my ($self, $uri, $r_uidval, $mic) = @_;
 	return (undef, undef, $r_uidval) unless $self->{incremental};
 	my ($itrk, $l_uid, $l_uidval);
-	if (defined(my $lms = $self->{-lms_ro})) { # LeiMailSync or 0
+	if (defined(my $lms = $self->{-lms_rw})) { # LeiMailSync or 0
 		$uri->uidvalidity($r_uidval) if defined $r_uidval;
 		if ($mic) {
 			my $auth = $mic->Authmechanism // '';
@@ -498,6 +540,41 @@ sub perm_fl_ok ($) {
 # may be overridden in NetWriter or Watch
 sub folder_select { $_[0]->{each_old} ? 'select' : 'examine' }
 
+sub _imap_fetch_bodies ($$$$) {
+	my ($self, $mic, $uri, $uids) = @_;
+	my $req = $mic->imap4rev1 ? 'BODY.PEEK[]' : 'RFC822.PEEK';
+	my $key = $req;
+	$key =~ s/\.PEEK//;
+	my $sec = uri_section($uri);
+	my $mbx = $uri->mailbox;
+	my $bs = $self->{cfg_opt}->{$sec}->{batch_size} // 1;
+	my ($last_uid, $err);
+	my $use_fl = $self->{-use_fl};
+
+	while (scalar @$uids) {
+		my @batch = splice(@$uids, 0, $bs);
+		my $batch = join(',', @batch);
+		local $0 = "UID:$batch $mbx $sec";
+		my $r = $mic->fetch_hash($batch, $req, 'FLAGS');
+		unless ($r) { # network error?
+			last if $!{EINTR} && $self->{quit};
+			$err = "E: $uri UID FETCH $batch error: $!";
+			last;
+		}
+		for my $uid (@batch) {
+			# messages get deleted, so holes appear
+			my $per_uid = delete $r->{$uid} // next;
+			my $raw = delete($per_uid->{$key}) // next;
+			my $fl = $use_fl ? $per_uid->{FLAGS} : undef;
+			_imap_do_msg($self, $uri, $uid, \$raw, $fl);
+			$last_uid = $uid;
+			last if $self->{quit};
+		}
+		last if $self->{quit};
+	}
+	($last_uid, $err);
+}
+
 sub _imap_fetch_all ($$$) {
 	my ($self, $mic, $orig_uri) = @_;
 	my $sec = uri_section($orig_uri);
@@ -545,6 +622,7 @@ EOF
 	$mic->Uid(1); # the default, we hope
 	my $err;
 	my $use_fl = perm_fl_ok($perm_fl);
+	local $self->{-use_fl} = $use_fl;
 	if (!defined($single_uid) && $self->{each_old} && $use_fl) {
 		$err = each_old_flags($self, $mic, $uri, $l_uid);
 		return $err if $err;
@@ -556,15 +634,12 @@ EOF
 		my $m = $mod ? " [(UID % $mod) == $shard]" : '';
 		warn "# $uri fetching UID $l_uid:$r_uid$m\n";
 	}
-	my $bs = $self->{cfg_opt}->{$sec}->{batch_size} // 1;
-	my $req = $mic->imap4rev1 ? 'BODY.PEEK[]' : 'RFC822.PEEK';
-	my $key = $req;
-	$key =~ s/\.PEEK//;
-	my ($uids, $batch);
+	my $fetch_cb = \&_imap_fetch_bodies;
 	do {
 		# I wish "UID FETCH $START:*" could work, but:
 		# 1) servers do not need to return results in any order
 		# 2) Mail::IMAPClient doesn't offer a streaming API
+		my $uids;
 		if (defined $single_uid) {
 			$uids = [ $single_uid ];
 		} elsif (!($uids = $mic->search("UID $l_uid:*"))) {
@@ -582,31 +657,8 @@ EOF
 		return if $uids->[0] < $l_uid;
 
 		$l_uid = $uids->[-1] + 1; # for next search
-		my $last_uid;
-		my $n = $self->{max_batch};
-
 		@$uids = grep { ($_ % $mod) == $shard } @$uids if $mod;
-		while (scalar @$uids) {
-			my @batch = splice(@$uids, 0, $bs);
-			$batch = join(',', @batch);
-			local $0 = "UID:$batch $mbx $sec";
-			my $r = $mic->fetch_hash($batch, $req, 'FLAGS');
-			unless ($r) { # network error?
-				last if $!{EINTR} && $self->{quit};
-				$err = "E: $uri UID FETCH $batch error: $!";
-				last;
-			}
-			for my $uid (@batch) {
-				# messages get deleted, so holes appear
-				my $per_uid = delete $r->{$uid} // next;
-				my $raw = delete($per_uid->{$key}) // next;
-				my $fl = $use_fl ? $per_uid->{FLAGS} : undef;
-				_imap_do_msg($self, $uri, $uid, \$raw, $fl);
-				$last_uid = $uid;
-				last if $self->{quit};
-			}
-			last if $self->{quit};
-		}
+		(my $last_uid, $err) = $fetch_cb->($self, $mic, $uri, $uids);
 		run_commit_cb($self);
 		$itrk->update_last($r_uidval, $last_uid) if $itrk;
 	} until ($err || $self->{quit} || defined($single_uid));
@@ -686,21 +738,27 @@ sub _nntp_fetch_all ($$$) {
 		my $msg = ndump($nn->message);
 		return "E: GROUP $group <$sec> $msg";
 	}
-
+	(defined($num_a) && defined($num_b) && $num_a > $num_b) and
+		return "E: $uri: backwards range: $num_a > $num_b";
+	if (defined($num_a)) { # no article numbers in mail_sync.sqlite3
+		$uri = $uri->clone;
+		$uri->group($group);
+	}
 	# IMAPTracker is also used for tracking NNTP, UID == article number
 	# LIST.ACTIVE can get the equivalent of UIDVALIDITY, but that's
 	# expensive.  So we assume newsgroups don't change:
 	my ($itrk, $l_art) = itrk_last($self, $uri);
 
-	# allow users to specify articles to refetch
-	# cf. https://tools.ietf.org/id/draft-gilman-news-url-01.txt
-	# nntp://example.com/inbox.foo/$num_a-$num_b
-	$beg = $num_a if defined($num_a) && $num_a < $beg;
-	$end = $num_b if defined($num_b) && $num_b < $end;
-	if (defined $l_art) {
+	if (defined($l_art) && !defined($num_a)) {
 		return if $l_art >= $end; # nothing to do
 		$beg = $l_art + 1;
 	}
+	# allow users to specify articles to refetch
+	# cf. https://tools.ietf.org/id/draft-gilman-news-url-01.txt
+	# nntp://example.com/inbox.foo/$num_a-$num_b
+	$beg = $num_a if defined($num_a) && $num_a > $beg && $num_a <= $end;
+	$end = $num_b if defined($num_b) && $num_b >= $beg && $num_b < $end;
+	$end = $beg if defined($num_a) && !defined($num_b);
 	my ($err, $art, $last_art, $kw); # kw stays undef, no keywords in NNTP
 	unless ($self->{quiet}) {
 		warn "# $uri fetching ARTICLE $beg..$end\n";