Eric Wong [Sat, 14 Jul 2018 00:46:01 +0000 (00:46 +0000)]
v2writable: unindex deleted messages after incremental fetch
The normal behavior is to prevent the deleted messages from
being indexed in the first place. However, when fetching
incrementally via git; public-inbox-index needs to account for
deleted files which were created outside of the most recent
fetch/reindexing window.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Eric W. Biederman [Sat, 7 Jul 2018 18:22:28 +0000 (13:22 -0500)]
Import: Don't copy nulls from emails into git
Recently I ran git --git-dir=lkml/git/1.git fsck
and it reported:
> warning in commit 299dbd50b6995c6debe2275f0df984ce697fb4cc: nulInCommit: NULL byte inthe commit object body
Which I found quite scary. Nulls in the wrong place have a bad tendency
to make programs misbehave.
It turns out someone had placed "=?iso-8859-1?q?=00?=" at the end of
their subject line. Which is the mime encoding for NULL. Email::Mime
had correctly decoded the header, and then public-inbox had simply
copied the contents of the header into the subject line of the git
commit.
To prevent that from causing problems replace nulls in such subject
lines with spaces.
Signed-off-by: Eric Biederman <ebiederm@xmission.com>
Upon examination with git show --pretty=raw all of the problem commits
had a time zone that was not 4 digits long. This time zone had been
passed straight from the Date line in the email into the author line
of the commit.
Looking into that I discovered that str2time takes into account the
time zone, and was actually able to process these weird time zones.
So get the normalized time zone with strptime and convert it from
seconds from gmt to hours and minutes from gmt.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Eric Wong [Wed, 4 Jul 2018 10:50:25 +0000 (10:50 +0000)]
v2: fill alternates with old epochs on init from mirrors
For v2 repositories with multiple epochs, we must not forget
about earlier epochs in clones. Ensure we update the alternates
file with all known epochs up to the current one.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
https://public-inbox.org/meta/871scj2vzi.fsf@xmission.com/
Eric Wong [Wed, 13 Jun 2018 22:43:56 +0000 (22:43 +0000)]
www: use undecoded paths for Message-ID extraction
In PSGI, PATH_INFO contains URI-decoded paths which cause
problems when Message-IDs contain ambiguous characters for used
for routing. Instead, extract the undecoded path from
REQUEST_URI and use that.
Konstantin Ryabitsev [Mon, 18 Jun 2018 17:51:02 +0000 (13:51 -0400)]
Tweak over.sqlite3 queries for sqlite < 3.8
The query planner in sqlite3 < 3.8 is not very clever, so when it sees
num mentioned in the query filter, it decides not to use the fast idx_ts
index and goes for the much slower autoindex. CentOS-7 still has
sqlite-3.7, so loading the http landing page of a very large archive
(LKML) was taking over 18 seconds, as oppposed to milliseconds on a
system with sqlite-3.8 and above:
$ time sqlite3 -line over.sqlite3 'SELECT ts,ds,ddd FROM over \
WHERE num > 0 ORDER BY ts DESC LIMIT 1000;' > /dev/null
real 0m19.610s
user 0m17.805s
sys 0m1.805s
$ sqlite3 -line over.sqlite3 'EXPLAIN QUERY PLAN SELECT ts,ds,ddd \
FROM over WHERE num > 0 ORDER BY ts DESC LIMIT 1000;'
selectid = 0
order = 0
from = 0
detail = SEARCH TABLE over USING INDEX sqlite_autoindex_over_1 (num>?) (~250000 rows)
However, if we slightly tweak the query per SQlite recommendations [1]
by adding + to the num filter, we force it to use the correct index
and see much faster performance:
$ time sqlite3 -line over.sqlite3 'SELECT ts,ds,ddd FROM over \
WHERE +num > 0 ORDER BY ts DESC LIMIT 1000;' > /dev/null
real 0m0.007s
user 0m0.005s
sys 0m0.002s
$ sqlite3 -line over.sqlite3 'EXPLAIN QUERY PLAN SELECT ts,ds,ddd \
FROM over WHERE +num > 0 ORDER BY ts DESC LIMIT 1000;'
selectid = 0
order = 0
from = 0
detail = SCAN TABLE over USING INDEX idx_ts (~1464303 rows)
This appears to be the only place where this is needed in order to avoid
running into this issue.
As far as I can tell, this change has no impact on systems running newer
sqlite3 (>= 3.8).
Konstantin Ryabitsev [Fri, 15 Jun 2018 19:11:23 +0000 (15:11 -0400)]
Contribute SELinux policy for EL7
This adds a SELinux policy suitable for RHEL/CentOS 7. It assumes the
following:
- public-inbox-httpd and public-inbox-nntpd are running via systemd
on sane ports (119 and 80/8080)
- /var/lib/public-inbox is the location for mainrepos
- /var/run/public-inbox is the location for PERL_INLINE_DIRECTORY
- /var/log/public-inbox is the location for logs
- mail delivery is done via postfix-pipe or public-inbox-watch via
the provided example systemd service
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Leah Neukirchen [Tue, 12 Jun 2018 15:36:52 +0000 (17:36 +0200)]
public-inbox-mda: use <sysexits.h> status codes where applicable
Many MTA understand these and map them to sensible SMTP error messages.
Inability to find an inbox results in "5.1.1 user unknown".
Misformatted messages are rejected with "5.6.0 data format error".
Unsupported inbox versions are reported as "5.3.5 local configuration error".
All of these are interpreted as permanent failures.
Eric Wong [Wed, 30 May 2018 02:54:48 +0000 (02:54 +0000)]
respect umask if core.sharedRepository is not set
This is consistent with git itself and the previous behavior
was a result of misunderstanding of how git interprets this.
And adjust tests slightly to match the new behavior.
Reported-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
<38873789-ab42-65a1-20c9-12c30b171f4f@linuxfoundation.org>
Eric Wong [Thu, 24 May 2018 08:32:16 +0000 (08:32 +0000)]
workaround Xapian OFD locks w/o close-on-exec
Xapian v1.2.21..v1.2.24 (inclusive) use OFD locks but failed to
set the close-on-exec flag on those locks. So we must continue
to work around those old versions by ensuring Xapian file
descriptors aren't held any longer than necessary when in
long-running git processes.
Reported-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Eric Wong [Fri, 11 May 2018 19:20:15 +0000 (19:20 +0000)]
content_id: workaround quote handling change in Email::* modules
I'm not entirely sure where the behavior change lies, but
it seems to be in some of the latest CPAN versions of these
modules. In any case, this only affects the test setup and
not actual behavior.
Eric Wong [Wed, 25 Apr 2018 08:52:49 +0000 (08:52 +0000)]
thread: sort incoming messages by Date
Improve the display by finding any parent when we see out-of-order
References. This prevents us from having two roots in the test
case like Mail::Thread does.
Eric Wong [Wed, 25 Apr 2018 08:52:48 +0000 (08:52 +0000)]
thread: prevent hidden threads in /$INBOX/ landing page
In retrospect, the loop prevention done by our indexer is not
always sufficient since it can have an improperly sorted
or incomplete References headers.
This bug was triggered multiple bracketed Message-IDs in an In-Reply-To: header (not References) where the Message-IDs were
in non-chronological order when somebody tried to reply to
different leafs of a thread with a single message.
So we must check for descendents before blindly trying to
use the last one.
Fixes: c6a8fdf71e2c336f ("thread: last Reference always wins")
Eric Wong [Mon, 23 Apr 2018 05:06:00 +0000 (05:06 +0000)]
search: avoid repeated mbox results from search
Previous search queries already set sort order on the Enquire
object, altering the ordering of results and was causing
messages to be redundantly downloaded via POST /$INBOX/?q=$QUERY&x=m
So stop caching the Search::Xapian::Enquire object since it
wasn't providing any measurable performance improvement.
Eric Wong [Mon, 23 Apr 2018 04:16:53 +0000 (04:16 +0000)]
view: wrap To: and Cc: headers in HTML display
It is common to have large amounts of addresses Cc:-ed in large
mailing lists like LKML. Make them more readable by wrapping
after addresses. Unfortunately, line breaks inserted by the
MUA get lost when using the public Email::MIME API.
Subject and body lines remain unwrapped, as it's the author's
fault to have such long lines :P
Eric Wong [Mon, 23 Apr 2018 04:16:52 +0000 (04:16 +0000)]
view: untangle loop when showing message headers
The old loop did not help with code clarity with the various
conditional statements. It also hid a bug where we forgot to
(optionally) obfuscate email addresses in Subject: lines if
search was enabled.
Eric Wong (Contractor, The Linux Foundation) [Sun, 22 Apr 2018 08:01:48 +0000 (08:01 +0000)]
extmsg: use Xapian only for partial matches
"LIKE" in SQLite (and other SQL implementations I've seen) is
expensive with nearly 3 million messages in the archives.
This caused some partial Message-ID lookups to take over 600ms
on my workstation (~300ms on a faster Xeon). Cut that to below
under 30ms on average on my workstation by relying exclusively
on Xapian for partial Message-ID lookups as we have in the past.
Unlike in the past when we tried using Xapian to match partial
Message-IDs; we now optimize our indexing of Message-IDs to
break apart "words" in Message-IDs for searching, yielding
(hopefully) "good enough" accuracy for folks who get long URLs
broken across lines when copy+pasting.
We'll also drop the (in retrospect) pointless stripping of
"/[tTf]" suffixes for the partial match, since anybody who
hits that codepath would be hitting an invalid message ID.
Finally, limit wildcard expansion to prevent easy DoS vectors
on short terms.
And blame Pine and alpine for generating Message-IDs with
low-entropy prefixes :P
Eric Wong [Fri, 20 Apr 2018 07:21:56 +0000 (07:21 +0000)]
convert: copy description and git config from v1 repo
I noticed I lost a $GIT_DIR/description in a conversion, so we
should preserve it. While we're at it, we ought to copy any
config in the old repo to the new one.
We will need to warn about cloneurl since it's unfortunately
not an automatic process to update. Oh well..
Eric Wong [Fri, 20 Apr 2018 03:27:38 +0000 (03:27 +0000)]
searchidx: release lock again during v1 batch callback
Relaxing this lock during a v1 --reindex is important to keep
messages showing up in -watch process in a timely manner.
Looks like I deleted an extra line when doing the following
for v2:
s/xdb->commit_transaction/self->commit_txn_lazy/
Fixes: 35ff6bb106909b1c ("replace Xapian skeleton with SQLite overview DB")
Eric Wong [Thu, 19 Apr 2018 22:42:05 +0000 (22:42 +0000)]
filter/rubylang: do not set altid on spam training
I suppose it's a bug or inconsistency that altid is write-only
and their deletions do not get reflected. But for now, we
do not set it when training spam so there's no window where
an invalid NNTP article number shows up.
This should solve the problem where there's massive gaps
in messages solved by spam training for ruby groups:
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 20:58:35 +0000 (20:58 +0000)]
Merge remote-tracking branch 'origin/master' into v2
* origin/master:
nntp: allow and ignore empty commands
mbox: do not barf on queries which return no results
nntp: fix NEWNEWS command
searchview: fix non-numeric comparison
Allow specification of the number of search results to return
githttpbackend: avoid infinite loop on generic PSGI servers
http: fix modification of read-only value
extmsg: use news.gmane.org for Message-ID lookups
extmsg: rework partial MID matching to favor current inbox
Update the installation instructions with Fedora package names
nntp: do not drain rbuf if there is a command pending
nntp: improve fairness during XOVER and similar commands
searchidx: do not modify Xapian DB while iterating
Don't use LIMIT in UPDATE statements
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 09:13:14 +0000 (09:13 +0000)]
extmsg: remove expensive git path checks
Searching across different inboxes is expensive without
SQLite (or Xapian) installed, so avoid doing expensive tree
lookups in git. Since SQLite is required for Xapian
support anyways, we won't need to check Xapian, either.
Sites without SQLite installed will simply 404 if somebody
requests a message which isn't in the current inbox.
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 09:13:13 +0000 (09:13 +0000)]
searchidx: regenerate and avoid article number gaps on full index
Some messages to git@vger went missing from Msgmap from old bugs
and became inaccessible via NNTP. Forcing NNTP article numbers
when the overview DB came about made the problem more visible when
reindexing old (v1) repositories as all removed spam messages
took up AUTOINCREMENT numbers again before they were removed.
Having large gaps in NNTP article numbers is not good since it
throws off NNTP clients. This does NOT prevent NNTP clients from
seeing some messages twice, but is better than having them
miss several messages entirely.
We also avoid depending on --reverse in git-log, as
git requires storing an entire commit list in memory for
--reverse, so it's cheaper to store only deleted blobs in the %D
hash since they do not live long.
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 09:13:11 +0000 (09:13 +0000)]
v2: improve deduplication checks
First off, decode text portions of messages since some archived
mail I got was converted from quoted-printable or base-64 to
8bit by the original recipient. Attempting to merge them with
my own archives (which had no conversion done) led to
unnecessary duplicates showing up.
Then, normalize CRLF line endings in text portions to LF.
In the headers, we relax the content_id hashing to ignore quotes
and lower-case domain names in To, Cc, and From headers since
some mail processors will alter them.
Finally, I've discovered Email::MIME->new($mime->as_string)
does not always round-trip reliably, so we calculate the
content_id twice on user-supplied messages.
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 09:13:10 +0000 (09:13 +0000)]
v2: generate better Message-IDs for duplicates
While hunting duplicates, I noticed a leading '-' in some
Message-IDs as a result of RFC4648 encoding. While '-' seems
allowed by RFC5322 and URL-friendly (RFC4648), they are uncommon
and make using Message-IDs as arguments for command-line tools
more difficult. So prefix them with a datestamp to at least
give readers some sense of the age. And shorten the "localhost"
hostname to "z" to save space.
Eric Wong (Contractor, The Linux Foundation) [Wed, 18 Apr 2018 09:13:08 +0000 (09:13 +0000)]
v2writable: reduce partititions by one
git fast-import and the main V2Writable process combined takes
about one CPU, so avoid having too many Xapian partitions which
cause unnecessary I/O contention.
Eric Wong (Contractor, The Linux Foundation) [Sat, 7 Apr 2018 03:41:54 +0000 (03:41 +0000)]
msgmap: speed up minmax with separate queries
This significantly improves the performance of the NNTP GROUP
command with 2.7 million messages from over 250ms to 700us.
SQLite is weird about this, but at least there's a way to
optimize it.
Eric Wong (Contractor, The Linux Foundation) [Sat, 7 Apr 2018 03:41:53 +0000 (03:41 +0000)]
store less data in the Xapian document
Since we only query the SQLite over DB for OVER/XOVER; do not
need to waste space storing fields To/Cc/:bytes/:lines or the
XNUM term. We only use From/Subject/References/Message-ID/:blob
in various places of the PSGI code.
For reindexing, we will take advantage of docid stability
in "xapian-compact --no-renumber" to ensure duplicates do not
show up in search results. Since the PSGI interface is the
only consumer of Xapian at the moment, it has no need to
search based on NNTP article number.
Eric Wong (Contractor, The Linux Foundation) [Sat, 7 Apr 2018 03:41:50 +0000 (03:41 +0000)]
v2writable: reduce barriers
Since we handle the overview info synchronously, we only need
barriers in tests, now. We will use asynchronous checkpoints
to sync less-important Xapian data.
For data deduplication, this requires us to hoist out the
cat-blob support in ::Import for reading uncommitted data
in git.
Eric Wong (Contractor, The Linux Foundation) [Sat, 7 Apr 2018 03:41:49 +0000 (03:41 +0000)]
over: remove forked subprocess
Since the overview stuff is a synchronization point anyways,
move it into the main V2Writable process and allow us to
drop a bunch of code. This is another step towards making
Xapian optional for v2.
In other words, the fan-out point is moved and the Xapian
partitions no longer need to synchronize against each other:
Before:
/-------->\
/---------->\
v2writable -->+----parts----> over
\---------->/
\-------->/
Since the overview/threading logic needs to run on the same core
that feeds git-fast-import, it's slower for small repos but is
not noticeable in large imports where I/O wait in the partitions
dominates.
Eric Wong (Contractor, The Linux Foundation) [Fri, 6 Apr 2018 21:44:38 +0000 (21:44 +0000)]
www: favor reading more from SQLite, and less from Xapian
Favor simpler internal APIs this time around, this cuts
a fair amount of code out and takes another step towards
removing Xapian as a dependency for v2 repos.
Eric Wong (Contractor, The Linux Foundation) [Thu, 5 Apr 2018 21:45:28 +0000 (21:45 +0000)]
search: index and allow searching by date-time
Dscho found this useful for finding matching git commits based
on AuthorDate in git. Add it to the overview DB format, too;
so in the future we can support v2 repos without Xapian.
Eric Wong (Contractor, The Linux Foundation) [Thu, 5 Apr 2018 09:34:12 +0000 (09:34 +0000)]
compact: better handling of over.sqlite3* files
Lets not scare users when they encounter files that are supposed
to be there. Then, preserve the journal and pipe.lock, even if
they're supposedly unused due to us holding the inbox-wide lock.
Eric Wong (Contractor, The Linux Foundation) [Wed, 4 Apr 2018 21:24:59 +0000 (21:24 +0000)]
v2: support incremental indexing + purge
This is important for people running mirrors via "git fetch",
as they need to be kept up-to-date. Purging is also now
supported in mirrors.
The short-lived "--regenerate" option is gone and is now
implicitly enabled as a result. It's still cheap when
article number regeneration is unnecessary, as we track
the range for each git repository.
Eric Wong (Contractor, The Linux Foundation) [Wed, 4 Apr 2018 21:11:47 +0000 (21:11 +0000)]
searchidx: ensure duplicated Message-IDs can be linked together
This allows us to emulate the display of thread-aware MUAs when
multiple messages share the same Message-ID. This also is a
place where "public-inbox-index --reindex" is useful to fix
existing messages and no schema version bump is necessary.
Eric Wong (Contractor, The Linux Foundation) [Tue, 3 Apr 2018 11:09:12 +0000 (11:09 +0000)]
nntp: simplify the long_response API
We we worked around the default range/termination conditions of
long_response in many cases to reduce calls to SQLite or Xapian.
So continue that trend and become more like the PSGI API
which doesn't force callers to specify an article range or
work inside a loop.
Eric Wong (Contractor, The Linux Foundation) [Tue, 3 Apr 2018 11:09:11 +0000 (11:09 +0000)]
msgmap: replace id_batch with ids_after
id_batch had a an overly complicated interface, replace it
with id_batch which is simpler and takes advantage of
selectcol_arrayref in DBI. This allows simplification of
callers and the diffstat agrees with me.
Eric Wong (Contractor, The Linux Foundation) [Tue, 3 Apr 2018 11:09:09 +0000 (11:09 +0000)]
view: avoid offset during pagination
OFFSET in SQLite gets painful to deal with. Instead,
rely on timestamps (from Received:) for pagination.
This also sets us up for more precise Date searching
in case we want it.
Eric Wong (Contractor, The Linux Foundation) [Tue, 3 Apr 2018 11:09:08 +0000 (11:09 +0000)]
nntp: make XOVER, XHDR, OVER, HDR and NEWNEWS faster
While SQLite is faster than Xapian for some queries we
use, it sucks at handling OFFSET. Fortunately, we do
not need offsets when retrieving sorted results and
can bake it into the query.
For inbox.comp.version-control.git (v1 Xapian),
XOVER and XHDR are over 20x faster.
Eric Wong (Contractor, The Linux Foundation) [Mon, 2 Apr 2018 00:04:56 +0000 (00:04 +0000)]
over: speedup get_thread by avoiding JOIN
JOIN operations on SQLite can be disasterously slow.
This reduces per-message pages with the thread overview
at the bottom of those pages from over 800ms to ~60ms.
In comparison, the v1 code took around 70-80ms using
Xapian on my machine.
Eric Wong (Contractor, The Linux Foundation) [Mon, 2 Apr 2018 00:04:55 +0000 (00:04 +0000)]
www: rework query responses to avoid COUNT in SQLite
In many cases, we do not care about the total number of
messages. It's a rather expensive operation in SQLite
(Xapian only provides an estimate).
For LKML, this brings top-level /$INBOX/ loading time from
~375ms to around 60ms on my system. Days ago, this operation
was taking 800-900ms(!) for me before introducing the SQLite
overview DB.