# HG changeset patch # User Timo Sirainen # Date 1030506361 -10800 # Node ID 2ffff61ee5e1e71db12aed6456a8a94e399431b4 # Parent 4ecb78d941822c40bbad5c20dc10ccda7fb98631 updated diff -r 4ecb78d94182 -r 2ffff61ee5e1 TODO --- a/TODO Wed Aug 28 03:59:11 2002 +0300 +++ b/TODO Wed Aug 28 06:46:01 2002 +0300 @@ -11,8 +11,6 @@ index: - optimization: - - optimize so that when all mail is deleted, the indexes will be - truncated - could hash function be better..? like uid*uid? what about changing probe strategy from linear to something else? - support shrinking hash file when it becomes 99% empty or so @@ -23,6 +21,9 @@ - index->lookup_uid_range(): first_uid could quite often be either the first UID or some UIDs below the first. optimize these by remembering the first UID in index. + - index_rec->full_virtual_size could be 0 to indicate it's not calculated + yet. this way we don't need to read the messages fully just to find out + that. - mbox: - BUG: adding new mail after indexes are created doesn't work - update Status and X-Status headers when flags are changed. @@ -33,12 +34,14 @@ does the syncing really need to be there? maybe put it into separate function which can be called after set_lock() by functions which actually care about the sync state (fetch, search, store, etc). - - read-only support for mailboxes where we don't have write-access? Could be - a bigger job. At least the mmap()ed file contents (== pretty much - everything) can't be trusted since they might change at any time. + - read-only support for mailboxes where we don't have write-access? Maybe, + but don't try to use their indexes since that's way too problematic, and + probably even impossible since we can't lock it. - if index was just rebuilt, modify log complains about indexid mismatch at first open - does append work? + - "UID FETCH|SEARCH|STORE *" doesn't work if latest message was deleted. + should we bother to fix this? I doubt there's a client that would use this. lib-storage: - support multiple mailbox formats and locations for one user. that would @@ -51,13 +54,19 @@ - optimize SEARCH [UN]SEEN, [UN]DELETED and [UN]RECENT. They're able to skip lots of messages based on the index header data. - use a trie index for fast text searching, like cyrus squat? - - hardlink-COPY doesn't copy flags + - BUG: hardlink-COPY doesn't work right: + - it should generate new filename for destination folder, so copying + same message twice won't break it + - custom flags aren't copied - maildir: atomic COPY could be done by setting a "temporary" flag into the file's name. once copying is done, set an ignore-temporary field into index's header. at next sync the temporary flag will be removed. - - mbox: should we bother checking if mbox file doesn't end with \n when - appending? - - select "" shouldn't work. + - we should probably do some light checking that appended mails actually + look like valid rfc822 mails.. + - SEARCH CHARSET support, iconv()? + - RENAME INBOX isn't atomic with Maildir. And in general, RENAME can't + be moved to another storage. Maybe support doing also using COPY + delete + once COPY is atomic? general: - capabilities: @@ -71,55 +80,51 @@ anyway and can do the sorting/threading themselves. - http://www.imc.org/ids.html - rfc-2231 continuation support - - "UID FETCH|SEARCH|STORE *" doesn't work if latest message was deleted. - should we bother to fix this? I doubt there's a client that would use this. - - RENAME INBOX isn't atomic with Maildir. And in general, RENAME can't - be moved to another storage. Maybe support doing also using COPY + delete - once COPY is atomic? - go through .temp files and delete them - - if auth process died and login couldn't immediately reconnect to it, it's - left until next user connects. however the connection needs to read the - init data before it can be used, so the user gets "NO Unknown - authentication method" error the first time + - Content-Language isn't parsed correctly - ulimit / setrlimit() should be set somewhere - create indexer binary - - SEARCH CHARSET support, iconv()? - - Fix the blocking SSL handshake (req. gnutls 0.5.2) + - SIGHUPing master should reload the configuration + - users should always be able to delete mail from mailbox, even if their + quota is completely full. this would require us to create the indexes + elsewhere .. in-memory should work fine? + - if index was rebuilt (because corruption was noticed), the user should be + disconnected because everything might have changed + +auth / login: - SRP authentication support? + - PAM: support some options so /etc/passwd-lookup isn't needed. uid=x, gid=y, + mailroot=/var/mail. maildirs should be then created when needed + - vpopmail support - Digest-MD5: support integrity protection, and maybe crypting. Do it through imap-login like SSL is done? - imap-auth should limit how fast authentication requests are allowed from login processes. especially if there's one login/connection the speed should be something like once/sec. - - support executing each login in it's own process, so if an exploit is ever - found from it, the attacker can't see other users' passwords - - put IMAP_LOGFILE into config file. and the timestamp format. - - SIGHUPing master should reload the configuration - - Something's wrong with expunging mails from maildir .. - - PAM: support some options so /etc/passwd-lookup isn't needed. uid=x, gid=y, - mailroot=/var/mail. maildirs should be then created when needed - - index_rec->full_virtual_size could be 0 to indicate it's not calculated - yet. this way we don't need to read the messages fully just to find out - that. - - ability to automatically try again if some command fails because error - occured in the middle of it, but was most likely also fixed. for example - if mbox is compressed in the middle of FETCH operation or some index - corruption was noticed + - HIGH: support executing each login in it's own process, so if an exploit + is ever found from it, the attacker can't see other users' passwords. + - master should limit number of login processes to max_logging_users, + killing old processes when limit is reached + - master should try to keep login_processes_count extra processes all + the time + - login should notify master after it accept()s, and it must close the + listening socket immediately cleanups / checks: - grep for FIXME - check if t_push()/t_pop() should be added somewhere - - check that (off_t) castings are safe - - IOBuffer is a bit confusing and weird. especially the offset-parameter - works strangely.. And maybe split it into IBuffer and OBuffer? + - IOBuffer should probably be split into IBuffer and OBuffer, and maybe + making it's internals hidden .. or at least only partly visible. - io_buffer_fd_ref() .. unref() and destroy() would close if refcount = 0? annoying those close(inbuf->fd)s with open_mail().. - allocating readwrite pools now just uses system_pool .. so pool_unref() can't free memory used by it .. what to do about it? at least count the malloc/free calls and make complain if at the exit they don't match - - Make sure messages of size INT_MAX..UINT_MAX (and more) work correctly. - virtual_size can also overflow making it less than physical_size + - ..wonder what it would look like if I did s/FooBarBaz/struct foo_bar_baz/.. + - HIGH: Make sure messages of size INT_MAX..UINT_MAX (and more) work + correctly. virtual_size can also overflow making it less than physical_size + - verify memory alignment is valid when reading from index files optional optimizations: - provide some helper binary to save new mail into mailboxes with CR+LF