This marks the function safe and returns Result, it also now returns
the ConfiguredAddr since it has to look this up anyway and it makes
testing more easy. Turns out it reduces some duplicate SQL query in
some callers too.
More test code has been moved from dc_imex to test_utils as it's
more genrally applicable.
* refactor(contact): rename and rusty memory allocations
* refactor(contact): use enum to indidcate origin
* refactor(contact): safe blocking and unblocking api
* refactor(contact): only safe and no more cstrings
Add a trait for str.strdup() to replace to_cstring() which avoid the
signature ambiguity with .to_string().
Also instruduce CString::yolo() as a shortcut to
CString::new().unwrap() and use it whenever the variable does can be
deallocated by going out of scope. This is less error prone.
Use some Path.to_c_string() functions where possible.
With this change, kind of message is represented by value of enum
`Viewtype' instead of raw libc::c_int, providing more type safety. This
enum replaces DC_MSG_* constants. The only way to create `Viewtype' from
libc::c_int is smart constructor.
With this change, functions `dc_get_chat_media' and `dc_get_next_media' became
less forgiving about invalid message type arguments. Previously, invalid
message types were implicitly interpreted as 0 (Viewtype::Unknown). Now,
function calls with invalid message type arguments are rejected (error code
returned) on FFI boundary.
Additionally, when `Viewtype' is read from database, it is checked to have
sensible value.
No tests assumed forgiving behaviour.
* refactor: safe sql access
* Clean up the worst rebase mistakes
* Some more progress on the rebase fallout and this branch
* upgrade and compile again
* cleanup from rebase
* example of how to prepare now
* rebase fixes
* add sql.query_map
* less preparation
* more improvements in sql code
* fix string truncation
* more prepare conversions
* most prep done
* fix tests
* fix ffi
* fix last prepares
* fix segfaults and some queries
* use r2d2 pool
* fix dc_job sql call, to reduce contention
* try newer rust
* No more vararg printing (drop dc_log_)
* ignore expected errors
* fix: uses exists instead of execute where needed
* fix: get_contacts logic was broken
* fix: contact creation
* test on 32bit linux
* ci: try running 32bit without cross
* undo 32bit tests
* refactor: rename dc_sqlite3 to sql
* fix: safer string conversions
* more string fixes
* try fixing appveyor build to 64bit
* chore(ci): hardcode target
* chore(ci): appveyor
* some cleanup work
* try fix darwin
* fix and improve sql escaping
* fix various bugs
* fix chat deletion
* refactor: cleanup config values and move to their own file
* refactor: move more methods onto the sql struct
* dont panic on failed state loading
* first round of cr
* one more cr fix
* stop using strange defaults
* remove unused escapes
This clears the way to start working on making the functions safe.
But small PRs are good PRs so let's get this rename out of the way and
have future PRs less noisy.
Also stop making this #[repr(C)] and start making fields that are not
used private. Lastly clean up some comments by moving them or
deleting them, so they make sense again after the translation.
Experiment with refactoring the internal sql interface a bit. My
original goal was to modify the schema and thus refactor to a state
where it would be sane to write tests for dc_sqlite_open() (and/or
however it ends up refactored) to assert schame changes before/after.
The C API allows passing a NULL pointer is for the callback function.
However when calling the callback nothing checks for this null pointer
and thus things fail badly. Even worse since the C API is defined
using an "fn pointer" rather than a "*-ptr" or raw pointer to the
function rust does not realise this can be invalid and therefore the
typechecker does not catch this even though there are no unsafe casts.
Fix this by making the callback an Option in rust, this can be easily
checked when calling. Also add a Context.call_cb() function which
simplifies calling the callback, hides the weird syntax due to the
function pointer and makes the call a little easier. Finally it also
means the option checking is only needed in one place.
For the C API this needs to check if this is a NULL pointer or not,
this is implicitly done by rust using the "nullable pointer
optimisation":
https://doc.rust-lang.org/nomicon/ffi.html#the-nullable-pointer-optimization
The function does a cast and does not create a new objects. The
stdlib convention is to use to_*() for functions which return new
objects and as_*() for functions which keep referring to the same data
but using a different type. Follow that convention.
