##// END OF EJS Templates
revlog: rewrite censoring logic...
revlog: rewrite censoring logic I was able to corrupt a revlog relatively easily with the existing censoring code. The underlying problem is that the existing code doesn't fully take delta chains into account. When copying revisions that occur after the censored revision, the delta base can refer to a censored revision. Then at read time, things blow up due to the revision data not being a compressed delta. This commit rewrites the revlog censoring code to take a higher-level approach. We now create a new revlog instance pointing at temp files. We iterate through each revision in the source revlog and insert those revisions into the new revlog, replacing the censored revision's data along the way. The new implementation isn't as efficient as the old one. This is because it will fully engage delta computation on insertion. But I don't think it matters. The new implementation is a bit hacky because it attempts to reload the revlog instance with a new revlog index/data file. This is fragile. But this is needed because the index (which could be backed by C) would have a cached copy of the old, possibly changed data and that could lead to problems accessing index or revision data later. One benefit of the new approach is that we integrate with the transaction. The old revlog is backed up and if the transaction is rolled back, the original revlog is restored. As part of this, we had to teach the transaction about the store vfs. I'm not super keen about this. But this was the easiest way to hook things up to the transaction. We /could/ just ignore the transaction like we were doing before. But any file mutation should be governed by transaction semantics, including undo during rollback. Differential Revision: https://phab.mercurial-scm.org/D4869

File last commit:

r40061:b099e603 default
r40092:324b4b10 default
Show More
wireprototypes.py
387 lines | 12.5 KiB | text/x-python | PythonLexer
Gregory Szorc
wireprototypes: move wire protocol response types to new module...
r36090 # Copyright 2018 Gregory Szorc <gregory.szorc@gmail.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
from __future__ import absolute_import
Gregory Szorc
wireproto: move value encoding functions to wireprototypes (API)...
r37630 from .node import (
bin,
hex,
)
Gregory Szorc
wireproto: move supportedcompengines out of wireproto...
r37801 from .i18n import _
Gregory Szorc
wireprotov2: define type to represent pre-encoded object...
r40056 from .thirdparty import (
attr,
)
Gregory Szorc
wireproto: move supportedcompengines out of wireproto...
r37801 from . import (
error,
util,
)
Gregory Szorc
interfaceutil: module to stub out zope.interface...
r37828 from .utils import (
interfaceutil,
)
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389
Gregory Szorc
wireprotoserver: move SSHV1 and SSHV2 constants to wireprototypes...
r36553 # Names of the SSH protocol implementations.
SSHV1 = 'ssh-v1'
Gregory Szorc
wireproto: support /api/* URL space for exposing APIs...
r37064 # These are advertised over the wire. Increment the counters at the end
Gregory Szorc
wireprotoserver: move SSHV1 and SSHV2 constants to wireprototypes...
r36553 # to reflect BC breakages.
Gregory Szorc
wireprotov2: allow multiple fields to follow revision maps...
r39839 SSHV2 = 'exp-ssh-v2-0002'
HTTP_WIREPROTO_V2 = 'exp-http-v2-0002'
Gregory Szorc
wireprotoserver: move SSHV1 and SSHV2 constants to wireprototypes...
r36553
Gregory Szorc
wireproto: allow wire protocol commands to declare transport support...
r36627 # All available wire protocol transports.
TRANSPORTS = {
SSHV1: {
'transport': 'ssh',
'version': 1,
},
SSHV2: {
'transport': 'ssh',
Gregory Szorc
wireproto: mark SSHv2 as a version 1 transport...
r37310 # TODO mark as version 2 once all commands are implemented.
'version': 1,
Gregory Szorc
wireproto: allow wire protocol commands to declare transport support...
r36627 },
'http-v1': {
'transport': 'http',
'version': 1,
Gregory Szorc
wireproto: support /api/* URL space for exposing APIs...
r37064 },
Gregory Szorc
wireproto: rename HTTPV2 so it less like HTTP/2...
r37662 HTTP_WIREPROTO_V2: {
Gregory Szorc
wireproto: support /api/* URL space for exposing APIs...
r37064 'transport': 'http',
'version': 2,
Gregory Szorc
wireproto: allow wire protocol commands to declare transport support...
r36627 }
}
Gregory Szorc
wireproto: introduce type for raw byte responses (API)...
r36091 class bytesresponse(object):
"""A wire protocol response consisting of raw bytes."""
def __init__(self, data):
self.data = data
Gregory Szorc
wireprototypes: move wire protocol response types to new module...
r36090 class ooberror(object):
"""wireproto reply: failure of a batch of operation
Something failed during a batch call. The error message is stored in
`self.message`.
"""
def __init__(self, message):
self.message = message
class pushres(object):
"""wireproto reply: success with simple integer return
The call was successful and returned an integer contained in `self.res`.
"""
def __init__(self, res, output):
self.res = res
self.output = output
class pusherr(object):
"""wireproto reply: failure
The call failed. The `self.res` attribute contains the error message.
"""
def __init__(self, res, output):
self.res = res
self.output = output
class streamres(object):
"""wireproto reply: binary stream
The call was successful and the result is a stream.
Accepts a generator containing chunks of data to be sent to the client.
``prefer_uncompressed`` indicates that the data is expected to be
uncompressable and that the stream should therefore use the ``none``
engine.
"""
def __init__(self, gen=None, prefer_uncompressed=False):
self.gen = gen
self.prefer_uncompressed = prefer_uncompressed
class streamreslegacy(object):
"""wireproto reply: uncompressed binary stream
The call was successful and the result is a stream.
Accepts a generator containing chunks of data to be sent to the client.
Like ``streamres``, but sends an uncompressed data for "version 1" clients
using the application/mercurial-0.1 media type.
"""
def __init__(self, gen=None):
self.gen = gen
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389
Gregory Szorc
wireproto: move value encoding functions to wireprototypes (API)...
r37630 # list of nodes encoding / decoding
def decodelist(l, sep=' '):
if l:
return [bin(v) for v in l.split(sep)]
return []
def encodelist(l, sep=' '):
try:
return sep.join(map(hex, l))
except TypeError:
raise
# batched call argument encoding
def escapebatcharg(plain):
return (plain
.replace(':', ':c')
.replace(',', ':o')
.replace(';', ':s')
.replace('=', ':e'))
def unescapebatcharg(escaped):
return (escaped
.replace(':e', '=')
.replace(':s', ';')
.replace(':o', ',')
.replace(':c', ':'))
Gregory Szorc
wireproto: move gboptsmap to wireprototypes and rename (API)...
r37631 # mapping of options accepted by getbundle and their types
#
# Meant to be extended by extensions. It is extensions responsibility to ensure
# such options are properly processed in exchange.getbundle.
#
# supported types are:
#
# :nodes: list of binary nodes
# :csv: list of comma-separated values
# :scsv: list of comma-separated values return as set
# :plain: string with no transformation needed.
GETBUNDLE_ARGUMENTS = {
'heads': 'nodes',
'bookmarks': 'boolean',
'common': 'nodes',
'obsmarkers': 'boolean',
'phases': 'boolean',
'bundlecaps': 'scsv',
'listkeys': 'csv',
'cg': 'boolean',
'cbattempted': 'boolean',
'stream': 'boolean',
}
Gregory Szorc
interfaceutil: module to stub out zope.interface...
r37828 class baseprotocolhandler(interfaceutil.Interface):
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """Abstract base class for wire protocol handlers.
A wire protocol handler serves as an interface between protocol command
handlers and the wire protocol transport layer. Protocol handlers provide
methods to read command arguments, redirect stdio for the duration of
the request, handle response types, etc.
"""
Gregory Szorc
interfaceutil: module to stub out zope.interface...
r37828 name = interfaceutil.Attribute(
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """The name of the protocol implementation.
Used for uniquely identifying the transport type.
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 """)
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 def getargs(args):
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """return the value for arguments in <args>
Gregory Szorc
wireproto: port heads command to wire protocol v2...
r37503 For version 1 transports, returns a list of values in the same
order they appear in ``args``. For version 2 transports, returns
a dict mapping argument name to value.
"""
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389
Joerg Sonnenberger
wireproto: provide accessors for client capabilities...
r37411 def getprotocaps():
"""Returns the list of protocol-level capabilities of client
Returns a list of capabilities as declared by the client for
the current request (or connection for stateful protocol handlers)."""
Joerg Sonnenberger
wireproto: allow direct stream processing for unbundle...
r37432 def getpayload():
"""Provide a generator for the raw payload.
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389
Joerg Sonnenberger
wireproto: allow direct stream processing for unbundle...
r37432 The caller is responsible for ensuring that the full payload is
processed.
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 def mayberedirectstdio():
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """Context manager to possibly redirect stdio.
The context manager yields a file-object like object that receives
stdout and stderr output when the context manager is active. Or it
yields ``None`` if no I/O redirection occurs.
The intent of this context manager is to capture stdio output
so it may be sent in the response. Some transports support streaming
stdio to the client in real time. For these transports, stdio output
won't be captured.
"""
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 def client():
Gregory Szorc
wireprototypes: move baseprotocolhandler from wireprotoserver...
r36389 """Returns a string representation of this client (as bytes)."""
Gregory Szorc
wireproto: add transport specific capabilities in the transport...
r36631
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 def addcapabilities(repo, caps):
Gregory Szorc
wireproto: add transport specific capabilities in the transport...
r36631 """Adds advertised capabilities specific to this protocol.
Receives the list of capabilities collected so far.
Returns a list of capabilities. The passed in argument can be returned.
"""
Gregory Szorc
wireproto: formalize permissions checking as part of protocol interface...
r36819
Gregory Szorc
wireproto: port protocol handler to zope.interface...
r37312 def checkperm(perm):
Gregory Szorc
wireproto: formalize permissions checking as part of protocol interface...
r36819 """Validate that the client has permissions to perform a request.
The argument is the permission required to proceed. If the client
doesn't have that permission, the exception should raise or abort
in a protocol specific manner.
"""
Gregory Szorc
wireproto: move command registration types to wireprototypes...
r37799
class commandentry(object):
"""Represents a declared wire protocol command."""
def __init__(self, func, args='', transports=None,
Gregory Szorc
wireprotov2: support response caching...
r40057 permission='push', cachekeyfn=None):
Gregory Szorc
wireproto: move command registration types to wireprototypes...
r37799 self.func = func
self.args = args
self.transports = transports or set()
self.permission = permission
Gregory Szorc
wireprotov2: support response caching...
r40057 self.cachekeyfn = cachekeyfn
Gregory Szorc
wireproto: move command registration types to wireprototypes...
r37799
def _merge(self, func, args):
"""Merge this instance with an incoming 2-tuple.
This is called when a caller using the old 2-tuple API attempts
to replace an instance. The incoming values are merged with
data not captured by the 2-tuple and a new instance containing
the union of the two objects is returned.
"""
return commandentry(func, args=args, transports=set(self.transports),
permission=self.permission)
# Old code treats instances as 2-tuples. So expose that interface.
def __iter__(self):
yield self.func
yield self.args
def __getitem__(self, i):
if i == 0:
return self.func
elif i == 1:
return self.args
else:
raise IndexError('can only access elements 0 and 1')
class commanddict(dict):
"""Container for registered wire protocol commands.
It behaves like a dict. But __setitem__ is overwritten to allow silent
coercion of values from 2-tuples for API compatibility.
"""
def __setitem__(self, k, v):
if isinstance(v, commandentry):
pass
# Cast 2-tuples to commandentry instances.
elif isinstance(v, tuple):
if len(v) != 2:
raise ValueError('command tuples must have exactly 2 elements')
# It is common for extensions to wrap wire protocol commands via
# e.g. ``wireproto.commands[x] = (newfn, args)``. Because callers
# doing this aren't aware of the new API that uses objects to store
# command entries, we automatically merge old state with new.
if k in self:
v = self[k]._merge(v[0], v[1])
else:
# Use default values from @wireprotocommand.
v = commandentry(v[0], args=v[1],
transports=set(TRANSPORTS),
permission='push')
else:
raise ValueError('command entries must be commandentry instances '
'or 2-tuples')
return super(commanddict, self).__setitem__(k, v)
def commandavailable(self, command, proto):
"""Determine if a command is available for the requested protocol."""
assert proto.name in TRANSPORTS
entry = self.get(command)
if not entry:
return False
if proto.name not in entry.transports:
return False
return True
Gregory Szorc
wireproto: move supportedcompengines out of wireproto...
r37801
def supportedcompengines(ui, role):
"""Obtain the list of supported compression engines for a request."""
assert role in (util.CLIENTROLE, util.SERVERROLE)
compengines = util.compengines.supportedwireengines(role)
# Allow config to override default list and ordering.
if role == util.SERVERROLE:
configengines = ui.configlist('server', 'compressionengines')
config = 'server.compressionengines'
else:
# This is currently implemented mainly to facilitate testing. In most
# cases, the server should be in charge of choosing a compression engine
# because a server has the most to lose from a sub-optimal choice. (e.g.
# CPU DoS due to an expensive engine or a network DoS due to poor
# compression ratio).
configengines = ui.configlist('experimental',
'clientcompressionengines')
config = 'experimental.clientcompressionengines'
# No explicit config. Filter out the ones that aren't supposed to be
# advertised and return default ordering.
if not configengines:
attr = 'serverpriority' if role == util.SERVERROLE else 'clientpriority'
return [e for e in compengines
if getattr(e.wireprotosupport(), attr) > 0]
# If compression engines are listed in the config, assume there is a good
# reason for it (like server operators wanting to achieve specific
# performance characteristics). So fail fast if the config references
# unusable compression engines.
validnames = set(e.name() for e in compengines)
invalidnames = set(e for e in configengines if e not in validnames)
if invalidnames:
raise error.Abort(_('invalid compression engine defined in %s: %s') %
(config, ', '.join(sorted(invalidnames))))
compengines = [e for e in compengines if e.name() in configengines]
compengines = sorted(compengines,
key=lambda e: configengines.index(e.name()))
if not compengines:
raise error.Abort(_('%s config option does not specify any known '
'compression engines') % config,
hint=_('usable compression engines: %s') %
', '.sorted(validnames))
return compengines
Gregory Szorc
wireprotov2: define type to represent pre-encoded object...
r40056
@attr.s
class encodedresponse(object):
"""Represents response data that is already content encoded.
Wire protocol version 2 only.
Commands typically emit Python objects that are encoded and sent over the
wire. If commands emit an object of this type, the encoding step is bypassed
and the content from this object is used instead.
"""
data = attr.ib()
Gregory Szorc
wireprotov2: server support for sending content redirects...
r40061
@attr.s
class alternatelocationresponse(object):
"""Represents a response available at an alternate location.
Instances are sent in place of actual response objects when the server
is sending a "content redirect" response.
Only compatible with wire protocol version 2.
"""
url = attr.ib()
mediatype = attr.ib()
size = attr.ib(default=None)
fullhashes = attr.ib(default=None)
fullhashseed = attr.ib(default=None)
serverdercerts = attr.ib(default=None)
servercadercerts = attr.ib(default=None)