upstream/mercurial-mirror Files · hgext/factotum.py

pathauditor: change parts verification order to be root first...

pathauditor: change parts verification order to be root first Previously, when we verified the parts of a path in the auditor, we would validate the deepest directory first, then it's parent, and so on up to the root. If there happened to be a symlink in the chain, that meant our first check would likely traverse that symlink. In some cases that symlink might point to a network filesystem that is expensive, and therefore this simple check could be very slow. The fix is to check the path parts starting at the root and working our way down. This has a minor performance difference in that we used to be able to short circuit from the audit if we reached a directory that had already been checked. Now we can't, but the cost is N dictionary look ups, where N is the number of parts in the path, which should be fairly minor.

Pierre-Yves David - - Load All Authors

File last commit:

r26587:56b2bcea default


                r28087:0b7ce0b1

default

Download file

             factotum.py
        
                    126 lines
            
             | 4.4 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / hgext / factotum.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # factotum.py - Plan 9 factotum integration for Mercurial

      #

      # Copyright (C) 2012 Steven Stallion <sstallion@gmail.com>

      #

      # This program is free software; you can redistribute it and/or modify it

      # under the terms of the GNU General Public License as published by the

      # Free Software Foundation; either version 2 of the License, or (at your

      # option) any later version.

      #

      # This program is distributed in the hope that it will be useful, but

      # WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General

      # Public License for more details.

      #

      # You should have received a copy of the GNU General Public License along

      # with this program; if not, write to the Free Software Foundation, Inc.,

      # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

      '''http authentication with factotum

      This extension allows the factotum(4) facility on Plan 9 from Bell Labs

      platforms to provide authentication information for HTTP access. Configuration

      entries specified in the auth section as well as authentication information

      provided in the repository URL are fully supported. If no prefix is specified,

      a value of "*" will be assumed.

      By default, keys are specified as::

        proto=pass service=hg prefix=<prefix> user=<username> !password=<password>

      If the factotum extension is unable to read the required key, one will be

      requested interactively.

      A configuration section is available to customize runtime behavior. By

      default, these entries are::

        [factotum]

        executable = /bin/auth/factotum

        mountpoint = /mnt/factotum

        service = hg

      The executable entry defines the full path to the factotum binary. The

      mountpoint entry defines the path to the factotum file service. Lastly, the

      service entry controls the service name used when reading keys.

      '''

      from mercurial.i18n import _

      from mercurial.url import passwordmgr

      from mercurial import httpconnection, error

      import os, urllib2

      ERRMAX = 128

      _executable = _mountpoint = _service = None

      def auth_getkey(self, params):

          if not self.ui.interactive():

              raise error.Abort(_('factotum not interactive'))

          if 'user=' not in params:

              params = '%s user?' % params

          params = '%s !password?' % params

          os.system("%s -g '%s'" % (_executable, params))

      def auth_getuserpasswd(self, getkey, params):

          params = 'proto=pass %s' % params

          while True:

              fd = os.open('%s/rpc' % _mountpoint, os.O_RDWR)

              try:

                  os.write(fd, 'start %s' % params)

                  l = os.read(fd, ERRMAX).split()

                  if l[0] == 'ok':

                      os.write(fd, 'read')

                      status, user, passwd = os.read(fd, ERRMAX).split(None, 2)

                      if status == 'ok':

                          if passwd.startswith("'"):

                              if passwd.endswith("'"):

                                  passwd = passwd[1:-1].replace("''", "'")

                              else:

                                  raise error.Abort(_('malformed password string'))

                          return (user, passwd)

              except (OSError, IOError):

                  raise error.Abort(_('factotum not responding'))

              finally:

                  os.close(fd)

              getkey(self, params)

      def monkeypatch_method(cls):

          def decorator(func):

              setattr(cls, func.__name__, func)

              return func

          return decorator

      @monkeypatch_method(passwordmgr)

      def find_user_password(self, realm, authuri):

          user, passwd = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(

              self, realm, authuri)

          if user and passwd:

              self._writedebug(user, passwd)

              return (user, passwd)

          prefix = ''

          res = httpconnection.readauthforuri(self.ui, authuri, user)

          if res:

              _, auth = res

              prefix = auth.get('prefix')

              user, passwd = auth.get('username'), auth.get('password')

          if not user or not passwd:

              if not prefix:

                  prefix = realm.split(' ')[0].lower()

              params = 'service=%s prefix=%s' % (_service, prefix)

              if user:

                  params = '%s user=%s' % (params, user)

              user, passwd = auth_getuserpasswd(self, auth_getkey, params)

          self.add_password(realm, authuri, user, passwd)

          self._writedebug(user, passwd)

          return (user, passwd)

      def uisetup(ui):

          global _executable

          _executable = ui.config('factotum', 'executable', '/bin/auth/factotum')

          global _mountpoint

          _mountpoint = ui.config('factotum', 'mountpoint', '/mnt/factotum')

          global _service

          _service = ui.config('factotum', 'service', 'hg')

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# factotum.py - Plan 9 factotum integration for Mercurial
				#
				# Copyright (C) 2012 Steven Stallion <sstallion@gmail.com>
				#
				# This program is free software; you can redistribute it and/or modify it
				# under the terms of the GNU General Public License as published by the
				# Free Software Foundation; either version 2 of the License, or (at your
				# option) any later version.
				#
				# This program is distributed in the hope that it will be useful, but
				# WITHOUT ANY WARRANTY; without even the implied warranty of
				# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
				# Public License for more details.
				#
				# You should have received a copy of the GNU General Public License along
				# with this program; if not, write to the Free Software Foundation, Inc.,
				# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

				'''http authentication with factotum

				This extension allows the factotum(4) facility on Plan 9 from Bell Labs
				platforms to provide authentication information for HTTP access. Configuration
				entries specified in the auth section as well as authentication information
				provided in the repository URL are fully supported. If no prefix is specified,
				a value of "*" will be assumed.

				By default, keys are specified as::

				proto=pass service=hg prefix=<prefix> user=<username> !password=<password>

				If the factotum extension is unable to read the required key, one will be
				requested interactively.

				A configuration section is available to customize runtime behavior. By
				default, these entries are::

				[factotum]
				executable = /bin/auth/factotum
				mountpoint = /mnt/factotum
				service = hg

				The executable entry defines the full path to the factotum binary. The
				mountpoint entry defines the path to the factotum file service. Lastly, the
				service entry controls the service name used when reading keys.

				'''

				from mercurial.i18n import _
				from mercurial.url import passwordmgr
				from mercurial import httpconnection, error
				import os, urllib2

				ERRMAX = 128

				_executable = _mountpoint = _service = None

				def auth_getkey(self, params):
				if not self.ui.interactive():
				raise error.Abort(_('factotum not interactive'))
				if 'user=' not in params:
				params = '%s user?' % params
				params = '%s !password?' % params
				os.system("%s -g '%s'" % (_executable, params))

				def auth_getuserpasswd(self, getkey, params):
				params = 'proto=pass %s' % params
				while True:
				fd = os.open('%s/rpc' % _mountpoint, os.O_RDWR)
				try:
				os.write(fd, 'start %s' % params)
				l = os.read(fd, ERRMAX).split()
				if l[0] == 'ok':
				os.write(fd, 'read')
				status, user, passwd = os.read(fd, ERRMAX).split(None, 2)
				if status == 'ok':
				if passwd.startswith("'"):
				if passwd.endswith("'"):
				passwd = passwd[1:-1].replace("''", "'")
				else:
				raise error.Abort(_('malformed password string'))
				return (user, passwd)
				except (OSError, IOError):
				raise error.Abort(_('factotum not responding'))
				finally:
				os.close(fd)
				getkey(self, params)

				def monkeypatch_method(cls):
				def decorator(func):
				setattr(cls, func.__name__, func)
				return func
				return decorator

				@monkeypatch_method(passwordmgr)
				def find_user_password(self, realm, authuri):
				user, passwd = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(
				self, realm, authuri)
				if user and passwd:
				self._writedebug(user, passwd)
				return (user, passwd)

				prefix = ''
				res = httpconnection.readauthforuri(self.ui, authuri, user)
				if res:
				_, auth = res
				prefix = auth.get('prefix')
				user, passwd = auth.get('username'), auth.get('password')
				if not user or not passwd:
				if not prefix:
				prefix = realm.split(' ')[0].lower()
				params = 'service=%s prefix=%s' % (_service, prefix)
				if user:
				params = '%s user=%s' % (params, user)
				user, passwd = auth_getuserpasswd(self, auth_getkey, params)

				self.add_password(realm, authuri, user, passwd)
				self._writedebug(user, passwd)
				return (user, passwd)

				def uisetup(ui):
				global _executable
				_executable = ui.config('factotum', 'executable', '/bin/auth/factotum')
				global _mountpoint
				_mountpoint = ui.config('factotum', 'mountpoint', '/mnt/factotum')
				global _service
				_service = ui.config('factotum', 'service', 'hg')