##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

repoview: discard filtered changelog if index isn't shared with unfiltered...
repoview: discard filtered changelog if index isn't shared with unfiltered Before this patch, revisions rollbacked at failure of previous transaction might be visible at subsequent operations unintentionally, if repoview object is reused even after failure of transaction: e.g. command server and HTTP server are typical cases. 'repoview' uses the tuple of values below of unfiltered changelog as "the key" to examine validity of filtered changelog cache. - length - tip node - filtered revisions (as hashed value) - '_delayed' field 'repoview' compares between "the key" of unfiltered changelog at previous caching and now, and reuses filtered changelog cache if no change is detected. But this comparison indicates only that there is no change between unfiltered 'repo.changelog' at last caching and now, but not that filtered changelog cache is valid for current unfiltered one. 'repoview' uses "shallow copy" of unfiltered changelog to create filtered changelog cache. In this case, 'index' buffer of unfiltered changelog is also referred by filtered changelog. At failure of transaction, unfiltered changelog itself is invalidated (= un-referred) on the 'repo' side (see 0a7610758c42 also). But 'index' of it still contains revisions to be rollbacked at this failure, and is referred by filtered changelog. Therefore, even if there is no change between unfiltered 'repo.changelog' at last caching and now, steps below makes rollbacked revisions visible via filtered changelog unintentionally. 1. instantiate unfiltered changelog as 'repo.changelog' (call it CL1) 2. make filtered (= shallow copy of) CL1 (call it FCL1) 3. cache FCL1 with "the key" of CL1 4. revisions are appended to 'index', which is shared by CL1 and FCL1 5. invalidate 'repo.changelog' (= CL1) at failure of transaction 6. instantiate 'repo.changelog' again at next operation (call it CL2) CL2 doesn't have revisions added at (4), because it is instantiated from '00changelog.i', which isn't changed while failed transaction. 7. compare between "the key" of CL1 and CL2 8. FCL1 cached at (3) is reused, because comparison at (7) doesn't detect change between CL1 at (1) and CL2 9. revisions rollbacked at (5) are visible via FCL1 unintentionally, because FCL1 still refers 'index' changed at (4) The root cause of this issue is that there is no examination about validity of filtered changelog cache against current unfiltered one. This patch discards filtered changelog cache, if its 'index' object isn't shared with unfiltered one. BTW, at the time of this patch, redundant truncation of '00changelog.i' at failure of transaction (see 0a7610758c42 for detail) often prevents "hg serve" from making already rollbacked revisions visible, because updating timestamps of '00changelog.i' by truncation makes "hg serve" discard old repoview object with invalid filtered changelog cache. This is reason why this issue is overlooked before this patch, even though test-bundle2-exchange.t has tests in similar situation: failure of "hg push" via HTTP by pretxnclose hook on server side doesn't prevent subsequent commands from looking up outgoing revisions correctly. But timestamp on the filesystem doesn't have enough resolution for recent computation power, and it can't be assumed that this avoidance always works as expected. Therefore, without this patch, this issue might appear occasionally.
Gregory Szorc - - Load All Authors

File last commit:

r27619:10bed65e default
r28265:33292621 default
Show More
mail.py
334 lines | 12.0 KiB | text/x-python | PythonLexer
/ mercurial / mail.py
History | Annotation | Raw |Copy content |Copy permalink
# mail.py - mail sending bits for mercurial
#
# Copyright 2006 Matt Mackall <mpm@selenic.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
from __future__ import absolute_import, print_function
import email
import os
import quopri
import smtplib
import socket
import sys
import time
from .i18n import _
from . import (
encoding,
error,
sslutil,
util,
)
_oldheaderinit = email.Header.Header.__init__
def _unifiedheaderinit(self, *args, **kw):
"""
Python 2.7 introduces a backwards incompatible change
(Python issue1974, r70772) in email.Generator.Generator code:
pre-2.7 code passed "continuation_ws='\t'" to the Header
constructor, and 2.7 removed this parameter.
Default argument is continuation_ws=' ', which means that the
behavior is different in <2.7 and 2.7
We consider the 2.7 behavior to be preferable, but need
to have an unified behavior for versions 2.4 to 2.7
"""
# override continuation_ws
kw['continuation_ws'] = ' '
_oldheaderinit(self, *args, **kw)
email.Header.Header.__dict__['__init__'] = _unifiedheaderinit
class STARTTLS(smtplib.SMTP):
'''Derived class to verify the peer certificate for STARTTLS.
This class allows to pass any keyword arguments to SSL socket creation.
'''
def __init__(self, sslkwargs, **kwargs):
smtplib.SMTP.__init__(self, **kwargs)
self._sslkwargs = sslkwargs
def starttls(self, keyfile=None, certfile=None):
if not self.has_extn("starttls"):
msg = "STARTTLS extension not supported by server"
raise smtplib.SMTPException(msg)
(resp, reply) = self.docmd("STARTTLS")
if resp == 220:
self.sock = sslutil.wrapsocket(self.sock, keyfile, certfile,
**self._sslkwargs)
self.file = smtplib.SSLFakeFile(self.sock)
self.helo_resp = None
self.ehlo_resp = None
self.esmtp_features = {}
self.does_esmtp = 0
return (resp, reply)
class SMTPS(smtplib.SMTP):
'''Derived class to verify the peer certificate for SMTPS.
This class allows to pass any keyword arguments to SSL socket creation.
'''
def __init__(self, sslkwargs, keyfile=None, certfile=None, **kwargs):
self.keyfile = keyfile
self.certfile = certfile
smtplib.SMTP.__init__(self, **kwargs)
self.default_port = smtplib.SMTP_SSL_PORT
self._sslkwargs = sslkwargs
def _get_socket(self, host, port, timeout):
if self.debuglevel > 0:
print('connect:', (host, port), file=sys.stderr)
new_socket = socket.create_connection((host, port), timeout)
new_socket = sslutil.wrapsocket(new_socket,
self.keyfile, self.certfile,
**self._sslkwargs)
self.file = smtplib.SSLFakeFile(new_socket)
return new_socket
def _smtp(ui):
'''build an smtp connection and return a function to send mail'''
local_hostname = ui.config('smtp', 'local_hostname')
tls = ui.config('smtp', 'tls', 'none')
# backward compatible: when tls = true, we use starttls.
starttls = tls == 'starttls' or util.parsebool(tls)
smtps = tls == 'smtps'
if (starttls or smtps) and not util.safehasattr(socket, 'ssl'):
raise error.Abort(_("can't use TLS: Python SSL support not installed"))
mailhost = ui.config('smtp', 'host')
if not mailhost:
raise error.Abort(_('smtp.host not configured - cannot send mail'))
verifycert = ui.config('smtp', 'verifycert', 'strict')
if verifycert not in ['strict', 'loose']:
if util.parsebool(verifycert) is not False:
raise error.Abort(_('invalid smtp.verifycert configuration: %s')
% (verifycert))
verifycert = False
if (starttls or smtps) and verifycert:
sslkwargs = sslutil.sslkwargs(ui, mailhost)
else:
# 'ui' is required by sslutil.wrapsocket() and set by sslkwargs()
sslkwargs = {'ui': ui}
if smtps:
ui.note(_('(using smtps)\n'))
s = SMTPS(sslkwargs, local_hostname=local_hostname)
elif starttls:
s = STARTTLS(sslkwargs, local_hostname=local_hostname)
else:
s = smtplib.SMTP(local_hostname=local_hostname)
if smtps:
defaultport = 465
else:
defaultport = 25
mailport = util.getport(ui.config('smtp', 'port', defaultport))
ui.note(_('sending mail: smtp host %s, port %d\n') %
(mailhost, mailport))
s.connect(host=mailhost, port=mailport)
if starttls:
ui.note(_('(using starttls)\n'))
s.ehlo()
s.starttls()
s.ehlo()
if (starttls or smtps) and verifycert:
ui.note(_('(verifying remote certificate)\n'))
sslutil.validator(ui, mailhost)(s.sock, verifycert == 'strict')
username = ui.config('smtp', 'username')
password = ui.config('smtp', 'password')
if username and not password:
password = ui.getpass()
if username and password:
ui.note(_('(authenticating to mail server as %s)\n') %
(username))
try:
s.login(username, password)
except smtplib.SMTPException as inst:
raise error.Abort(inst)
def send(sender, recipients, msg):
try:
return s.sendmail(sender, recipients, msg)
except smtplib.SMTPRecipientsRefused as inst:
recipients = [r[1] for r in inst.recipients.values()]
raise error.Abort('\n' + '\n'.join(recipients))
except smtplib.SMTPException as inst:
raise error.Abort(inst)
return send
def _sendmail(ui, sender, recipients, msg):
'''send mail using sendmail.'''
program = ui.config('email', 'method', 'smtp')
cmdline = '%s -f %s %s' % (program, util.email(sender),
' '.join(map(util.email, recipients)))
ui.note(_('sending mail: %s\n') % cmdline)
fp = util.popen(cmdline, 'w')
fp.write(msg)
ret = fp.close()
if ret:
raise error.Abort('%s %s' % (
os.path.basename(program.split(None, 1)[0]),
util.explainexit(ret)[0]))
def _mbox(mbox, sender, recipients, msg):
'''write mails to mbox'''
fp = open(mbox, 'ab+')
# Should be time.asctime(), but Windows prints 2-characters day
# of month instead of one. Make them print the same thing.
date = time.strftime('%a %b %d %H:%M:%S %Y', time.localtime())
fp.write('From %s %s\n' % (sender, date))
fp.write(msg)
fp.write('\n\n')
fp.close()
def connect(ui, mbox=None):
'''make a mail connection. return a function to send mail.
call as sendmail(sender, list-of-recipients, msg).'''
if mbox:
open(mbox, 'wb').close()
return lambda s, r, m: _mbox(mbox, s, r, m)
if ui.config('email', 'method', 'smtp') == 'smtp':
return _smtp(ui)
return lambda s, r, m: _sendmail(ui, s, r, m)
def sendmail(ui, sender, recipients, msg, mbox=None):
send = connect(ui, mbox=mbox)
return send(sender, recipients, msg)
def validateconfig(ui):
'''determine if we have enough config data to try sending email.'''
method = ui.config('email', 'method', 'smtp')
if method == 'smtp':
if not ui.config('smtp', 'host'):
raise error.Abort(_('smtp specified as email transport, '
'but no smtp host configured'))
else:
if not util.findexe(method):
raise error.Abort(_('%r specified as email transport, '
'but not in PATH') % method)
def mimetextpatch(s, subtype='plain', display=False):
'''Return MIME message suitable for a patch.
Charset will be detected as utf-8 or (possibly fake) us-ascii.
Transfer encodings will be used if necessary.'''
cs = 'us-ascii'
if not display:
try:
s.decode('us-ascii')
except UnicodeDecodeError:
try:
s.decode('utf-8')
cs = 'utf-8'
except UnicodeDecodeError:
# We'll go with us-ascii as a fallback.
pass
return mimetextqp(s, subtype, cs)
def mimetextqp(body, subtype, charset):
'''Return MIME message.
Quoted-printable transfer encoding will be used if necessary.
'''
enc = None
for line in body.splitlines():
if len(line) > 950:
body = quopri.encodestring(body)
enc = "quoted-printable"
break
msg = email.MIMEText.MIMEText(body, subtype, charset)
if enc:
del msg['Content-Transfer-Encoding']
msg['Content-Transfer-Encoding'] = enc
return msg
def _charsets(ui):
'''Obtains charsets to send mail parts not containing patches.'''
charsets = [cs.lower() for cs in ui.configlist('email', 'charsets')]
fallbacks = [encoding.fallbackencoding.lower(),
encoding.encoding.lower(), 'utf-8']
for cs in fallbacks: # find unique charsets while keeping order
if cs not in charsets:
charsets.append(cs)
return [cs for cs in charsets if not cs.endswith('ascii')]
def _encode(ui, s, charsets):
'''Returns (converted) string, charset tuple.
Finds out best charset by cycling through sendcharsets in descending
order. Tries both encoding and fallbackencoding for input. Only as
last resort send as is in fake ascii.
Caveat: Do not use for mail parts containing patches!'''
try:
s.decode('ascii')
except UnicodeDecodeError:
sendcharsets = charsets or _charsets(ui)
for ics in (encoding.encoding, encoding.fallbackencoding):
try:
u = s.decode(ics)
except UnicodeDecodeError:
continue
for ocs in sendcharsets:
try:
return u.encode(ocs), ocs
except UnicodeEncodeError:
pass
except LookupError:
ui.warn(_('ignoring invalid sendcharset: %s\n') % ocs)
# if ascii, or all conversion attempts fail, send (broken) ascii
return s, 'us-ascii'
def headencode(ui, s, charsets=None, display=False):
'''Returns RFC-2047 compliant header from given string.'''
if not display:
# split into words?
s, cs = _encode(ui, s, charsets)
return str(email.Header.Header(s, cs))
return s
def _addressencode(ui, name, addr, charsets=None):
name = headencode(ui, name, charsets)
try:
acc, dom = addr.split('@')
acc = acc.encode('ascii')
dom = dom.decode(encoding.encoding).encode('idna')
addr = '%s@%s' % (acc, dom)
except UnicodeDecodeError:
raise error.Abort(_('invalid email address: %s') % addr)
except ValueError:
try:
# too strict?
addr = addr.encode('ascii')
except UnicodeDecodeError:
raise error.Abort(_('invalid local address: %s') % addr)
return email.Utils.formataddr((name, addr))
def addressencode(ui, address, charsets=None, display=False):
'''Turns address into RFC-2047 compliant header.'''
if display or not address:
return address or ''
name, addr = email.Utils.parseaddr(address)
return _addressencode(ui, name, addr, charsets)
def addrlistencode(ui, addrs, charsets=None, display=False):
'''Turns a list of addresses into a list of RFC-2047 compliant headers.
A single element of input list may contain multiple addresses, but output
always has one address per item'''
if display:
return [a.strip() for a in addrs if a.strip()]
result = []
for name, addr in email.Utils.getaddresses(addrs):
if name or addr:
result.append(_addressencode(ui, name, addr, charsets))
return result
def mimeencode(ui, s, charsets=None, display=False):
'''creates mime text object, encodes it if needed, and sets
charset and transfer-encoding accordingly.'''
cs = 'us-ascii'
if not display:
s, cs = _encode(ui, s, charsets)
return mimetextqp(s, 'plain', cs)