[PATCH 1 of 5] chgserver: add utilities to calculate confighash
yuya at tcha.org
Thu Feb 25 09:21:20 EST 2016
On Wed, 24 Feb 2016 22:30:12 +0000, Jun Wu wrote:
> # HG changeset patch
> # User Jun Wu <quark at fb.com>
> # Date 1456346139 0
> # Wed Feb 24 20:35:39 2016 +0000
> # Node ID fbc26e0249811675aaa764b7c74fabc46cd421e5
> # Parent 9c014b8b58c67018c6e5f897f1890162542868de
> chgserver: add utilities to calculate confighash
> confighash is the hash of sensitive config items like [extensions], and
> sensitive environment variables like HG*, LD_*, etc. The config items
> can come from global, user, repo config, and command line flags.
> For chgserver, it is designed that once confighash changes, the server is
> not qualified to serve its client and should redirect the client to a new
> server. The server does not need to exit in this case, since it can still
> be valid (have a matched confighash) to serve other chg clients.
> diff --git a/hgext/chgserver.py b/hgext/chgserver.py
> --- a/hgext/chgserver.py
> +++ b/hgext/chgserver.py
> @@ -30,6 +30,7 @@
> import SocketServer
> import errno
> +import hashlib
> import os
> import re
> import signal
> @@ -58,6 +59,36 @@
> _log = commandserver.log
> +def _hashlist(items):
> + """return sha256 hexdigest for a list"""
> + return hashlib.sha256(str(items)).hexdigest()
There are util.shaxxx functions, but sha256 isn't. Since we don't need
cryptographic strength of sha256, we can pick one from util.shaxxx.
> +# sensitive config sections affecting confighash
> +_configsections = ['extensions', 'extdiff', 'experimental']
Let's start with ['extensions']. The other sections would need detailed
comments. It's easy to add sections, but hard to remove them from the list.
> +# sensitive environment variables affecting confighash
> +_envre = re.compile('CHGHG|HG.*|LANG|LC_.*|LD.*|PATH|PYTHON.*|TERM(?:INFO)?'
> + '|TZ')
Missing '$' at the end?
re.match() passes if a string starts with the pattern, but you seem to expect
an exact match.
But both LANG and LANGUAGE need to be caught.
> +def _confighash(ui):
> + """return a quick hash for detecting config/env changes
> + confighash is the hash of sensitive config items and environment variables.
> + for chgserver, it is designed that once confighash changes, the server is
> + not qualified to serve its client and should redirect the client to a new
> + server. different from mtimehash, confighash change will not mark the
> + server outdated and exit since the user can have different configs at the
> + same time.
> + """
> + sectionitems = 
> + for section in _configsections:
> + sectionitems.append(sorted(ui.configitems(section)))
configitems() have a stable order. IIRC, we can't be 100% sure that the loading
order of extensions never change the behavior.
> + sectionhash = _hashlist(sectionitems)
> + envitems = [(k, v) for k, v in os.environ.items() if _envre.match(k)]
.iteritems() for now.
More information about the Mercurial-devel