Mercurial Mercurial > hg-stable / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-hup.t
author Mike Edgar <adgar@google.com>
Wed, 03 Sep 2014 22:14:20 -0400
changeset 22596 27e2317efe89
parent 22046 7a9cbb315d84
child 23277 581d3bc03aad
permissions -rw-r--r--
filelog: raise CensoredNodeError when hash checks fail with censor metadata With this change, when a revlog revision hash does not match its content, and the content is empty with a special metadata key, the integrity failure is assumed to be intentionally caused to remove sensitive content from repository history. To allow different Mercurial functionality to handle this scenario differently a more specific exception is raised than "ordinary" hash failures. Alternatives to this approach include, but are not limited to: - Calling a hook when hashes mismatch to allow arbitrary tombstone validation. Cons: Irresponsibly easy to disable integrity checking altogether. - Returning empty revision data eagerly instead of raising, masking the error. Cons: Push/pull won't roundtrip the tombstone, so client repos are unusable. - Doing nothing differently at this layer. Callers must do their own detection of tombstoned data if they want to handle some hash checks and not others. - Impacts dozens of callsites, many of which don't have the revision data - Would probably be missing one or two callsites at any given time - Currently we throw a RevlogError, as do 12 other places in revlog.py. Callers would need to parse the exception message and/or ensure RevlogError is not thrown from any other part of their call tree.

#require serve fifo

Test hangup signal in the middle of transaction

  $ hg init
  $ mkfifo p
  $ hg serve --stdio < p 1>out 2>&1 &
  $ P=$!

Do test while holding fifo open

  $ (
  > echo lock
  > echo addchangegroup
  > start=`date +%s`
  > # 10 second seems much enough to let the server catch up
  > deadline=`expr $start + 10`
  > while [ ! -s .hg/store/journal ]; do
  >     sleep 0;
  >     if [ `date +%s` -gt $deadline ]; then
  >         echo "transaction did not start after 10 seconds" >&2;
  >         exit 1;
  >     fi
  > done
  > kill -HUP $P
  > ) > p

  $ wait
  $ cat out
  0
  0
  adding changesets
  transaction abort!
  rollback completed
  killed!

  $ echo .hg/* .hg/store/*
  .hg/00changelog.i .hg/journal.bookmarks .hg/journal.branch .hg/journal.desc .hg/journal.dirstate .hg/requires .hg/store .hg/store/00changelog.i .hg/store/00changelog.i.a .hg/store/journal.phaseroots
hg-stable