bundle2: avoid unbound read when seeking
Currently, seekableunbundlepart.seek() will perform a read() during
seek operations. This will allocate a buffer to hold the raw data
over the seek distance. This can lead to very large allocations
and cause performance to suffer.
We change the code to perform read(32768) in a loop to avoid
potentially large allocations.
`hg perfbundleread` on an uncompressed Firefox bundle reveals
a performance impact:
! bundle2 iterparts()
! wall 2.992605 comb 2.990000 user 2.260000 sys 0.730000 (best of 4)
! bundle2 iterparts() seekable
! wall 3.863810 comb 3.860000 user 3.000000 sys 0.860000 (best of 3)
! bundle2 part seek()
! wall 6.213387 comb 6.200000 user 3.350000 sys 2.850000 (best of 3)
! wall 3.820347 comb 3.810000 user 2.980000 sys 0.830000 (best of 3)
Since seekable bundle parts are (only) used by bundlerepo, this /may/
speed up initial loading of bundle-based repos. But any improvement
will likely only be noticed on very large bundles.
Differential Revision: https://phab.mercurial-scm.org/D1394
#!/usr/bin/env python
#
# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
#
# Author(s):
# Thomas Arendsen Hein <thomas@intevation.de>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
"""
hg-ssh - a wrapper for ssh access to a limited set of mercurial repos
To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
(probably together with these other useful options:
no-port-forwarding,no-X11-forwarding,no-agent-forwarding)
This allows pull/push over ssh from/to the repositories given as arguments.
If all your repositories are subdirectories of a common directory, you can
allow shorter paths with:
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"
You can use pattern matching of your normal shell, e.g.:
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
You can also add a --read-only flag to allow read-only access to a key, e.g.:
command="hg-ssh --read-only repos/*"
"""
from __future__ import absolute_import
import os
import shlex
import sys
# enable importing on demand to reduce startup time
import hgdemandimport ; hgdemandimport.enable()
from mercurial import (
dispatch,
ui as uimod,
)
def main():
cwd = os.getcwd()
readonly = False
args = sys.argv[1:]
while len(args):
if args[0] == '--read-only':
readonly = True
args.pop(0)
else:
break
allowed_paths = [os.path.normpath(os.path.join(cwd,
os.path.expanduser(path)))
for path in args]
orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
try:
cmdargv = shlex.split(orig_cmd)
except ValueError as e:
sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e))
sys.exit(255)
if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']:
path = cmdargv[2]
repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
if repo in allowed_paths:
cmd = ['-R', repo, 'serve', '--stdio']
req = dispatch.request(cmd)
if readonly:
if not req.ui:
req.ui = uimod.ui.load()
req.ui.setconfig('hooks', 'pretxnopen.hg-ssh',
'python:__main__.rejectpush', 'hg-ssh')
req.ui.setconfig('hooks', 'prepushkey.hg-ssh',
'python:__main__.rejectpush', 'hg-ssh')
dispatch.dispatch(req)
else:
sys.stderr.write('Illegal repository "%s"\n' % repo)
sys.exit(255)
else:
sys.stderr.write('Illegal command "%s"\n' % orig_cmd)
sys.exit(255)
def rejectpush(ui, **kwargs):
ui.warn(("Permission denied\n"))
# mercurial hooks use unix process conventions for hook return values
# so a truthy return means failure
return True
if __name__ == '__main__':
main()