Mercurial > hg
view mercurial/lock.py @ 23834:bf07c19b4c82
https: support tls sni (server name indication) for https urls (issue3090)
SNI is a common way of sharing servers across multiple domains using separate
SSL certificates. As of Python 2.7.9 SSLContext has been backported from
Python 3. This patch changes sslutil's ssl_wrap_socket to use SSLContext and
take a server hostname as and argument. It also changes the url module to make
use of this argument.
The new code for 2.7.9 achieves it's task by attempting to get the SSLContext
object from the ssl module. If this fails the try/except goes back to what was
there before with the exception that the ssl_wrap_socket functions take a
server_hostname argument that doesn't get used. Assuming the SSLContext
exists, the arguments to wrap_socket at the module level are emulated on the
SSLContext. The SSLContext is initialized with the specified ssl_version. If
certfile is not None load_cert_chain is called with certfile and keyfile.
keyfile being None is not a problem, load_cert_chain will simply expect the
private key to be in the certificate file. verify_mode is set to cert_reqs. If
ca_certs is not None load_verify_locations is called with ca_certs as the
cafile. Finally the wrap_socket method of the SSLContext is called with the
socket and server hostname.
Finally, this fails test-check-commit-hg.t because the "new" function
ssl_wrap_socket has underscores in its names and underscores in its arguments.
All the underscore identifiers are taken from the other functions and as such
can't be changed to match naming conventions.
author | Alex Orange <crazycasta@gmail.com> |
---|---|
date | Mon, 12 Jan 2015 18:01:20 -0700 |
parents | f484be02bd35 |
children | 328739ea70c3 |
line wrap: on
line source
# lock.py - simple advisory locking scheme for mercurial # # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com> # # This software may be used and distributed according to the terms of the # GNU General Public License version 2 or any later version. import util, error import errno, os, socket, time import warnings class lock(object): '''An advisory lock held by one process to control access to a set of files. Non-cooperating processes or incorrectly written scripts can ignore Mercurial's locking scheme and stomp all over the repository, so don't do that. Typically used via localrepository.lock() to lock the repository store (.hg/store/) or localrepository.wlock() to lock everything else under .hg/.''' # lock is symlink on platforms that support it, file on others. # symlink is used because create of directory entry and contents # are atomic even over nfs. # old-style lock: symlink to pid # new-style lock: symlink to hostname:pid _host = None def __init__(self, vfs, file, timeout=-1, releasefn=None, desc=None): self.vfs = vfs self.f = file self.held = 0 self.timeout = timeout self.releasefn = releasefn self.desc = desc self.postrelease = [] self.pid = os.getpid() self.delay = self.lock() def __del__(self): if self.held: warnings.warn("use lock.release instead of del lock", category=DeprecationWarning, stacklevel=2) # ensure the lock will be removed # even if recursive locking did occur self.held = 1 self.release() def lock(self): timeout = self.timeout while True: try: self.trylock() return self.timeout - timeout except error.LockHeld, inst: if timeout != 0: time.sleep(1) if timeout > 0: timeout -= 1 continue raise error.LockHeld(errno.ETIMEDOUT, inst.filename, self.desc, inst.locker) def trylock(self): if self.held: self.held += 1 return if lock._host is None: lock._host = socket.gethostname() lockname = '%s:%s' % (lock._host, self.pid) while not self.held: try: self.vfs.makelock(lockname, self.f) self.held = 1 except (OSError, IOError), why: if why.errno == errno.EEXIST: locker = self.testlock() if locker is not None: raise error.LockHeld(errno.EAGAIN, self.vfs.join(self.f), self.desc, locker) else: raise error.LockUnavailable(why.errno, why.strerror, why.filename, self.desc) def testlock(self): """return id of locker if lock is valid, else None. If old-style lock, we cannot tell what machine locker is on. with new-style lock, if locker is on this machine, we can see if locker is alive. If locker is on this machine but not alive, we can safely break lock. The lock file is only deleted when None is returned. """ try: locker = self.vfs.readlock(self.f) except (OSError, IOError), why: if why.errno == errno.ENOENT: return None raise try: host, pid = locker.split(":", 1) except ValueError: return locker if host != lock._host: return locker try: pid = int(pid) except ValueError: return locker if util.testpid(pid): return locker # if locker dead, break lock. must do this with another lock # held, or can race and break valid lock. try: l = lock(self.vfs, self.f + '.break', timeout=0) self.vfs.unlink(self.f) l.release() except error.LockError: return locker def release(self): """release the lock and execute callback function if any If the lock has been acquired multiple times, the actual release is delayed to the last release call.""" if self.held > 1: self.held -= 1 elif self.held == 1: self.held = 0 if os.getpid() != self.pid: # we forked, and are not the parent return try: if self.releasefn: self.releasefn() finally: try: self.vfs.unlink(self.f) except OSError: pass for callback in self.postrelease: callback() def release(*locks): for lock in locks: if lock is not None: lock.release()