From 7051f86bb48dbd618a7422d469f3aae4c6f18008 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= Date: Thu, 31 Aug 2023 10:41:53 +0100 Subject: [PATCH] Fixed gitfs cachedir_basename to avoid hash collisions (#599) (bsc#1193948, bsc#1214797, CVE-2023-20898) Fix gitfs tests It's `gitfs` not `gtfs`, plus some code fixes and cleanup Signed-off-by: Pedro Algarvio fix doc wrap sha in base64 clean up cache name stop branch collision run pre Co-authored-by: cmcmarrow --- changelog/cve-2023-20898.security.md | 1 + salt/utils/gitfs.py | 83 ++++++- tests/pytests/unit/utils/test_gitfs.py | 255 +++++++++++++++++++++ tests/unit/utils/test_gitfs.py | 305 ++++++------------------- 4 files changed, 403 insertions(+), 241 deletions(-) create mode 100644 changelog/cve-2023-20898.security.md create mode 100644 tests/pytests/unit/utils/test_gitfs.py diff --git a/changelog/cve-2023-20898.security.md b/changelog/cve-2023-20898.security.md new file mode 100644 index 0000000000..44f1729192 --- /dev/null +++ b/changelog/cve-2023-20898.security.md @@ -0,0 +1 @@ +Fixed gitfs cachedir_basename to avoid hash collisions. Added MP Lock to gitfs. These changes should stop race conditions. diff --git a/salt/utils/gitfs.py b/salt/utils/gitfs.py index 38e84f38aa..af61aa0dda 100644 --- a/salt/utils/gitfs.py +++ b/salt/utils/gitfs.py @@ -3,6 +3,7 @@ Classes which provide the shared base for GitFS, git_pillar, and winrepo """ +import base64 import contextlib import copy import errno @@ -11,10 +12,12 @@ import glob import hashlib import io import logging +import multiprocessing import os import shlex import shutil import stat +import string import subprocess import time import weakref @@ -22,6 +25,7 @@ from datetime import datetime import salt.ext.tornado.ioloop import salt.fileserver +import salt.syspaths import salt.utils.configparser import salt.utils.data import salt.utils.files @@ -34,7 +38,6 @@ import salt.utils.stringutils import salt.utils.url import salt.utils.user import salt.utils.versions -import salt.syspaths from salt.config import DEFAULT_MASTER_OPTS as _DEFAULT_MASTER_OPTS from salt.exceptions import FileserverConfigError, GitLockError, get_error_message from salt.utils.event import tagify @@ -226,6 +229,10 @@ class GitProvider: invoking the parent class' __init__. """ + # master lock should only be locked for very short periods of times "seconds" + # the master lock should be used when ever git provider reads or writes to one if it locks + _master_lock = multiprocessing.Lock() + def __init__( self, opts, @@ -452,13 +459,44 @@ class GitProvider: failhard(self.role) hash_type = getattr(hashlib, self.opts.get("hash_type", "md5")) + # Generate full id. + # Full id helps decrease the chances of collections in the gitfs cache. + try: + target = str(self.get_checkout_target()) + except AttributeError: + target = "" + self._full_id = "-".join( + [ + getattr(self, "name", ""), + self.id, + getattr(self, "env", ""), + getattr(self, "_root", ""), + self.role, + getattr(self, "base", ""), + getattr(self, "branch", ""), + target, + ] + ) # We loaded this data from yaml configuration files, so, its safe # to use UTF-8 - self.hash = hash_type(self.id.encode("utf-8")).hexdigest() - self.cachedir_basename = getattr(self, "name", self.hash) + base64_hash = str( + base64.b64encode(hash_type(self._full_id.encode("utf-8")).digest()), + encoding="ascii", # base64 only outputs ascii + ).replace( + "/", "_" + ) # replace "/" with "_" to not cause trouble with file system + + # limit name length to 19, so we don't eat up all the path length for windows + # this is due to pygit2 limitations + # replace any unknown char with "_" to not cause trouble with file system + name_chars = string.ascii_letters + string.digits + "-" + cache_name = "".join( + c if c in name_chars else "_" for c in getattr(self, "name", "")[:19] + ) + + self.cachedir_basename = f"{cache_name}-{base64_hash}" self.cachedir = salt.utils.path.join(cache_root, self.cachedir_basename) self.linkdir = salt.utils.path.join(cache_root, "links", self.cachedir_basename) - if not os.path.isdir(self.cachedir): os.makedirs(self.cachedir) @@ -473,6 +511,12 @@ class GitProvider: log.critical(msg, exc_info=True) failhard(self.role) + def full_id(self): + return self._full_id + + def get_cachedir_basename(self): + return self.cachedir_basename + def _get_envs_from_ref_paths(self, refs): """ Return the names of remote refs (stripped of the remote name) and tags @@ -663,6 +707,19 @@ class GitProvider: """ Clear update.lk """ + if self.__class__._master_lock.acquire(timeout=60) is False: + # if gitfs works right we should never see this timeout error. + log.error("gitfs master lock timeout!") + raise TimeoutError("gitfs master lock timeout!") + try: + return self._clear_lock(lock_type) + finally: + self.__class__._master_lock.release() + + def _clear_lock(self, lock_type="update"): + """ + Clear update.lk without MultiProcessing locks + """ lock_file = self._get_lock_file(lock_type=lock_type) def _add_error(errlist, exc): @@ -838,6 +895,20 @@ class GitProvider: """ Place a lock file if (and only if) it does not already exist. """ + if self.__class__._master_lock.acquire(timeout=60) is False: + # if gitfs works right we should never see this timeout error. + log.error("gitfs master lock timeout!") + raise TimeoutError("gitfs master lock timeout!") + try: + return self.__lock(lock_type, failhard) + finally: + self.__class__._master_lock.release() + + def __lock(self, lock_type="update", failhard=False): + """ + Place a lock file if (and only if) it does not already exist. + Without MultiProcessing locks. + """ try: fh_ = os.open( self._get_lock_file(lock_type), os.O_CREAT | os.O_EXCL | os.O_WRONLY @@ -904,9 +975,9 @@ class GitProvider: lock_type, lock_file, ) - success, fail = self.clear_lock() + success, fail = self._clear_lock() if success: - return self._lock(lock_type="update", failhard=failhard) + return self.__lock(lock_type="update", failhard=failhard) elif failhard: raise return diff --git a/tests/pytests/unit/utils/test_gitfs.py b/tests/pytests/unit/utils/test_gitfs.py new file mode 100644 index 0000000000..e9915de412 --- /dev/null +++ b/tests/pytests/unit/utils/test_gitfs.py @@ -0,0 +1,255 @@ +import os +import string +import time + +import pytest + +import salt.fileserver.gitfs +import salt.utils.gitfs +from salt.exceptions import FileserverConfigError +from tests.support.helpers import patched_environ +from tests.support.mock import MagicMock, patch + +try: + HAS_PYGIT2 = ( + salt.utils.gitfs.PYGIT2_VERSION + and salt.utils.gitfs.PYGIT2_VERSION >= salt.utils.gitfs.PYGIT2_MINVER + and salt.utils.gitfs.LIBGIT2_VERSION + and salt.utils.gitfs.LIBGIT2_VERSION >= salt.utils.gitfs.LIBGIT2_MINVER + ) +except AttributeError: + HAS_PYGIT2 = False + + +if HAS_PYGIT2: + import pygit2 + + +@pytest.mark.parametrize( + "role_name,role_class", + ( + ("gitfs", salt.utils.gitfs.GitFS), + ("git_pillar", salt.utils.gitfs.GitPillar), + ("winrepo", salt.utils.gitfs.WinRepo), + ), +) +def test_provider_case_insensitive_gitfs_provider(minion_opts, role_name, role_class): + """ + Ensure that both lowercase and non-lowercase values are supported + """ + provider = "GitPython" + key = "{}_provider".format(role_name) + with patch.object(role_class, "verify_gitpython", MagicMock(return_value=True)): + with patch.object(role_class, "verify_pygit2", MagicMock(return_value=False)): + args = [minion_opts, {}] + kwargs = {"init_remotes": False} + if role_name == "winrepo": + kwargs["cache_root"] = "/tmp/winrepo-dir" + with patch.dict(minion_opts, {key: provider}): + # Try to create an instance with uppercase letters in + # provider name. If it fails then a + # FileserverConfigError will be raised, so no assert is + # necessary. + role_class(*args, **kwargs) + # Now try to instantiate an instance with all lowercase + # letters. Again, no need for an assert here. + role_class(*args, **kwargs) + + +@pytest.mark.parametrize( + "role_name,role_class", + ( + ("gitfs", salt.utils.gitfs.GitFS), + ("git_pillar", salt.utils.gitfs.GitPillar), + ("winrepo", salt.utils.gitfs.WinRepo), + ), +) +def test_valid_provider_gitfs_provider(minion_opts, role_name, role_class): + """ + Ensure that an invalid provider is not accepted, raising a + FileserverConfigError. + """ + + def _get_mock(verify, provider): + """ + Return a MagicMock with the desired return value + """ + return MagicMock(return_value=verify.endswith(provider)) + + key = "{}_provider".format(role_name) + for provider in salt.utils.gitfs.GIT_PROVIDERS: + verify = "verify_gitpython" + mock1 = _get_mock(verify, provider) + with patch.object(role_class, verify, mock1): + verify = "verify_pygit2" + mock2 = _get_mock(verify, provider) + with patch.object(role_class, verify, mock2): + args = [minion_opts, {}] + kwargs = {"init_remotes": False} + if role_name == "winrepo": + kwargs["cache_root"] = "/tmp/winrepo-dir" + with patch.dict(minion_opts, {key: provider}): + role_class(*args, **kwargs) + with patch.dict(minion_opts, {key: "foo"}): + # Set the provider name to a known invalid provider + # and make sure it raises an exception. + with pytest.raises(FileserverConfigError): + role_class(*args, **kwargs) + + +@pytest.fixture +def _prepare_remote_repository_pygit2(tmp_path): + remote = os.path.join(tmp_path, "pygit2-repo") + filecontent = "This is an empty README file" + filename = "README" + signature = pygit2.Signature( + "Dummy Commiter", "dummy@dummy.com", int(time.time()), 0 + ) + repository = pygit2.init_repository(remote, False) + builder = repository.TreeBuilder() + tree = builder.write() + commit = repository.create_commit( + "HEAD", signature, signature, "Create master branch", tree, [] + ) + repository.create_reference("refs/tags/simple_tag", commit) + with salt.utils.files.fopen( + os.path.join(repository.workdir, filename), "w" + ) as file: + file.write(filecontent) + blob = repository.create_blob_fromworkdir(filename) + builder = repository.TreeBuilder() + builder.insert(filename, blob, pygit2.GIT_FILEMODE_BLOB) + tree = builder.write() + repository.index.read() + repository.index.add(filename) + repository.index.write() + commit = repository.create_commit( + "HEAD", + signature, + signature, + "Added a README", + tree, + [repository.head.target], + ) + repository.create_tag( + "annotated_tag", commit, pygit2.GIT_OBJ_COMMIT, signature, "some message" + ) + return remote + + +@pytest.fixture +def _prepare_provider(tmp_path, minion_opts, _prepare_remote_repository_pygit2): + cache = tmp_path / "pygit2-repo-cache" + minion_opts.update( + { + "cachedir": str(cache), + "gitfs_disable_saltenv_mapping": False, + "gitfs_base": "master", + "gitfs_insecure_auth": False, + "gitfs_mountpoint": "", + "gitfs_passphrase": "", + "gitfs_password": "", + "gitfs_privkey": "", + "gitfs_provider": "pygit2", + "gitfs_pubkey": "", + "gitfs_ref_types": ["branch", "tag", "sha"], + "gitfs_refspecs": [ + "+refs/heads/*:refs/remotes/origin/*", + "+refs/tags/*:refs/tags/*", + ], + "gitfs_root": "", + "gitfs_saltenv_blacklist": [], + "gitfs_saltenv_whitelist": [], + "gitfs_ssl_verify": True, + "gitfs_update_interval": 3, + "gitfs_user": "", + "verified_gitfs_provider": "pygit2", + } + ) + per_remote_defaults = { + "base": "master", + "disable_saltenv_mapping": False, + "insecure_auth": False, + "ref_types": ["branch", "tag", "sha"], + "passphrase": "", + "mountpoint": "", + "password": "", + "privkey": "", + "pubkey": "", + "refspecs": [ + "+refs/heads/*:refs/remotes/origin/*", + "+refs/tags/*:refs/tags/*", + ], + "root": "", + "saltenv_blacklist": [], + "saltenv_whitelist": [], + "ssl_verify": True, + "update_interval": 60, + "user": "", + } + per_remote_only = ("all_saltenvs", "name", "saltenv") + override_params = tuple(per_remote_defaults) + cache_root = cache / "gitfs" + role = "gitfs" + provider = salt.utils.gitfs.Pygit2( + minion_opts, + _prepare_remote_repository_pygit2, + per_remote_defaults, + per_remote_only, + override_params, + str(cache_root), + role, + ) + return provider + + +@pytest.mark.skipif(not HAS_PYGIT2, reason="This host lacks proper pygit2 support") +@pytest.mark.skip_on_windows( + reason="Skip Pygit2 on windows, due to pygit2 access error on windows" +) +def test_checkout_pygit2(_prepare_provider): + provider = _prepare_provider + provider.remotecallbacks = None + provider.credentials = None + provider.init_remote() + provider.fetch() + provider.branch = "master" + assert provider.cachedir in provider.checkout() + provider.branch = "simple_tag" + assert provider.cachedir in provider.checkout() + provider.branch = "annotated_tag" + assert provider.cachedir in provider.checkout() + provider.branch = "does_not_exist" + assert provider.checkout() is None + + +@pytest.mark.skipif(not HAS_PYGIT2, reason="This host lacks proper pygit2 support") +@pytest.mark.skip_on_windows( + reason="Skip Pygit2 on windows, due to pygit2 access error on windows" +) +def test_checkout_pygit2_with_home_env_unset(_prepare_provider): + provider = _prepare_provider + provider.remotecallbacks = None + provider.credentials = None + with patched_environ(__cleanup__=["HOME"]): + assert "HOME" not in os.environ + provider.init_remote() + provider.fetch() + assert "HOME" in os.environ + + +def test_full_id_pygit2(_prepare_provider): + assert _prepare_provider.full_id().startswith("-") + assert _prepare_provider.full_id().endswith("/pygit2-repo---gitfs-master--") + + +@pytest.mark.skipif(not HAS_PYGIT2, reason="This host lacks proper pygit2 support") +@pytest.mark.skip_on_windows( + reason="Skip Pygit2 on windows, due to pygit2 access error on windows" +) +def test_get_cachedir_basename_pygit2(_prepare_provider): + basename = _prepare_provider.get_cachedir_basename() + assert len(basename) == 45 + assert basename[0] == "-" + # check that a valid base64 is given '/' -> '_' + assert all(c in string.ascii_letters + string.digits + "+_=" for c in basename[1:]) diff --git a/tests/unit/utils/test_gitfs.py b/tests/unit/utils/test_gitfs.py index 7c400b69af..6d8e97a239 100644 --- a/tests/unit/utils/test_gitfs.py +++ b/tests/unit/utils/test_gitfs.py @@ -2,37 +2,20 @@ These only test the provider selection and verification logic, they do not init any remotes. """ -import os -import shutil -from time import time + +import tempfile import pytest +import salt.ext.tornado.ioloop import salt.fileserver.gitfs import salt.utils.files import salt.utils.gitfs +import salt.utils.path import salt.utils.platform -import tests.support.paths -from salt.exceptions import FileserverConfigError -from tests.support.helpers import patched_environ from tests.support.mixins import AdaptedConfigurationTestCaseMixin -from tests.support.mock import MagicMock, patch from tests.support.unit import TestCase -try: - HAS_PYGIT2 = ( - salt.utils.gitfs.PYGIT2_VERSION - and salt.utils.gitfs.PYGIT2_VERSION >= salt.utils.gitfs.PYGIT2_MINVER - and salt.utils.gitfs.LIBGIT2_VERSION - and salt.utils.gitfs.LIBGIT2_VERSION >= salt.utils.gitfs.LIBGIT2_MINVER - ) -except AttributeError: - HAS_PYGIT2 = False - - -if HAS_PYGIT2: - import pygit2 - def _clear_instance_map(): try: @@ -45,6 +28,9 @@ def _clear_instance_map(): class TestGitBase(TestCase, AdaptedConfigurationTestCaseMixin): def setUp(self): + self._tmp_dir = tempfile.TemporaryDirectory() + tmp_name = self._tmp_dir.name + class MockedProvider( salt.utils.gitfs.GitProvider ): # pylint: disable=abstract-method @@ -71,6 +57,7 @@ class TestGitBase(TestCase, AdaptedConfigurationTestCaseMixin): ) def init_remote(self): + self.gitdir = salt.utils.path.join(tmp_name, ".git") self.repo = True new = False return new @@ -107,6 +94,7 @@ class TestGitBase(TestCase, AdaptedConfigurationTestCaseMixin): for remote in self.main_class.remotes: remote.fetched = False del self.main_class + self._tmp_dir.cleanup() def test_update_all(self): self.main_class.update() @@ -126,226 +114,73 @@ class TestGitBase(TestCase, AdaptedConfigurationTestCaseMixin): self.assertTrue(self.main_class.remotes[0].fetched) self.assertFalse(self.main_class.remotes[1].fetched) - -class TestGitFSProvider(TestCase): - def setUp(self): - self.opts = {"cachedir": "/tmp/gitfs-test-cache"} - - def tearDown(self): - self.opts = None - - def test_provider_case_insensitive(self): - """ - Ensure that both lowercase and non-lowercase values are supported - """ - provider = "GitPython" - for role_name, role_class in ( - ("gitfs", salt.utils.gitfs.GitFS), - ("git_pillar", salt.utils.gitfs.GitPillar), - ("winrepo", salt.utils.gitfs.WinRepo), - ): - - key = "{}_provider".format(role_name) - with patch.object( - role_class, "verify_gitpython", MagicMock(return_value=True) - ): - with patch.object( - role_class, "verify_pygit2", MagicMock(return_value=False) - ): - args = [self.opts, {}] - kwargs = {"init_remotes": False} - if role_name == "winrepo": - kwargs["cache_root"] = "/tmp/winrepo-dir" - with patch.dict(self.opts, {key: provider}): - # Try to create an instance with uppercase letters in - # provider name. If it fails then a - # FileserverConfigError will be raised, so no assert is - # necessary. - role_class(*args, **kwargs) - # Now try to instantiate an instance with all lowercase - # letters. Again, no need for an assert here. - role_class(*args, **kwargs) - - def test_valid_provider(self): - """ - Ensure that an invalid provider is not accepted, raising a - FileserverConfigError. - """ - - def _get_mock(verify, provider): - """ - Return a MagicMock with the desired return value - """ - return MagicMock(return_value=verify.endswith(provider)) - - for role_name, role_class in ( - ("gitfs", salt.utils.gitfs.GitFS), - ("git_pillar", salt.utils.gitfs.GitPillar), - ("winrepo", salt.utils.gitfs.WinRepo), - ): - key = "{}_provider".format(role_name) - for provider in salt.utils.gitfs.GIT_PROVIDERS: - verify = "verify_gitpython" - mock1 = _get_mock(verify, provider) - with patch.object(role_class, verify, mock1): - verify = "verify_pygit2" - mock2 = _get_mock(verify, provider) - with patch.object(role_class, verify, mock2): - args = [self.opts, {}] - kwargs = {"init_remotes": False} - if role_name == "winrepo": - kwargs["cache_root"] = "/tmp/winrepo-dir" - - with patch.dict(self.opts, {key: provider}): - role_class(*args, **kwargs) - - with patch.dict(self.opts, {key: "foo"}): - # Set the provider name to a known invalid provider - # and make sure it raises an exception. - self.assertRaises( - FileserverConfigError, role_class, *args, **kwargs - ) - - -@pytest.mark.skipif(not HAS_PYGIT2, reason="This host lacks proper pygit2 support") -@pytest.mark.skip_on_windows( - reason="Skip Pygit2 on windows, due to pygit2 access error on windows" -) -class TestPygit2(TestCase): - def _prepare_remote_repository(self, path): - shutil.rmtree(path, ignore_errors=True) - - filecontent = "This is an empty README file" - filename = "README" - - signature = pygit2.Signature( - "Dummy Commiter", "dummy@dummy.com", int(time()), 0 + def test_full_id(self): + self.assertEqual( + self.main_class.remotes[0].full_id(), "-file://repo1.git---gitfs-master--" ) - repository = pygit2.init_repository(path, False) - builder = repository.TreeBuilder() - tree = builder.write() - commit = repository.create_commit( - "HEAD", signature, signature, "Create master branch", tree, [] + def test_full_id_with_name(self): + self.assertEqual( + self.main_class.remotes[1].full_id(), + "repo2-file://repo2.git---gitfs-master--", ) - repository.create_reference("refs/tags/simple_tag", commit) - with salt.utils.files.fopen( - os.path.join(repository.workdir, filename), "w" - ) as file: - file.write(filecontent) - - blob = repository.create_blob_fromworkdir(filename) - builder = repository.TreeBuilder() - builder.insert(filename, blob, pygit2.GIT_FILEMODE_BLOB) - tree = builder.write() - - repository.index.read() - repository.index.add(filename) - repository.index.write() - - commit = repository.create_commit( - "HEAD", - signature, - signature, - "Added a README", - tree, - [repository.head.target], - ) - repository.create_tag( - "annotated_tag", commit, pygit2.GIT_OBJ_COMMIT, signature, "some message" + def test_get_cachedir_basename(self): + self.assertEqual( + self.main_class.remotes[0].get_cachedir_basename(), + "-jXhnbGDemchtZwTwaD2s6VOaVvs98a7w+AtiYlmOVb0=", ) - def _prepare_cache_repository(self, remote, cache): - opts = { - "cachedir": cache, - "__role": "minion", - "gitfs_disable_saltenv_mapping": False, - "gitfs_base": "master", - "gitfs_insecure_auth": False, - "gitfs_mountpoint": "", - "gitfs_passphrase": "", - "gitfs_password": "", - "gitfs_privkey": "", - "gitfs_provider": "pygit2", - "gitfs_pubkey": "", - "gitfs_ref_types": ["branch", "tag", "sha"], - "gitfs_refspecs": [ - "+refs/heads/*:refs/remotes/origin/*", - "+refs/tags/*:refs/tags/*", - ], - "gitfs_root": "", - "gitfs_saltenv_blacklist": [], - "gitfs_saltenv_whitelist": [], - "gitfs_ssl_verify": True, - "gitfs_update_interval": 3, - "gitfs_user": "", - "verified_gitfs_provider": "pygit2", - } - per_remote_defaults = { - "base": "master", - "disable_saltenv_mapping": False, - "insecure_auth": False, - "ref_types": ["branch", "tag", "sha"], - "passphrase": "", - "mountpoint": "", - "password": "", - "privkey": "", - "pubkey": "", - "refspecs": [ - "+refs/heads/*:refs/remotes/origin/*", - "+refs/tags/*:refs/tags/*", - ], - "root": "", - "saltenv_blacklist": [], - "saltenv_whitelist": [], - "ssl_verify": True, - "update_interval": 60, - "user": "", - } - per_remote_only = ("all_saltenvs", "name", "saltenv") - override_params = tuple(per_remote_defaults.keys()) - cache_root = os.path.join(cache, "gitfs") - role = "gitfs" - shutil.rmtree(cache_root, ignore_errors=True) - provider = salt.utils.gitfs.Pygit2( - opts, - remote, - per_remote_defaults, - per_remote_only, - override_params, - cache_root, - role, + def test_get_cachedir_base_with_name(self): + self.assertEqual( + self.main_class.remotes[1].get_cachedir_basename(), + "repo2-nuezpiDtjQRFC0ZJDByvi+F6Vb8ZhfoH41n_KFxTGsU=", ) - return provider - def test_checkout(self): - remote = os.path.join(tests.support.paths.TMP, "pygit2-repo") - cache = os.path.join(tests.support.paths.TMP, "pygit2-repo-cache") - self._prepare_remote_repository(remote) - provider = self._prepare_cache_repository(remote, cache) - provider.remotecallbacks = None - provider.credentials = None - provider.init_remote() - provider.fetch() - provider.branch = "master" - self.assertIn(provider.cachedir, provider.checkout()) - provider.branch = "simple_tag" - self.assertIn(provider.cachedir, provider.checkout()) - provider.branch = "annotated_tag" - self.assertIn(provider.cachedir, provider.checkout()) - provider.branch = "does_not_exist" - self.assertIsNone(provider.checkout()) + def test_git_provider_mp_lock(self): + """ + Check that lock is released after provider.lock() + """ + provider = self.main_class.remotes[0] + provider.lock() + # check that lock has been released + self.assertTrue(provider._master_lock.acquire(timeout=5)) + provider._master_lock.release() - def test_checkout_with_home_env_unset(self): - remote = os.path.join(tests.support.paths.TMP, "pygit2-repo") - cache = os.path.join(tests.support.paths.TMP, "pygit2-repo-cache") - self._prepare_remote_repository(remote) - provider = self._prepare_cache_repository(remote, cache) - provider.remotecallbacks = None - provider.credentials = None - with patched_environ(__cleanup__=["HOME"]): - self.assertTrue("HOME" not in os.environ) - provider.init_remote() - provider.fetch() - self.assertTrue("HOME" in os.environ) + def test_git_provider_mp_clear_lock(self): + """ + Check that lock is released after provider.clear_lock() + """ + provider = self.main_class.remotes[0] + provider.clear_lock() + # check that lock has been released + self.assertTrue(provider._master_lock.acquire(timeout=5)) + provider._master_lock.release() + + @pytest.mark.slow_test + def test_git_provider_mp_lock_timeout(self): + """ + Check that lock will time out if master lock is locked. + """ + provider = self.main_class.remotes[0] + # Hijack the lock so git provider is fooled into thinking another instance is doing somthing. + self.assertTrue(provider._master_lock.acquire(timeout=5)) + try: + # git provider should raise timeout error to avoid lock race conditions + self.assertRaises(TimeoutError, provider.lock) + finally: + provider._master_lock.release() + + @pytest.mark.slow_test + def test_git_provider_mp_clear_lock_timeout(self): + """ + Check that clear lock will time out if master lock is locked. + """ + provider = self.main_class.remotes[0] + # Hijack the lock so git provider is fooled into thinking another instance is doing somthing. + self.assertTrue(provider._master_lock.acquire(timeout=5)) + try: + # git provider should raise timeout error to avoid lock race conditions + self.assertRaises(TimeoutError, provider.clear_lock) + finally: + provider._master_lock.release() -- 2.41.0