pathutil: use temporary variables instead of complicated wrapping The one-lining did not help readability, we get rid of it.

context: use a the nofsauditor when matching file in history (issue4749) Before this change, asking for file from history (eg: 'hg cat -r 42 foo/bar') could fail because of the current content of the working copy (eg: current "foo" being a symlink). As the working copy state have no influence on the content of the history, we can safely skip these checks. The working copy context class have a different 'match' implementation. That implementation still use the repo.auditor will still catch symlink traversal. I've audited all stuff calling "match" and they all go through a ctx in a sensible way. The most unclear case was diff which still seemed okay. You raised my paranoid level today and I double checked through tests. They behave properly. The odds of someone using the wrong (matching with a changectx for operation that will eventually touch the file system) is non-zero because you are never sure of what people will do. But I dunno if we can fight against that. So I would not commit to "never" for "at this level" and "in the future" if someone write especially bad code. However, as a last defense, the vfs itself is running path auditor in all cases outside of .hg/. So I think anything passing the 'matcher' for buggy reason would growl at the vfs layer.

localrepo: add a second auditor without file system check Auditors keeps a cache of audited paths. Therefore we cannot use the same auditor for working copy and history operation. We create a new one without file system check for this purposes.

pathauditor: add a way to skip file system check We need to be able to skip it when looking at data within the history. Doing them in all cases leads to buggy behavior like issue4749.

pathauditor: move file system specific check in their own function This will make it easy to disable that part when not relevant (eg: auditing filename for operation in history)

contrib: disable SSLv3_method() to build old Python with recent libssl Because OpenSSL is compiled without SSLv3 support on Debian sid, Python 2.6.9 can't be built without this hack. Python 2.7 is patched appropriately, but 2.6 isn't. http://bugs.python.org/issue22935

rebase: only clear rebase status after the rebase transaction has completed In 405320cd6198, I made the mistake of moving the step "clearing the status after a rebase" to inside the rebase transaction. This was wrong, since we don't want to clear the status (and the rebase state) if something went wrong during the transaction: if something goes wrong we want to keep the rebase state to be able to abort. It broke rebase with evolve + inhibit.

dirstate: don't write repo.currenttransaction to repo.dirstate if repo is None (issue4983) Some hooks, such as post-init and post-clone, do not get a repo parameter in their environment. If there is no repo, there is no repo.currenttransaction(); attempting to retrieve it anyway was causing crashes. Now currenttransaction is only retrieved and written if the repo is not None.

tests: test changegroup generation for filtered changesets (issue4982) The test demonstrates the buggy behavior from issue4982 where the changegroup contains changesets it shouldn't.

parsers: fix parse_dirstate to check len before unpacking header (issue4979)

mercurial: support loading modules from zipimporter The previous refactor to module importing broke module loading when mercurial.* modules were loaded from a zipfile (using a zipimporter). This scenario is likely encountered when using py2exe. Supporting zipimporter and the traditional importer side-by-side turns out to be quite a pain. In Python 2.x, the standard, file-based import mechanism is partially implemented in C. The sys.meta_path and sys.path_hooks hook points exist to allow custom importers in Python/userland. zipimport.zipimporter and our "hgimporter" class from earlier in this patch series are 2 of these. In a standard Python installation (no matter if running in py2exe or similar or not), zipimport.zipimporter appears to be registered in sys.path_hooks. This means that as each sys.path entry is consulted, it will ask zipimporter if it supports that path and zipimporter will be used if that entry is a zip file. In a py2exe environment, sys.path contains an entry with the path to the zip file containing the Python standard library along with Mercurial's Python files. The way the importer mechanism works is the first importer that declares knowledge of a module (via find_module() returning an object) gets to load it. Since our "hgimporter" is registered in sys.meta_path and returns an interest in specific mercurial.* modules, the zipimporter registered on sys.path_hooks never comes into play for these modules. So, we need to be zipimporter aware and call into zipimporter to load modules. This patch teaches "hgimporter" how to call out into zipimporter when necessary. We detect the necessity of zipimporter by looking at the loader for the "mercurial" module. If it is a zipimporter instance, we load via zipimporter. The behavior of zipimporter is a bit wonky. You appear to need separate zipimporter instances for each directory in the zip file. I'm not sure why this is. I suspect it has something to do with the low-level importing mechanism (implemented in C) operating on a per-directory basis. PEP-302 makes some references to this. I was not able to get a zipimporter to import modules outside of its immediate directory no matter how I specified the module name. This is why we use separate zipimporter instances for the ".zip/mercurial" and ".zip/mercurial/pure" locations. The zipimporter documentation for Python 2.7 explicitly states that zipimporter does not import dynamic modules (C extensions). Yet from a py2exe distribution on Windows - where the .pyd files are *not* in the zip archive - zipimporter imported these dynamic modules just fine! I'm not sure if dynamic modules can't be imported from *inside* the zip archive or whether zipimporter looks for dynamic modules outside the zip archive. All I know is zipimporter does manage to import the .pyd files on Windows and this patch makes our new importer compatible with py2exe. In the ideal world, We'd probably reimplement or fall back to parts of the built-in import mechanism instead of handling zipimporter specially. After all, if we're loading Mercurial modules via something that isn't the built-in file-based importer or zipimporter, our custom importer will likely fail because it doesn't know how to call into it. I'd like to think that we'll never encounter this in the wild, but you never know. If we do encounter it, we can come up with another solution. It's worth nothing that Python 3 has moved a lot of the importing code from C to Python. Python 3 gives you near total control over the import mechanism. So in the very distant future when Mercurial drops Python 2 support, it's likely that our custom importer code can be refactored to something a bit saner.

mercurial: don't load C extensions from PyPy PyPy isn't compatible with Python C extensions. With this patch, the module load policy is automatically to "Python only" when run under PyPy. `hg` and other Python scripts importing mercurial.* modules will run from the source checkout or any installation when executed with PyPy. This should enable people to more easily experiment with PyPy and its potentially significant performance benefits over CPython!

mercurial: be more strict about loading dual implemented modules With this change in place, we should have slightly stronger guarantees about how modules with both Python and C implementations are loaded. Before, our module loader's default policy looked under both mercurial/* and mercurial/pure/* and imported whatever it found, C or pure. The fact it looked in both locations by default was a temporary regression from the beginning of this series. This patch does 2 things: 1) Changes the default module load policy to only load C modules 2) Verifies that files loaded from mercurial/* are actually C modules This 2nd behavior change makes our new module loading mechanism stricter than from before this series. Before, it was possible to load a .py-based module from mercurial/*. This could happen if an old installation orphaned a file and then somehow didn't install the C version for the new install. We now detect this odd configuration and fall back to loading the pure Python module, assuming it is allowed. In the case of a busted installation, we fail fast. While we could fall back, we explicitly decide not to do this because we don't want people accidentally not running the C modules and having slow performance as a result.

setup: refactor handling of modules with C/Python implementations Previously, .py files under mercurial/pure/ were copied to mercurial/* during installation if we were performing a pure Python installation. Now that the new import hooks and module load policy are in place, this hackery from the past is no longer necessary. With this patch, we stop copying modules from mercurial/pure/* to mercurial/*. Instead, we preserve the files at their original hierarchy, mirroring the source repository structure. In addition, we always install the pure modules. Before, we would only include the pure modules in the distribution/installation if the install-time settings requested a pure Python installation. The upside of this change is that CPython and PyPy can run from the same Mercurial installation, making packaging and distribution of Mercurial simpler. The inclusion of pure Python modules in the installation sounds risky, as it could lead to inadvertent loading of non-C modules. This shouldn't be a problem. The default module load policy is "C only" (or at least will be shortly) and the only way to load pure modules from an installation is if a) pure installation was requested b) the HGMODULELOADPOLICY overrides the requirement for C modules. The default module load policy as defined in source is a special string whose default value from the checkout is equivalent to the "C only" policy (again, not exactly the state right now). For pure installations, this default policy is not appropriate and will not work. This patch adds support for rewriting __init__.py during installation to reflect the module load policy that should be in place accoding to the installation settings. For default CPython installs, the value in the source file will change but there will be no functional change. For pure installations, the default policy will be set to "py," allowing them to work without having to set environment variables.

check-seclevel: set module load policy to Python only If we don't change this, the upcoming change to make the module loading policy only load C modules will cause this script to fail if run with CPython against an unbuilt source checkout.