derivepassphrase bug concurrency-audit¶
Bug details: Audit derivepassphrase for concurrency/thread-safety issues
| Class | bug | This is clearly an actual problem we want fixed. |
|---|---|---|
| Priority | high | This should be fixed in the next release. |
| Difficulty | tricky | Needs many tuits. |
| Present-in | 0.1.0 0.1.1 0.1.2 0.2.0 0.3.0 0.3.1 0.3.2 0.3.3 0.4.0 | |
| Fixed-in | a4ad05723414662d9df1607034c5dd7d646f1b49 (0.5) | |
| Blocks | concurrency-testing-in-test-suite | |
derivepassphrase is not explicitly written with concurrency in mind. This may come around to bite us when the “free-threaded“ build of Python no becomes a main feature.
Irrespective of that, it is a good idea anyway to have a clear picture on which parts of derivepassphrase are not threadsafe, and to which degree.
Therefore, audit derivepassphrase for concurrency/thread-safety issues.
Off the top of my head, the main parts of derivepassphrase in the export and vault subcommands each construct their own data and only compute a result or read from the data, so there are no read-write or write-write dependencies.
The exceptions to this are the global logging and warnings handlers, which modify global state, and the --config option to vault, which writes back file contents.