calculate hashes on-the-fly (major speedup)

btv

@@ -213,9 +213,10 @@ def serialize(snap, outdir, key, snap_from=None):
 			
 			return 1
 	
+	## serialization (most expensive)
+	##
 	with lockfile(LOCKFILE):
-		## serialize each subvolume or subvolume pair
+
-		##
 		for subvolume in snap.subvolumes:
 			if snap_from:
 				btrfs_send = 'btrfs send -p "%s" "%s"' %(
@@ -227,30 +228,27 @@ def serialize(snap, outdir, key, snap_from=None):
 					os.path.join(snap.path, subvolume)
 				)
 			
-			error = os.system('%s | zstd | openssl enc -e -aes-256-cbc -pbkdf2 -salt -pass "file:%s" > "%s.btrfs.zst.aes"' %(
+			error = os.system('%s | zstd | openssl enc -e -aes-256-cbc -pbkdf2 -salt -pass "file:%s" | hash-pipe sha512 "%s.btrfs.zst.aes" "%s/manifest.sha512" > "%s.btrfs.zst.aes"' %(
 				btrfs_send,
 				cfg.get("crypto", "keyfile"),
+				subvolume,
+				directory,
 				os.path.join(directory, subvolume)
 			))
 			
 			if error:
 				print(" !! failed to serialize %s" %(subvolume))
 				return error
-		
+	
-		## calculate checksums and add a self-check executable
+	## final touches
-		## FIXME calculate this on the fly, re-reading is expensive
+	##
-		previous_wd = os.getcwd()
+	
-		os.chdir(directory)
+	## add a self-check executable
-		os.system('sha512sum "%s" > manifest.sha512' %(
+	with open(os.path.join(directory, "check-integrity.sh"), "w") as f:
-			'" "'.join("%s.btrfs.zst.aes" %(s) for s in snap.subvolumes)
+		f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n")
-		))
+		os.chmod(f.name, 0o555)
-		
-		with open("check-integrity.sh", "w") as f:
-			f.write("#! /bin/sh\n\nsha512sum --check manifest.sha512\n")
 	
 	## fix permissions and ownership of created objects
-	os.chmod("check-integrity.sh", 0o555)
-	
 	outdir_stat = os.stat(outdir)
 	os.chown(directory, outdir_stat.st_uid, outdir_stat.st_gid)