Re: deadlock in svnserve

From: John Peacock <jpeacock_at_rowman.com>
Date: 2006-09-18 17:03:08 CEST

debian@gepro.cz wrote:
> I observed this behaviour on a server dedicated for subversion, having no
> keyboard or mouse. Apparently entropy collected during servicing a network
> svn request is lower than used by authorisation. Just four simultaneous
> requests were needed to trigger this problem.

You may want to consider another source of randomness. If the server
has sound support on the motherboard (or has a slot that can take a
soundcard), you can run audio-entropyd:

http://www.vanheusden.com/aed/

This daemon and a $5 soundblaster clone can provide excellent randomness
on even a busy SSL server...

> configuring apr using --with-devrandom=/dev/urandom solved the problem.
> I suggest this be the default on systems having both /dev/random and
> /dev/urandom.

I don't know if this would be an acceptable tradeoff, since urandom is
not as high a quality pseudo-random stream. It would be worthwhile to
add a FAQ entry covering this.

John

-- 
John Peacock
Director of Information Research and Technology
Rowman & Littlefield Publishing Group
4501 Forbes Boulevard
Suite H
Lanham, MD  20706
301-459-3366 x.5010
fax 301-429-5748
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Mon Sep 18 17:03:42 2006

This message: [ Message body ]
Next message: Peter Samuelson: "Re: deadlock in svnserve"
Previous message: David James: "Re: [PATCH] Better test coverage for the svn.client Python bindings"
In reply to: debian_at_gepro.cz: "deadlock in svnserve"
Next in thread: Peter Samuelson: "Re: deadlock in svnserve"
Reply: Peter Samuelson: "Re: deadlock in svnserve"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]