[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: deadlock in svnserve

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2006-09-18 18:14:44 CEST

On Mon, Sep 18, 2006 at 04:26:16PM +0200, debian@gepro.cz wrote:
> svnserve configured on Debian Sarge uses /dev/random for password exchange
> handshake. As a result client connections deadlock in the case of
> exhausted entropy, since /dev/random may be blocking indefinitely.

For the sake of completeness, this is issue 2590 (and
http://subversion.tigris.org/faq.html#freebsd-hang, though you're not
on FreeBSD).

To solve this, we really need APR to grow an interface that will allow
us to get random-but-not-secret data (from e.g. /dev/urandom), which
we could then use for generating UUIDs. (I'm not sure that it would
necessarily be safe to use a predictable random source to generate
authentication challenges, but if so, we could also use it there).

To a large extent, this is a problem that needs to be solved by APR first.
However, some of the Subversion committers are also APR committers...

> configuring apr using --with-devrandom=/dev/urandom solved the problem.
> I suggest this be the default on systems having both /dev/random and
> /dev/urandom.

Subversion can't dictate the default configuration of APR.


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Sep 18 18:15:05 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.