Re: deadlock in svnserve

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2006-09-18 18:14:44 CEST

On Mon, Sep 18, 2006 at 04:26:16PM +0200, debian@gepro.cz wrote:
> svnserve configured on Debian Sarge uses /dev/random for password exchange
> handshake. As a result client connections deadlock in the case of
> exhausted entropy, since /dev/random may be blocking indefinitely.
>

For the sake of completeness, this is issue 2590 (and
http://subversion.tigris.org/faq.html#freebsd-hang, though you're not
on FreeBSD).

To solve this, we really need APR to grow an interface that will allow
us to get random-but-not-secret data (from e.g. /dev/urandom), which
we could then use for generating UUIDs. (I'm not sure that it would
necessarily be safe to use a predictable random source to generate
authentication challenges, but if so, we could also use it there).

To a large extent, this is a problem that needs to be solved by APR first.
However, some of the Subversion committers are also APR committers...

> configuring apr using --with-devrandom=/dev/urandom solved the problem.
> I suggest this be the default on systems having both /dev/random and
> /dev/urandom.
>

Subversion can't dictate the default configuration of APR.

Regards,
Malcolm

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Sep 18 18:15:05 2006

This message: [ Message body ]
Next message: Garrett Rooney: "Re: deadlock in svnserve"
Previous message: Justin Erenkrantz: "Re: "Precedence: bulk" header in mailer.py"
In reply to: debian_at_gepro.cz: "deadlock in svnserve"
Next in thread: Garrett Rooney: "Re: deadlock in svnserve"
Reply: Garrett Rooney: "Re: deadlock in svnserve"
Reply: debian_at_gepro.cz: "Re: deadlock in svnserve"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]