Request for advice - subversion FTBFS in precise

Thu Apr 12 23:01:45 UTC 2012

Hi all,

Subversion currently FTBFS in precise.

The reason is because apr 1.4.6 changed its hashtable implementation to
incorporate randomness into the hash function. This was to prevent
possible DoS attacks which are based on feeding a server data which it
will put into a hash, which will cause the hash function to perform
pathologically badly.

Unfortunately, it's easy to see how this can completely break a
testsuite's comparisons against hardcoded expected values - hence the FTBFS.

More interestingly, this change also creates at least one behaviour in
Subversion which some might deem a bug: the output of 'svnadmin dump' is
no longer identical if performed multiple times on an unchanging
repository. Bad news for anyone trying to use it to verify intactness of
a repository mirror, for example.


I have a workaround, but it's not exactly pretty.

It is to use the C preprocessor to modify all the calls which create
hashtables to override the hash function back to the one used in APR
1.4.5 and earlier, by placing a #define in a key header file, and then
to use sed in the debian/rules install target to remove the #define from
the installed copy of the header file.

Like I said, not exactly pretty. But potentially better than shipping
precise with a subversion package we can't rebuild, or liberally
disabling large tracts of its testsuite.

Here's the diff:


=== modified file 'debian/rules'

--- debian/rules        2011-12-17 15:01:54 +0000
+++ debian/rules        2012-04-12 22:38:11 +0000
@@ -330,6 +330,7 @@
        $(MAKE_B) local-install install-tools \
                DESTDIR=$(CURDIR)/debian/tmp toolsdir=/usr/bin
        sed -i 's:/usr/lib/\([^/]*/\)?lib\([^ ]*\).la:-l\1:g' debian/tmp/usr/lib/*/*.la
+       sed -i '/^#define apr_hash_make/d' debian/tmp/usr/include/subversion-1/svn_types.h
 
        $(call allpydbg, \
          $(MAKE_B) install-swig-py DESTDIR=$(CURDIR)/debian/tmp \

=== modified file 'subversion/include/svn_types.h'
--- subversion/include/svn_types.h      2009-11-17 02:16:23 +0000
+++ subversion/include/svn_types.h      2012-04-12 22:38:11 +0000
@@ -32,6 +32,7 @@
 #include <apr_tables.h>  /* for apr_array_push() */
 #include <apr_time.h>    /* for apr_time_t */
 #include <apr_strings.h> /* for apr_atoi64() */
+#define apr_hash_make(pool) apr_hash_make_custom((pool), apr_hashfunc_default)
 
 #ifdef __cplusplus
 extern "C" {



I invite your thoughts.

Additional datapoint: There's already a 1.6.18 new upstream version out,
with some fairly important repository corruption fixes. Assuming we can
overcome the FTBFS, and subject to the release team being happy with it,
it could well be a good idea to get it into precise-release. If we
don't, the new upstream version, or a substantial part of its diff, is
almost certain to be a SRU immediately after release.


Max.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20120413/9598fa7e/attachment.pgp>
