20229478 mod_perl test suite wouldn't start/pass due number of reasons
authorPetr Sumbera <petr.sumbera@oracle.com>
Thu, 18 Dec 2014 06:53:52 -0800
changeset 3563 a34ad418afb9
parent 3561 8806d147c2d5
child 3567 f9313e0975e8
20229478 mod_perl test suite wouldn't start/pass due number of reasons
components/apache2-modules/mod_perl/Makefile
components/apache2-modules/mod_perl/patches/TestConfigParse.patch
components/apache2-modules/mod_perl/patches/hattack_synthesis.patch
--- a/components/apache2-modules/mod_perl/Makefile	Thu Dec 18 13:47:34 2014 +0100
+++ b/components/apache2-modules/mod_perl/Makefile	Thu Dec 18 06:53:52 2014 -0800
@@ -72,9 +72,7 @@
 
 install: $(INSTALL_32)
 
-# Won't start (maybe because of mod_dtrace.so on system).
-#test: $(TEST_32)
-test: $(NO_TESTS)
+test: $(TEST_32)
 
 BUILD_PKG_DEPENDENCIES =	$(BUILD_TOOLS)
 
--- a/components/apache2-modules/mod_perl/patches/TestConfigParse.patch	Thu Dec 18 13:47:34 2014 +0100
+++ b/components/apache2-modules/mod_perl/patches/TestConfigParse.patch	Thu Dec 18 06:53:52 2014 -0800
@@ -1,14 +1,27 @@
---- mod_perl-2.0.4/Apache-Test/lib/Apache/TestConfigParse.pm	Sun Nov 11 21:34:46 2007
-+++ mod_perl-2.0.4/Apache-Test/lib/Apache/TestConfigParse.pm	Thu May 19 05:35:01 2011
[email protected]@ -211,6 +211,11 @@
+Patch origin: in-house
+Patch status: Solaris-specific; not suitable for upstream
+
+This change makes sure that 64 bit modules and mod_fcgid module are not
+used for testing. Mod_fcgid is disabled because it by default creates
+shared memory and socket in paths which are not suitable for ordinary
+user (or there can be interaction with running Apache).
+
+--- mod_perl-2.0.4/Apache-Test/lib/Apache/TestConfigParse.pm
++++ mod_perl-2.0.4/Apache-Test/lib/Apache/TestConfigParse.pm
[email protected]@ -211,6 +211,16 @@
      for my $args (@{ $c->{$directive} }) {
          my $modname = $args->[0];
          my $file = $self->server_file_rel2abs($args->[1]);
 +	
-+       unless ($file !~ m/\/64\//) {
++        unless ($file !~ m/\/64\//) {
 +            debug "$file is 64 bit module (we don't want it)";
 +            next;
 +        }
++
++        unless ($file !~ m/mod_fcgid.so/) {
++            debug "$file creates shared memory and sockets on wrong place (skipping)";
++            next;
++        }
  
          unless (-e $file) {
              debug "$file does not exist, skipping LoadModule";
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/apache2-modules/mod_perl/patches/hattack_synthesis.patch	Thu Dec 18 06:53:52 2014 -0800
@@ -0,0 +1,107 @@
+Patch origin: upstream
+Patch status: will be part of next version
+
+Synthesis of:
+http://svn.apache.org/viewvc?view=revision&revision=1455340
+http://svn.apache.org/viewvc?view=revision&revision=1457619
+
+See also:
+https://rt.cpan.org/Public/Bug/Display.html?id=83916
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702821
+
+--- a/t/response/TestPerl/hash_attack.pm	2013-03-15 13:35:14.000000000 +0000
++++ b/t/response/TestPerl/hash_attack.pm	2013-03-15 13:38:29.000000000 +0000
[email protected]@ -5,10 +5,11 @@
+ # and fixup handlers in this test). Moreover it must not fail to find
+ # that entry on the subsequent requests.
+ #
+-# the hash attack is detected when HV_MAX_LENGTH_BEFORE_SPLIT keys
+-# find themselves in the same hash bucket, in which case starting from
+-# 5.8.2 the hash will rehash all its keys using a random hash seed
+-# (PL_new_hash_seed, set in mod_perl or via PERL_HASH_SEED environment
++# the hash attack is detected when HV_MAX_LENGTH_BEFORE_REHASH keys find
++# themselves in the same hash bucket on splitting (which happens when the
++# number of keys crosses the threshold of a power of 2), in which case
++# starting from 5.8.2 the hash will rehash all its keys using a random hash
++# seed (PL_new_hash_seed, set in mod_perl or via PERL_HASH_SEED environment
+ # variable)
+ #
+ # Prior to the attack condition hashes use the PL_hash_seed, which is
[email protected]@ -29,7 +30,7 @@
+ 
+ use constant MASK_U32  => 2**32;
+ use constant HASH_SEED => 0; # 5.8.2: always zero before the rehashing
+-use constant THRESHOLD => 14; #define HV_MAX_LENGTH_BEFORE_SPLIT
++use constant THRESHOLD => 14; #define HV_MAX_LENGTH_BEFORE_(SPLIT|REHASH)
+ use constant START     => "a";
+ 
+ # create conditions which will trigger a rehash on the current stash
[email protected]@ -57,6 +58,8 @@
+     return Apache2::Const::OK;
+ }
+ 
++sub buckets { scalar(%{$_[0]}) =~ m#/([0-9]+)\z# ? 0+$1 : 8 }
++
+ sub attack {
+     my $stash = shift;
+ 
[email protected]@ -74,9 +77,9 @@
+     my $bits = $keys ? log($keys)/log(2) : 0;
+     $bits = $min_bits if $min_bits > $bits;
+ 
+-    $bits = int($bits) < $bits ? int($bits) + 1 : int($bits);
+-    # need to add 2 bits to cover the internal split cases
+-    $bits += 2;
++    $bits = ceil($bits);
++    # need to add 3 bits to cover the internal split cases
++    $bits += 3;
+     my $mask = 2**$bits-1;
+     debug "mask: $mask ($bits)";
+ 
[email protected]@ -90,7 +93,7 @@
+         next unless ($h & $mask) == 0;
+         $c++;
+         $stash->{$s}++;
+-        debug sprintf "%2d: %5s, %10s, %s", $c, $s, $h, scalar(%$stash);
++        debug sprintf "%2d: %5s, %08x %s", $c, $s, $h, scalar(%$stash);
+         push @keys, $s;
+         debug "The hash collision attack has been successful"
+             if Internals::HvREHASH(%$stash);
[email protected]@ -98,6 +101,24 @@
+         $s++;
+     }
+ 
++    # If the rehash hasn't been triggered yet, it's being delayed until the
++    # next bucket split.  Add keys until a split occurs.
++    unless (Internals::HvREHASH(%$stash)) {
++        debug "Will add padding keys until hash split";
++        my $old_buckets = buckets($stash);
++        while (buckets($stash) == $old_buckets) {
++            next if exists $stash->{$s};
++            $h = hash($s);
++            $c++;
++            $stash->{$s}++;
++            debug sprintf "%2d: %5s, %08x %s", $c, $s, $h, scalar(%$stash);
++            push @keys, $s;
++            debug "The hash collision attack has been successful"
++                if Internals::HvREHASH(%$stash);
++            $s++;
++        }
++    }
++
+     # this verifies that the attack was mounted successfully. If
+     # HvREHASH is on it is. Otherwise the sequence wasn't successful.
+     die "Failed to mount the hash collision attack"
[email protected]@ -108,6 +129,12 @@
+     return @keys;
+ }
+ 
++# least integer >= n
++sub ceil {
++    my $value = shift;
++    return int($value) < $value ? int($value) + 1 : int($value);
++}
++
+ # trying to provide the fastest equivalent of C macro's PERL_HASH in
+ # Perl - the main complication is that the C macro uses U32 integer
+ # (unsigned int), which we can't do it Perl (it can do I32, with 'use