!6 [sync] PR-2: Fix CVE-2020-10705

From: @openeuler-sync-bot
Reviewed-by: @wangchong1995924
Signed-off-by: @wangchong1995924

CVE-2020-10705.patch

@@ -0,0 +1,97 @@
+From b53d4589c586e8bbdcc89ed60f32cd7977e9a4f4 Mon Sep 17 00:00:00 2001
+From: Stuart Douglas <stuart.w.douglas@gmail.com>
+Date: Wed, 15 Apr 2020 15:39:02 +1000
+Subject: [PATCH] [UNDERTOW-1657] Fix issue with 100-continue and h2
+
+---
+ .../server/handlers/HttpContinueReadHandler.java     | 12 +++++++-----
+ .../server/protocol/ajp/AjpServerConnection.java     |  6 +++++-
+ .../server/protocol/http/HttpServerConnection.java   |  6 +++++-
+ 3 files changed, 17 insertions(+), 7 deletions(-)
+
+diff --git a/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java b/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
+index 33c5c25..4a905f3 100644
+--- a/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
++++ b/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
+@@ -23,15 +23,17 @@ import java.nio.ByteBuffer;
+ import java.nio.channels.FileChannel;
+ import java.util.concurrent.TimeUnit;
+ 
++import org.xnio.channels.StreamSinkChannel;
++import org.xnio.conduits.AbstractStreamSourceConduit;
++import org.xnio.conduits.StreamSourceConduit;
++
+ import io.undertow.server.ConduitWrapper;
+-import io.undertow.server.protocol.http.HttpContinue;
+ import io.undertow.server.HttpHandler;
+ import io.undertow.server.HttpServerExchange;
++import io.undertow.server.ResponseCommitListener;
++import io.undertow.server.protocol.http.HttpContinue;
+ import io.undertow.util.ConduitFactory;
+ import io.undertow.util.StatusCodes;
+-import org.xnio.channels.StreamSinkChannel;
+-import org.xnio.conduits.AbstractStreamSourceConduit;
+-import org.xnio.conduits.StreamSourceConduit;
+ 
+ /**
+  * Handler for requests that require 100-continue responses. If an attempt is made to read from the source
+@@ -44,7 +46,7 @@ public class HttpContinueReadHandler implements HttpHandler {
+     private static final ConduitWrapper<StreamSourceConduit> WRAPPER = new ConduitWrapper<StreamSourceConduit>() {
+         @Override
+         public StreamSourceConduit wrap(final ConduitFactory<StreamSourceConduit> factory, final HttpServerExchange exchange) {
+-            if(exchange.isRequestChannelAvailable() && !exchange.isResponseStarted()) {
++            if (exchange.isRequestChannelAvailable() && !exchange.isResponseStarted()) {
+                 return new ContinueConduit(factory.create(), exchange);
+             }
+             return factory.create();
+diff --git a/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java b/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
+index e5e3031..d9cae2d 100644
+--- a/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
++++ b/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
+@@ -26,6 +26,8 @@ import io.undertow.server.HttpHandler;
+ import io.undertow.server.HttpServerExchange;
+ import io.undertow.server.SSLSessionInfo;
+ import io.undertow.util.DateUtils;
++
++import org.xnio.IoUtils;
+ import org.xnio.OptionMap;
+ import io.undertow.connector.ByteBufferPool;
+ import org.xnio.StreamConnection;
+@@ -61,7 +63,9 @@ public final class AjpServerConnection extends AbstractServerConnection {
+ 
+     @Override
+     public void terminateRequestChannel(HttpServerExchange exchange) {
+-        //todo: terminate
++        if (!exchange.isPersistent()) {
++            IoUtils.safeClose(getChannel().getSourceChannel());
++        }
+     }
+ 
+     @Override
+diff --git a/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java b/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
+index 0128e9b..63bcdd6 100644
+--- a/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
++++ b/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
+@@ -36,6 +36,8 @@ import io.undertow.util.Headers;
+ import io.undertow.util.HttpString;
+ import io.undertow.util.ImmediatePooledByteBuffer;
+ import io.undertow.util.Methods;
++
++import org.xnio.IoUtils;
+ import org.xnio.OptionMap;
+ import io.undertow.connector.ByteBufferPool;
+ import io.undertow.connector.PooledByteBuffer;
+@@ -135,7 +137,9 @@ public final class HttpServerConnection extends AbstractServerConnection {
+ 
+     @Override
+     public void terminateRequestChannel(HttpServerExchange exchange) {
+-
++        if (!exchange.isPersistent()) {
++            IoUtils.safeClose(getChannel().getSourceChannel());
++        }
+     }
+ 
+     /**
+-- 
+2.23.0
+

undertow.spec

@@ -2,13 +2,14 @@
 %global namedversion %{version}%{?namedreltag}
 Name:                undertow
 Version:             1.4.0
-Release:             1
+Release:             2
 Summary:             Java web server using non-blocking IO
 License:             ASL 2.0
 URL:                 http://undertow.io/
 Source0:             https://github.com/undertow-io/undertow/archive/%{namedversion}/%{name}-%{namedversion}.tar.gz
 # Remove unavailable methods in jetty-alpn-api-1.1.0
 Patch0:              undertow-1.4.0-jetty-alpn-api-1.1.0.patch
+Patch1:		     CVE-2020-10705.patch
 BuildArch:           noarch
 Epoch:               1
 BuildRequires:       maven-local mvn(junit:junit) mvn(org.eclipse.jetty.alpn:alpn-api)
@@ -32,6 +33,7 @@ This package contains the API documentation for %{name}.
 %prep
 %setup -q -n %{name}-%{namedversion}
 %patch0 -p1
+%patch1 -p1
 rm -rf mac-jdk-fix
 %pom_disable_module examples
 %pom_remove_plugin -r :maven-checkstyle-plugin
@@ -60,5 +62,8 @@ done
 %license LICENSE.txt
 
 %changelog
+* Wed Oct 27 2021 houyingchao <houyingchao@huawei.com> - 1.4.0-2
+- Fix CVE-2020-10705
+
 * Wed Aug 19 2020 maminjie <maminjie1@huawei.com> - 1.4.0-1
 - package init