From 9d44ebf08a1505073016482783f00f4cca0bf0ef41f15267dec181f3d676d264 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 7 May 2020 10:24:50 +0000 Subject: [PATCH] Accepting request 801093 from home:PSuarezHernandez:branches:devel:languages:python - Avoid possible race condition on persistent HTTP connections (bsc#1169604) - Added: * 0001-Avoid-race-condition-on-persistent-HTTP-connections.patch OBS-URL: https://build.opensuse.org/request/show/801093 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cheroot?expand=0&rev=26 --- ...ition-on-persistent-HTTP-connections.patch | 41 +++++++++++++++++++ python-cheroot.changes | 8 ++++ python-cheroot.spec | 5 ++- 3 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 0001-Avoid-race-condition-on-persistent-HTTP-connections.patch diff --git a/0001-Avoid-race-condition-on-persistent-HTTP-connections.patch b/0001-Avoid-race-condition-on-persistent-HTTP-connections.patch new file mode 100644 index 0000000..643e3f4 --- /dev/null +++ b/0001-Avoid-race-condition-on-persistent-HTTP-connections.patch @@ -0,0 +1,41 @@ +From 49a8934d726574f7ff85356e6acbfdc06ca7fbdb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= + +Date: Wed, 6 May 2020 14:04:48 +0100 +Subject: [PATCH] Avoid race condition on persistent HTTP connections + +Add a HTTP "Keep-Alive" header with "timeout" on the HTTP response +to avoid a race condition on persistent HTTP connections when the +HTTP client reuses a connection after the "socket.timeout" exception +triggered on the HTTPServer but before the FIN packet is produced. + +When this happens, the client gets a "connection reset by peer" after +writting the request. + +This commit makes a HTTP client to know about this "Keep-Alive" idle +timeout by exposing it on the HTTP "Keep-Alive" response header, so +the connection won't be reused if it was "idle" for that "timeout" +after the last request response. +--- + cheroot/server.py | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/cheroot/server.py b/cheroot/server.py +index 223bed86..f29559b4 100644 +--- a/cheroot/server.py ++++ b/cheroot/server.py +@@ -1167,6 +1167,11 @@ class HTTPRequest: + if not self.close_connection: + self.outheaders.append((b'Connection', b'Keep-Alive')) + ++ self.outheaders.append(( ++ b'Keep-Alive', ++ "timeout={}".format(self.server.timeout).encode('ISO-8859-1'), ++ )) ++ + if (not self.close_connection) and (not self.chunked_read): + # Read any remaining request body data on the socket. + # "If an origin server receives a request that does not include an +-- +2.23.0 + diff --git a/python-cheroot.changes b/python-cheroot.changes index 5abb667..ed98215 100644 --- a/python-cheroot.changes +++ b/python-cheroot.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Thu May 7 09:33:29 UTC 2020 - Pablo Suárez Hernández + +- Avoid possible race condition on persistent HTTP connections (bsc#1169604) + +- Added: + * 0001-Avoid-race-condition-on-persistent-HTTP-connections.patch + ------------------------------------------------------------------- Mon Mar 16 10:23:16 UTC 2020 - Tomáš Chvátal diff --git a/python-cheroot.spec b/python-cheroot.spec index be7e3c2..ef4a0ef 100644 --- a/python-cheroot.spec +++ b/python-cheroot.spec @@ -1,7 +1,7 @@ # # spec file for package python-cheroot # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,9 @@ Summary: Pure-python HTTP server License: BSD-3-Clause URL: https://github.com/cherrypy/cheroot Source: https://files.pythonhosted.org/packages/source/c/%{pypi_name}/%{pypi_name}-%{version}.tar.gz +# PATCH-FIX_UPSTREAM //github.com/cherrypy/cheroot/pull/282 +Patch1: 0001-Avoid-race-condition-on-persistent-HTTP-connections.patch + BuildRequires: %{python_module jaraco.functools} BuildRequires: %{python_module jaraco.text >= 3.1} BuildRequires: %{python_module more-itertools >= 2.6}