Projects
openEuler:Mainline
tomcat
_service:tar_scm:CVE-2019-0199-4.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2019-0199-4.patch of Package tomcat
--- tomcat/java/org/apache/coyote/http2/Http2Protocol.java 2019/02/01 10:28:14 1852700 +++ tomcat/java/org/apache/coyote/http2/Http2Protocol.java 2019/02/01 10:28:18 1852701 @@ -41,9 +41,9 @@ public class Http2Protocol implements UpgradeProtocol { - static final long DEFAULT_READ_TIMEOUT = 10000; - static final long DEFAULT_WRITE_TIMEOUT = 10000; - static final long DEFAULT_KEEP_ALIVE_TIMEOUT = -1; + static final long DEFAULT_READ_TIMEOUT = 5000; + static final long DEFAULT_WRITE_TIMEOUT = 5000; + static final long DEFAULT_KEEP_ALIVE_TIMEOUT = 20000; static final long DEFAULT_STREAM_READ_TIMEOUT = 20000; static final long DEFAULT_STREAM_WRITE_TIMEOUT = 20000; // The HTTP/2 specification recommends a minimum default of 100 --- tomcat/java/org/apache/coyote/http2/Http2UpgradeHandler.java 2019/02/01 10:28:14 1852700 +++ tomcat/java/org/apache/coyote/http2/Http2UpgradeHandler.java 2019/02/01 10:28:18 1852701 @@ -329,9 +329,16 @@ } } } - // No more frames to read so switch to the keep-alive - // timeout. - socketWrapper.setReadTimeout(protocol.getKeepAliveTimeout()); + + if (activeRemoteStreamCount.get() == 0) { + // No streams currently active. Use the keep-alive + // timeout for the connection. + socketWrapper.setReadTimeout(protocol.getKeepAliveTimeout()); + } else { + // Streams currently active. Individual streams have + // timeouts so keep the connection open. + socketWrapper.setReadTimeout(-1); + } } catch (Http2Exception ce) { // Really ConnectionException if (log.isDebugEnabled()) {
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2