From ff72c50a2c43c57aead933eb4903ad1ca6d1748a Mon Sep 17 00:00:00 2001
From: Or Friedmann <ofriedma@redhat.com>
Date: Wed, 15 Jan 2020 21:15:53 +0200
Subject: [PATCH] rgw: improve beast

Avoid leaking connections that had partially-consumed
client data on unexpected disconnect.

Resolves CVE-2020-1700 (moderate impact flaw).

Fixes: https://tracker.ceph.com/issues/42531

Signed-off-by: Or Friedmann <ofriedma@redhat.com>
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
---
 src/rgw/rgw_asio_frontend.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/rgw/rgw_asio_frontend.cc b/src/rgw/rgw_asio_frontend.cc
index d8b25cf71f2..fdd96bf3282 100644
--- a/src/rgw/rgw_asio_frontend.cc
+++ b/src/rgw/rgw_asio_frontend.cc
@@ -76,8 +76,7 @@ class StreamIO : public rgw::asio::ClientIO {
     while (body_remaining.size && !parser.is_done()) {
       boost::system::error_code ec;
       http::async_read_some(stream, buffer, parser, yield[ec]);
-      if (ec == http::error::partial_message ||
-          ec == http::error::need_buffer) {
+      if (ec == http::error::need_buffer) {
         break;
       }
       if (ec) {
-- 
2.39.5