From 68f5f9b35fd9f9314a9bf99d62b274f9ce75b536 Mon Sep 17 00:00:00 2001
From: Carl George <carl.george@rackspace.com>
Date: Wed, 7 Dec 2016 13:09:12 -0600
Subject: [PATCH] Import Patch101 from Fedora to address CVE-2016-8740

---
 SOURCES/httpd-2.4.23-CVE-2016-8740.patch | 32 ++++++++++++++++++++++++
 SPECS/httpd24u.spec                      |  7 +++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/httpd-2.4.23-CVE-2016-8740.patch

diff --git a/SOURCES/httpd-2.4.23-CVE-2016-8740.patch b/SOURCES/httpd-2.4.23-CVE-2016-8740.patch
new file mode 100644
index 0000000..d7328d6
--- /dev/null
+++ b/SOURCES/httpd-2.4.23-CVE-2016-8740.patch
@@ -0,0 +1,32 @@
+--- a/modules/http2/h2_stream.c (revision 1771866)
++++ b/modules/http2/h2_stream.c (working copy)
+@@ -322,18 +322,18 @@ 
+                                            HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
+             }
+         }
+-    }
+-    
+-    if (h2_stream_is_scheduled(stream)) {
+-        return h2_request_add_trailer(stream->request, stream->pool,
+-                                      name, nlen, value, vlen);
+-    }
+-    else {
+-        if (!input_open(stream)) {
+-            return APR_ECONNRESET;
++        
++        if (h2_stream_is_scheduled(stream)) {
++            return h2_request_add_trailer(stream->request, stream->pool,
++                                          name, nlen, value, vlen);
+         }
+-        return h2_request_add_header(stream->request, stream->pool,
+-                                     name, nlen, value, vlen);
++        else {
++            if (!input_open(stream)) {
++                return APR_ECONNRESET;
++            }
++            return h2_request_add_header(stream->request, stream->pool,
++                                         name, nlen, value, vlen);
++        }
+     }
+ }
+ 
diff --git a/SPECS/httpd24u.spec b/SPECS/httpd24u.spec
index 48ff34e..3ab8464 100644
--- a/SPECS/httpd24u.spec
+++ b/SPECS/httpd24u.spec
@@ -48,7 +48,7 @@
 Summary: Apache HTTP Server
 Name: %{real_name}%{ius_suffix}
 Version: 2.4.23
-Release: 2.ius%{?dist}
+Release: 4.ius%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source2: httpd.logrotate
@@ -111,6 +111,7 @@ Patch56: httpd-2.4.4-mod_unique_id.patch
 Patch57: httpd-2.4.10-sigint.patch
 # Security fixes
 Patch100: httpd-2.4.18-CVE-2016-5387.patch
+Patch101: httpd-2.4.23-CVE-2016-8740.patch
 
 License: ASL 2.0
 Group: System Environment/Daemons
@@ -335,6 +336,7 @@ interface for storing and accessing per-user session data.
 %patch57 -p1 -b .sigint
 
 %patch100 -p1 -b .cve5387
+%patch101 -p1 -b .cve8740
 
 # Patch in the vendor string
 sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@@ -851,6 +853,9 @@ exit $rv
 
 
 %changelog
+* Wed Dec 07 2016 Carl George <carl.george@rackspace.com> - 2.4.23-4.ius
+- Import Patch101 from Fedora to address CVE-2016-8740
+
 * Fri Aug 26 2016 Ben Harper <ben.harper@rackspace.com> -  2.4.23-3.ius
 - update httpd.service to use /etc/sysconfig/httpd, see #11