From 2fff0f4f71452e161825f079de9f7c65b088b260 Mon Sep 17 00:00:00 2001
From: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Mon, 25 Jul 2011 13:21:49 +0000
Subject: [PATCH] * lib/xmlrpc/client.rb: Fix possible HTTP header formatting
 failure by   'Basic' header. Long username caused the base64 String
 truncation in   HTTP header which is not allowed. See #5046.

* test/xmlrpc/test_webrick_server.rb: test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32666 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog                          |  8 +++++++
 lib/xmlrpc/client.rb               |  2 +-
 test/xmlrpc/test_webrick_server.rb | 36 +++++++++++++++++++++++++++---
 3 files changed, 42 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 89e8a5e6cb..3ee701de6b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+Mon Jul 25 22:14:37 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
+
+	* lib/xmlrpc/client.rb: Fix possible HTTP header formatting failure by
+	  'Basic' header. Long username caused the base64 String truncation in
+	  HTTP header which is not allowed. See #5046.
+
+	* test/xmlrpc/test_webrick_server.rb: test it.
+
 Mon Jul 25 15:04:33 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
 
 	* ext/openssl/lib/openssl.rb: End of transition period introduced by
diff --git a/lib/xmlrpc/client.rb b/lib/xmlrpc/client.rb
index 65c9cd0c9c..c09a9514d6 100644
--- a/lib/xmlrpc/client.rb
+++ b/lib/xmlrpc/client.rb
@@ -493,7 +493,7 @@ module XMLRPC
       else
         a =  "#@user"
         a << ":#@password" if @password != nil
-        @auth = ("Basic " + [a].pack("m")).chomp
+        @auth = "Basic " + [a].pack("m0")
       end
     end
 
diff --git a/test/xmlrpc/test_webrick_server.rb b/test/xmlrpc/test_webrick_server.rb
index 8a37cdec91..5a9f51be33 100644
--- a/test/xmlrpc/test_webrick_server.rb
+++ b/test/xmlrpc/test_webrick_server.rb
@@ -3,13 +3,25 @@ require 'webrick'
 require_relative 'webrick_testing'
 require "xmlrpc/server"
 require 'xmlrpc/client'
+require 'logger'
 
 class Test_Webrick < Test::Unit::TestCase
   include WEBrick_Testing
 
+  @@basic_auth = WEBrick::HTTPAuth::BasicAuth.new(
+    :Realm => 'auth',
+    :UserDB => WEBrick::HTTPAuth::Htpasswd.new(File.expand_path('./htpasswd', File.dirname(__FILE__))),
+    :Logger => Logger.new(File::NULL),
+  )
+
   def create_servlet
     s = XMLRPC::WEBrickServlet.new
 
+    def s.service(req, res)
+      @@basic_auth.authenticate(req, res)
+      super(req, res)
+    end
+
     s.add_handler("test.add") do |a,b|
       a + b
     end
@@ -46,8 +58,6 @@ class Test_Webrick < Test::Unit::TestCase
     end
 
     start_server(option) {|w| w.mount('/RPC2', create_servlet) }
-
-    @s = XMLRPC::Client.new3(:port => port, :use_ssl => use_ssl)
   end
 
   PORT = 8070
@@ -56,13 +66,33 @@ class Test_Webrick < Test::Unit::TestCase
     [false].each do |use_ssl|
       begin
         setup_http_server(PORT, use_ssl)
-        do_test
+        @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl)
+        @s.user = 'admin'
+        @s.password = 'admin'
+        silent do
+          do_test
+        end
+        @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl)
+        @s.user = '01234567890123456789012345678901234567890123456789012345678901234567890123456789'
+        @s.password = 'guest'
+        silent do
+          do_test
+        end
       ensure
         stop_server
       end
     end
   end
 
+  def silent
+    begin
+      back, $VERBOSE = $VERBOSE, nil
+      yield
+    ensure
+      $VERBOSE = back
+    end
+  end
+
   def do_test
     # simple call
     assert_equal 9, @s.call('test.add', 4, 5)