mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* lib/webrick/httpauth/htpasswd.rb (WEBrick::Htpasswd#reload):
raise NotImplementedError if password is encrypted by digest algorithms. This patch is contributed by sheepman. [ruby-list:40467] * lib/webrick/httpauth/digestauth.rb (WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation. This patch is contributed by sheepman. [ruby-list:40482] * lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use pack/unpack-template char "m" instead of lib/base64.rb to do base64 encoding/decoding. fixed: [ruby-dev:25336] * test/webrick/test_httpauth.rb: new file. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
a8c92267b1
commit
97102f6596
6 changed files with 134 additions and 8 deletions
16
ChangeLog
16
ChangeLog
|
@ -1,3 +1,19 @@
|
|||
Mon Jan 3 07:27:46 2005 GOTOU Yuuzou <gotoyuzo@notwork.org>
|
||||
|
||||
* lib/webrick/httpauth/htpasswd.rb (WEBrick::Htpasswd#reload):
|
||||
raise NotImplementedError if password is encrypted by digest
|
||||
algorithms. This patch is contributed by sheepman. [ruby-list:40467]
|
||||
|
||||
* lib/webrick/httpauth/digestauth.rb
|
||||
(WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
|
||||
This patch is contributed by sheepman. [ruby-list:40482]
|
||||
|
||||
* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
|
||||
pack/unpack-template char "m" instead of lib/base64.rb to do base64
|
||||
encoding/decoding. fixed: [ruby-dev:25336]
|
||||
|
||||
* test/webrick/test_httpauth.rb: new file.
|
||||
|
||||
Sun Jan 2 15:42:10 2005 Masatoshi SEKI <m_seki@mva.biglobe.ne.jp>
|
||||
|
||||
* lib/drb/drb.rb: add lazy stop_service.
|
||||
|
|
|
@ -22,7 +22,7 @@ module WEBrick
|
|||
user = pass = nil
|
||||
if /^Basic\s+(.*)/o =~ req[req_field]
|
||||
userpass = $1
|
||||
user, pass = decode64(userpass).split(":", 2)
|
||||
user, pass = userpass.unpack("m*")[0].split(":", 2)
|
||||
end
|
||||
if block.call(user, pass)
|
||||
req.user = user
|
||||
|
|
|
@ -34,7 +34,7 @@ module WEBrick
|
|||
unless basic_credentials = check_scheme(req)
|
||||
challenge(req, res)
|
||||
end
|
||||
userid, password = decode64(basic_credentials).split(":", 2)
|
||||
userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
|
||||
password ||= ""
|
||||
if userid.empty?
|
||||
error("user id was not given.")
|
||||
|
|
|
@ -174,11 +174,11 @@ module WEBrick
|
|||
|
||||
if auth_req['qop'] == "auth" || auth_req['qop'] == nil
|
||||
ha2 = hexdigest(req.request_method, auth_req['uri'])
|
||||
ha2_res = digest("", auth_req['uri'])
|
||||
ha2_res = hexdigest("", auth_req['uri'])
|
||||
elsif auth_req['qop'] == "auth-int"
|
||||
ha2 = hexdigest(req.request_method, auth_req['uri'],
|
||||
hexdigest(req.body))
|
||||
ha2_res = digest("", auth_req['uri'], hexdigest(req.body))
|
||||
ha2_res = hexdigest("", auth_req['uri'], hexdigest(res.body))
|
||||
end
|
||||
|
||||
if auth_req['qop'] == "auth" || auth_req['qop'] == "auth-int"
|
||||
|
@ -331,9 +331,6 @@ module WEBrick
|
|||
@h.hexdigest(args.join(":"))
|
||||
end
|
||||
|
||||
def digest(*args)
|
||||
@h.digest(args.join(":"))
|
||||
end
|
||||
end
|
||||
|
||||
class ProxyDigestAuth < DigestAuth
|
||||
|
|
|
@ -32,7 +32,15 @@ module WEBrick
|
|||
open(@path){|io|
|
||||
while line = io.gets
|
||||
line.chomp!
|
||||
user, pass = line.split(":")
|
||||
case line
|
||||
when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z!
|
||||
user, pass = line.split(":")
|
||||
when /:\$/, /:{SHA}/
|
||||
raise NotImplementedError,
|
||||
'MD5, SHA1 .htpasswd file not supported'
|
||||
else
|
||||
raise StandardError, 'bad .htpasswd file'
|
||||
end
|
||||
@passwd[user] = pass
|
||||
end
|
||||
}
|
||||
|
|
105
test/webrick/test_httpauth.rb
Normal file
105
test/webrick/test_httpauth.rb
Normal file
|
@ -0,0 +1,105 @@
|
|||
require "test/unit"
|
||||
require "net/http"
|
||||
require "tempfile"
|
||||
require "webrick"
|
||||
require "webrick/httpauth/basicauth"
|
||||
|
||||
class TestWEBrickHTTPAuth < Test::Unit::TestCase
|
||||
class NullWriter
|
||||
def NullWriter.<<(msg)
|
||||
puts msg if $DEBUG
|
||||
return self
|
||||
end
|
||||
end
|
||||
|
||||
def start_httpserver
|
||||
server = WEBrick::HTTPServer.new(
|
||||
:BindAddress => "0.0.0.0", :Port => 0,
|
||||
:Logger => WEBrick::Log.new(NullWriter),
|
||||
:AccessLog => [[NullWriter, ""]]
|
||||
)
|
||||
thread = nil
|
||||
begin
|
||||
thread = Thread.start{ server.start }
|
||||
addr = server.listeners[0].addr
|
||||
yield([server, addr[3], addr[1]])
|
||||
ensure
|
||||
server.stop
|
||||
thread.join
|
||||
end
|
||||
end
|
||||
|
||||
def test_basic_auth
|
||||
start_httpserver{|server, addr, port|
|
||||
realm = "WEBrick's realm"
|
||||
path = "/basic_auth"
|
||||
|
||||
server.mount_proc(path){|req, res|
|
||||
WEBrick::HTTPAuth.basic_auth(req, res, realm){|user, pass|
|
||||
user == "webrick" && pass == "supersecretpassword"
|
||||
}
|
||||
res.body = "hoge"
|
||||
}
|
||||
http = Net::HTTP.new(addr, port)
|
||||
g = Net::HTTP::Get.new(path)
|
||||
g.basic_auth("webrick", "supersecretpassword")
|
||||
http.request(g){|res| assert_equal("hoge", res.body)}
|
||||
g.basic_auth("webrick", "not super")
|
||||
http.request(g){|res| assert_not_equal("hoge", res.body)}
|
||||
}
|
||||
end
|
||||
|
||||
def test_basic_auth2
|
||||
start_httpserver{|server, addr, port|
|
||||
realm = "WEBrick's realm"
|
||||
path = "/basic_auth2"
|
||||
|
||||
tmpfile = Tempfile.new("test_webrick_auth")
|
||||
tmpfile.close
|
||||
tmp_pass = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
|
||||
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
|
||||
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
|
||||
tmp_pass.flush
|
||||
|
||||
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
|
||||
users = []
|
||||
htpasswd.each{|user, pass| users << user }
|
||||
assert_equal(2, users.size)
|
||||
assert(users.member?("webrick"))
|
||||
assert(users.member?("foo"))
|
||||
|
||||
server.mount_proc(path){|req, res|
|
||||
auth = WEBrick::HTTPAuth::BasicAuth.new(
|
||||
:Realm => realm, :UserDB => htpasswd,
|
||||
:Logger => server.logger
|
||||
)
|
||||
auth.authenticate(req, res)
|
||||
res.body = "hoge"
|
||||
}
|
||||
http = Net::HTTP.new(addr, port)
|
||||
g = Net::HTTP::Get.new(path)
|
||||
g.basic_auth("webrick", "supersecretpassword")
|
||||
http.request(g){|res| assert_equal("hoge", res.body)}
|
||||
g.basic_auth("webrick", "not super")
|
||||
http.request(g){|res| assert_not_equal("hoge", res.body)}
|
||||
}
|
||||
end
|
||||
|
||||
def test_basic_auth3
|
||||
tmpfile = Tempfile.new("test_webrick_auth")
|
||||
tmpfile.puts("webrick:{SHA}GJYFRpBbdchp595jlh3Bhfmgp8k=")
|
||||
tmpfile.flush
|
||||
assert_raises(NotImplementedError){
|
||||
WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
|
||||
}
|
||||
tmpfile.close(true)
|
||||
|
||||
tmpfile = Tempfile.new("test_webrick_auth")
|
||||
tmpfile.puts("webrick:$apr1$IOVMD/..$rmnOSPXr0.wwrLPZHBQZy0")
|
||||
tmpfile.flush
|
||||
assert_raises(NotImplementedError){
|
||||
WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
|
||||
}
|
||||
tmpfile.close(true)
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue