1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* lib/webrick/httpauth/htpasswd.rb (WEBrick::Htpasswd#reload):

raise NotImplementedError if password is encrypted by digest
  algorithms. This patch is contributed by sheepman. [ruby-list:40467]

* lib/webrick/httpauth/digestauth.rb
  (WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
  This patch is contributed by sheepman. [ruby-list:40482]

* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
  pack/unpack-template char "m" instead of lib/base64.rb to do base64
  encoding/decoding. fixed: [ruby-dev:25336]

* test/webrick/test_httpauth.rb: new file.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
gotoyuzo 2005-01-02 22:31:13 +00:00
parent a8c92267b1
commit 97102f6596
6 changed files with 134 additions and 8 deletions

View file

@ -1,3 +1,19 @@
Mon Jan 3 07:27:46 2005 GOTOU Yuuzou <gotoyuzo@notwork.org>
* lib/webrick/httpauth/htpasswd.rb (WEBrick::Htpasswd#reload):
raise NotImplementedError if password is encrypted by digest
algorithms. This patch is contributed by sheepman. [ruby-list:40467]
* lib/webrick/httpauth/digestauth.rb
(WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
This patch is contributed by sheepman. [ruby-list:40482]
* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
pack/unpack-template char "m" instead of lib/base64.rb to do base64
encoding/decoding. fixed: [ruby-dev:25336]
* test/webrick/test_httpauth.rb: new file.
Sun Jan 2 15:42:10 2005 Masatoshi SEKI <m_seki@mva.biglobe.ne.jp>
* lib/drb/drb.rb: add lazy stop_service.

View file

@ -22,7 +22,7 @@ module WEBrick
user = pass = nil
if /^Basic\s+(.*)/o =~ req[req_field]
userpass = $1
user, pass = decode64(userpass).split(":", 2)
user, pass = userpass.unpack("m*")[0].split(":", 2)
end
if block.call(user, pass)
req.user = user

View file

@ -34,7 +34,7 @@ module WEBrick
unless basic_credentials = check_scheme(req)
challenge(req, res)
end
userid, password = decode64(basic_credentials).split(":", 2)
userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
password ||= ""
if userid.empty?
error("user id was not given.")

View file

@ -174,11 +174,11 @@ module WEBrick
if auth_req['qop'] == "auth" || auth_req['qop'] == nil
ha2 = hexdigest(req.request_method, auth_req['uri'])
ha2_res = digest("", auth_req['uri'])
ha2_res = hexdigest("", auth_req['uri'])
elsif auth_req['qop'] == "auth-int"
ha2 = hexdigest(req.request_method, auth_req['uri'],
hexdigest(req.body))
ha2_res = digest("", auth_req['uri'], hexdigest(req.body))
ha2_res = hexdigest("", auth_req['uri'], hexdigest(res.body))
end
if auth_req['qop'] == "auth" || auth_req['qop'] == "auth-int"
@ -331,9 +331,6 @@ module WEBrick
@h.hexdigest(args.join(":"))
end
def digest(*args)
@h.digest(args.join(":"))
end
end
class ProxyDigestAuth < DigestAuth

View file

@ -32,7 +32,15 @@ module WEBrick
open(@path){|io|
while line = io.gets
line.chomp!
user, pass = line.split(":")
case line
when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z!
user, pass = line.split(":")
when /:\$/, /:{SHA}/
raise NotImplementedError,
'MD5, SHA1 .htpasswd file not supported'
else
raise StandardError, 'bad .htpasswd file'
end
@passwd[user] = pass
end
}

View file

@ -0,0 +1,105 @@
require "test/unit"
require "net/http"
require "tempfile"
require "webrick"
require "webrick/httpauth/basicauth"
class TestWEBrickHTTPAuth < Test::Unit::TestCase
class NullWriter
def NullWriter.<<(msg)
puts msg if $DEBUG
return self
end
end
def start_httpserver
server = WEBrick::HTTPServer.new(
:BindAddress => "0.0.0.0", :Port => 0,
:Logger => WEBrick::Log.new(NullWriter),
:AccessLog => [[NullWriter, ""]]
)
thread = nil
begin
thread = Thread.start{ server.start }
addr = server.listeners[0].addr
yield([server, addr[3], addr[1]])
ensure
server.stop
thread.join
end
end
def test_basic_auth
start_httpserver{|server, addr, port|
realm = "WEBrick's realm"
path = "/basic_auth"
server.mount_proc(path){|req, res|
WEBrick::HTTPAuth.basic_auth(req, res, realm){|user, pass|
user == "webrick" && pass == "supersecretpassword"
}
res.body = "hoge"
}
http = Net::HTTP.new(addr, port)
g = Net::HTTP::Get.new(path)
g.basic_auth("webrick", "supersecretpassword")
http.request(g){|res| assert_equal("hoge", res.body)}
g.basic_auth("webrick", "not super")
http.request(g){|res| assert_not_equal("hoge", res.body)}
}
end
def test_basic_auth2
start_httpserver{|server, addr, port|
realm = "WEBrick's realm"
path = "/basic_auth2"
tmpfile = Tempfile.new("test_webrick_auth")
tmpfile.close
tmp_pass = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
tmp_pass.flush
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
users = []
htpasswd.each{|user, pass| users << user }
assert_equal(2, users.size)
assert(users.member?("webrick"))
assert(users.member?("foo"))
server.mount_proc(path){|req, res|
auth = WEBrick::HTTPAuth::BasicAuth.new(
:Realm => realm, :UserDB => htpasswd,
:Logger => server.logger
)
auth.authenticate(req, res)
res.body = "hoge"
}
http = Net::HTTP.new(addr, port)
g = Net::HTTP::Get.new(path)
g.basic_auth("webrick", "supersecretpassword")
http.request(g){|res| assert_equal("hoge", res.body)}
g.basic_auth("webrick", "not super")
http.request(g){|res| assert_not_equal("hoge", res.body)}
}
end
def test_basic_auth3
tmpfile = Tempfile.new("test_webrick_auth")
tmpfile.puts("webrick:{SHA}GJYFRpBbdchp595jlh3Bhfmgp8k=")
tmpfile.flush
assert_raises(NotImplementedError){
WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
}
tmpfile.close(true)
tmpfile = Tempfile.new("test_webrick_auth")
tmpfile.puts("webrick:$apr1$IOVMD/..$rmnOSPXr0.wwrLPZHBQZy0")
tmpfile.flush
assert_raises(NotImplementedError){
WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path)
}
tmpfile.close(true)
end
end