ruby.git/lib/webrick/httpauth/basicauth.rb, branch v2_7_8 The Ruby Programming Language lib/*: Prefer require_relative over require. 2018-11-02T17:52:33+00:00 marcandre marcandre@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-11-02T17:52:33+00:00 e859e668d2eb59f34ad18edb7458ce90076617e9 [#15206] [Fix GH-1976] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[#15206] [Fix GH-1976]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
webrick: Support bcrypt password hashing 2018-07-26T03:21:52+00:00 normal normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-07-26T03:21:52+00:00 9749bfbf735f8dca3361f2ea16bb97027bd1ab61 This adds a password_hash keyword argument to WEBrick::HTTPAuth::Htpasswd#initialize. If set to :bcrypt, it will create bcrypt hashes instead of crypt hashes, and will raise an exception if the .htpasswd file uses crypt hashes. If :bcrypt is used, then instead of calling BasicAuth.make_passwd (which uses crypt), WEBrick::HTTPAuth::Htpasswd#set_passwd will set the bcrypt password directly. It isn't possible to change the make_passwd API to accept the password hash format, as that would break configurations who use Htpasswd#auth_type= to set a custom auth_type. This modifies WEBrick::HTTPAuth::BasicAuth to handle checking both crypt and bcrypt hashes. There are commented out requires for 'string/crypt', to handle when String#crypt is deprecated and the undeprecated version is moved to a gem. There is also a commented out warning for the case when the password_hash keyword is not specified and 'string/crypt' cannot be required. I think the warning makes sense to nudge users to using bcrypt. I've updated the tests to test nil, :crypt, and :bcrypt values for the password_hash keyword, skipping the bcrypt tests if the bcrypt library cannot be required. [ruby-core:88111] [Feature #14940] From: Jeremy Evans <code@jeremyevans.net> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
This adds a password_hash keyword argument to
WEBrick::HTTPAuth::Htpasswd#initialize.  If set to :bcrypt, it
will create bcrypt hashes instead of crypt hashes, and will
raise an exception if the .htpasswd file uses crypt hashes.

If :bcrypt is used, then instead of calling
BasicAuth.make_passwd (which uses crypt),
WEBrick::HTTPAuth::Htpasswd#set_passwd will set the bcrypt
password directly.  It isn't possible to change the
make_passwd API to accept the password hash format, as that
would break configurations who use Htpasswd#auth_type= to set
a custom auth_type.

This modifies WEBrick::HTTPAuth::BasicAuth to handle checking
both crypt and bcrypt hashes.

There are commented out requires for 'string/crypt', to handle
when String#crypt is deprecated and the undeprecated version is
moved to a gem.

There is also a commented out warning for the case when
the password_hash keyword is not specified and 'string/crypt'
cannot be required.  I think the warning makes sense to nudge
users to using bcrypt.

I've updated the tests to test nil, :crypt, and :bcrypt values
for the password_hash keyword, skipping the bcrypt tests if the
bcrypt library cannot be required.

[ruby-core:88111] [Feature #14940]

From: Jeremy Evans <code@jeremyevans.net>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add frozen_string_literal: false for all files 2015-12-16T05:07:31+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-12-16T05:07:31+00:00 3e92b635fb5422207b7bbdc924e292e51e21f040 When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
When you change this to true, you may need to add more tests.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpauth/basicauth.rb: fix a typo. 2015-11-16T03:11:20+00:00 hsbt hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-11-16T03:11:20+00:00 ab233984619b6e7c3697d404462b601ad5756c66 [ci skip][fix GH-1099] Patch by @jwworth * lib/webrick/httpauth/digestauth.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52581 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  [ci skip][fix GH-1099] Patch by @jwworth
* lib/webrick/httpauth/digestauth.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52581 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26T01:12:54+00:00 drbrain drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-01-26T01:12:54+00:00 28afe277a8e543da0e6353bdacbcad0b69739e06 * lib/webrick/cgi.rb: ditto. * lib/webrick/config.rb: ditto. * lib/webrick/cookie.rb: ditto. * lib/webrick/httpauth/authenticator.rb: ditto. * lib/webrick/httpauth/basicauth.rb: ditto. * lib/webrick/httpauth/digestauth.rb: ditto. * lib/webrick/httpproxy.rb: ditto. * lib/webrick/httprequest.rb: ditto. * lib/webrick/httpresponse.rb: ditto. * lib/webrick/https.rb: ditto. * lib/webrick/httpserver.rb: ditto. * lib/webrick/httpservlet/cgihandler.rb: ditto. * lib/webrick/httpservlet/filehandler.rb: ditto. * lib/webrick/httpservlet/prochandler.rb: ditto. * lib/webrick/httputils.rb: ditto. * lib/webrick/httpversion.rb: ditto. * lib/webrick/log.rb: ditto. * lib/webrick/server.rb: ditto. * lib/webrick/ssl.rb: ditto. * lib/webrick/utils.rb: ditto. * lib/webrick/version.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/webrick/cgi.rb:  ditto.
* lib/webrick/config.rb:  ditto.
* lib/webrick/cookie.rb:  ditto.
* lib/webrick/httpauth/authenticator.rb:  ditto.
* lib/webrick/httpauth/basicauth.rb:  ditto.
* lib/webrick/httpauth/digestauth.rb:  ditto.
* lib/webrick/httpproxy.rb:  ditto.
* lib/webrick/httprequest.rb:  ditto.
* lib/webrick/httpresponse.rb:  ditto.
* lib/webrick/https.rb:  ditto.
* lib/webrick/httpserver.rb:  ditto.
* lib/webrick/httpservlet/cgihandler.rb:  ditto.
* lib/webrick/httpservlet/filehandler.rb:  ditto.
* lib/webrick/httpservlet/prochandler.rb:  ditto.
* lib/webrick/httputils.rb:  ditto.
* lib/webrick/httpversion.rb:  ditto.
* lib/webrick/log.rb:  ditto.
* lib/webrick/server.rb:  ditto.
* lib/webrick/ssl.rb:  ditto.
* lib/webrick/utils.rb:  ditto.
* lib/webrick/version.rb:  ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick: Add documentation for WEBrick::HTTPAuth 2011-05-10T23:37:43+00:00 drbrain drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-05-10T23:37:43+00:00 8c2a52937f3b71efa7bcb48e7b8b00bc6b616ab4 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
cosmetic. 2005-07-03T14:54:20+00:00 nahi nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2005-07-03T14:54:20+00:00 2fdd278c86ace13424f2eb7f2932dfef16c9b840 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8711 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8711 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpauth/htpasswd.rb (WEBrick::Htpasswd#reload): 2005-01-02T22:31:13+00:00 gotoyuzo gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2005-01-02T22:31:13+00:00 97102f6596e490ea98f0300e34c47061f1e97f85 raise NotImplementedError if password is encrypted by digest algorithms. This patch is contributed by sheepman. [ruby-list:40467] * lib/webrick/httpauth/digestauth.rb (WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation. This patch is contributed by sheepman. [ruby-list:40482] * lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use pack/unpack-template char "m" instead of lib/base64.rb to do base64 encoding/decoding. fixed: [ruby-dev:25336] * test/webrick/test_httpauth.rb: new file. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  raise NotImplementedError if password is encrypted by digest
  algorithms. This patch is contributed by sheepman. [ruby-list:40467]

* lib/webrick/httpauth/digestauth.rb
  (WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
  This patch is contributed by sheepman. [ruby-list:40482]

* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
  pack/unpack-template char "m" instead of lib/base64.rb to do base64
  encoding/decoding. fixed: [ruby-dev:25336]

* test/webrick/test_httpauth.rb: new file.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpauth.rb, 2004-12-18T06:17:33+00:00 nahi nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2004-12-18T06:17:33+00:00 93ed2c7b1e0370287228c967c9973c9f2344fc54 lib/webrick/httpauth/{basicauth.rb,digestauth.rb}: use pack/unpack-template char "m" instead of lib/base64.rb to do base64 encoding/decoding. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7593 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
          lib/webrick/httpauth/{basicauth.rb,digestauth.rb}: use
          pack/unpack-template char "m" instead of lib/base64.rb to do base64
          encoding/decoding.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7593 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick: imported. 2003-07-23T16:51:36+00:00 gotoyuzo gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2003-07-23T16:51:36+00:00 01eba908adcd150a7b816af0dbe167c4c4912a90 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e