ruby.git/lib/webrick, branch v2_6_0_rc2 The Ruby Programming Language webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a 2018-12-03T04:51:08+00:00 normal normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-12-03T04:51:08+00:00 a063f71a7ccc733d8ab4b997dfc3ffb1ab987afc OpenSSL complains abour our keys being small and weak :< Make them big and strong with 2048-bit RSA keys and SHA256 digests git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
OpenSSL complains abour our keys being small and weak :<
Make them big and strong with 2048-bit RSA keys and SHA256 digests

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/webrick: explicitly convert header values to a string 2018-11-26T05:29:45+00:00 mame mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-11-26T05:29:45+00:00 7a635a7d12fc127da76bc4eca78414602db6350c The values of @header are expected to be all strings; WEBrick::HTTPResponse::[]=(key, val) explicitly converts the second argument to a string and assigns it to @header hash. However, there were some points in WEBrick internal code that assigns non-String to @header. This change fixes the issues. The values are checked by `header_value =~ /\r\n/` in check_header. The type confusion caused conflict with removal of `Object#=~` [Feature #15231]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65984 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
The values of @header are expected to be all strings;
WEBrick::HTTPResponse::[]=(key, val) explicitly converts the second
argument to a string and assigns it to @header hash.
However, there were some points in WEBrick internal code that assigns
non-String to @header.  This change fixes the issues.

The values are checked by `header_value =~ /\r\n/` in check_header.
The type confusion caused conflict with removal of `Object#=~`
[Feature #15231].

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65984 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/*: Prefer require_relative over require, remove explicit extension 2018-11-02T17:52:43+00:00 marcandre marcandre@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-11-02T17:52:43+00:00 b9d42af0f28f7957c5a086a86175a0739d251c73 [#15206] [Fix GH-1976] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[#15206] [Fix GH-1976]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/*: Prefer require_relative over require. 2018-11-02T17:52:33+00:00 marcandre marcandre@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-11-02T17:52:33+00:00 e859e668d2eb59f34ad18edb7458ce90076617e9 [#15206] [Fix GH-1976] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[#15206] [Fix GH-1976]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
default gems: add missing comment in gemspec 2018-10-12T19:58:11+00:00 stomar stomar@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-10-12T19:58:11+00:00 ef0615b6ef7a2d8caf4c03b6c9d5fc75a2e90527 * lib/csv/csv.gemspec: [DOC] add comment for require fallback in Ruby repository. * lib/logger.gemspec: ditto. * lib/prime.gemspec: ditto. * lib/rexml/rexml.gemspec: ditto. * lib/rss/rss.gemspec: ditto. * lib/webrick/webrick.gemspec: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65037 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/csv/csv.gemspec: [DOC] add comment for require fallback
  in Ruby repository.

* lib/logger.gemspec: ditto.
* lib/prime.gemspec: ditto.
* lib/rexml/rexml.gemspec: ditto.
* lib/rss/rss.gemspec: ditto.
* lib/webrick/webrick.gemspec: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65037 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
webrick: raise EOFError in parse when read line is nil 2018-09-24T07:48:33+00:00 normal normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-09-24T07:48:33+00:00 1aef602d5a9398ff362de212ae402ffcd8ff76ae [Bug #15146] From: Justin Li <git@justinli.net> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[Bug #15146]

From: Justin Li <git@justinli.net>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
webrick/httpauth/htgroup.rb (flush): avoid unnecessary unlink 2018-08-14T23:00:02+00:00 normal normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-08-14T23:00:02+00:00 ab7e34e4db6a1fd7cc83367b2646405a109fa7d8 Based on patch by akr [ruby-core:88477], use Tempfile.create to avoid unnecessary unlink call. Unlike akr's original patch, this does not change the return value of flush. Thanks-to: Tanaka Akira <akr@fsij.org> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Based on patch by akr [ruby-core:88477], use Tempfile.create
to avoid unnecessary unlink call.  Unlike akr's original patch,
this does not change the return value of flush.

Thanks-to: Tanaka Akira <akr@fsij.org>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fallback to load version constant for ruby core repository. 2018-08-07T12:32:29+00:00 hsbt hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-08-07T12:32:29+00:00 d59fc41fbaf6ae3458a5260fb53916468f7e56f7 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Removed needless date attribute from gemspec of default gems. 2018-08-07T12:02:10+00:00 hsbt hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-08-07T12:02:10+00:00 7d9109f8006057d3e6ec44103cc1a5242529f4c2 They are assigned automatically when pushing gem file to rubygems.org. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  They are assigned automatically when pushing gem file to rubygems.org.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
webrick: Support bcrypt password hashing 2018-07-26T03:21:52+00:00 normal normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-07-26T03:21:52+00:00 9749bfbf735f8dca3361f2ea16bb97027bd1ab61 This adds a password_hash keyword argument to WEBrick::HTTPAuth::Htpasswd#initialize. If set to :bcrypt, it will create bcrypt hashes instead of crypt hashes, and will raise an exception if the .htpasswd file uses crypt hashes. If :bcrypt is used, then instead of calling BasicAuth.make_passwd (which uses crypt), WEBrick::HTTPAuth::Htpasswd#set_passwd will set the bcrypt password directly. It isn't possible to change the make_passwd API to accept the password hash format, as that would break configurations who use Htpasswd#auth_type= to set a custom auth_type. This modifies WEBrick::HTTPAuth::BasicAuth to handle checking both crypt and bcrypt hashes. There are commented out requires for 'string/crypt', to handle when String#crypt is deprecated and the undeprecated version is moved to a gem. There is also a commented out warning for the case when the password_hash keyword is not specified and 'string/crypt' cannot be required. I think the warning makes sense to nudge users to using bcrypt. I've updated the tests to test nil, :crypt, and :bcrypt values for the password_hash keyword, skipping the bcrypt tests if the bcrypt library cannot be required. [ruby-core:88111] [Feature #14940] From: Jeremy Evans <code@jeremyevans.net> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
This adds a password_hash keyword argument to
WEBrick::HTTPAuth::Htpasswd#initialize.  If set to :bcrypt, it
will create bcrypt hashes instead of crypt hashes, and will
raise an exception if the .htpasswd file uses crypt hashes.

If :bcrypt is used, then instead of calling
BasicAuth.make_passwd (which uses crypt),
WEBrick::HTTPAuth::Htpasswd#set_passwd will set the bcrypt
password directly.  It isn't possible to change the
make_passwd API to accept the password hash format, as that
would break configurations who use Htpasswd#auth_type= to set
a custom auth_type.

This modifies WEBrick::HTTPAuth::BasicAuth to handle checking
both crypt and bcrypt hashes.

There are commented out requires for 'string/crypt', to handle
when String#crypt is deprecated and the undeprecated version is
moved to a gem.

There is also a commented out warning for the case when
the password_hash keyword is not specified and 'string/crypt'
cannot be required.  I think the warning makes sense to nudge
users to using bcrypt.

I've updated the tests to test nil, :crypt, and :bcrypt values
for the password_hash keyword, skipping the bcrypt tests if the
bcrypt library cannot be required.

[ruby-core:88111] [Feature #14940]

From: Jeremy Evans <code@jeremyevans.net>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e