diff options
author | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-07-25 13:25:27 +0000 |
---|---|---|
committer | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-07-25 13:25:27 +0000 |
commit | 798355f6e33b854a00252f680f00ebb94b7b1355 (patch) | |
tree | e8b5e71f379b33f93b9da620c355072ed71cceda | |
parent | e68c8979255e4f562b16994e04520f06312c5f96 (diff) |
* backport r32666 from trunk.
* lib/xmlrpc/client.rb: Fix possible HTTP header formatting failure by
'Basic' header. Long username caused the base64 String truncation in
HTTP header which is not allowed. See #5046.
* test/xmlrpc/test_webrick_server.rb: test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@32668 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | lib/xmlrpc/client.rb | 2 | ||||
-rw-r--r-- | test/xmlrpc/htpasswd | 2 | ||||
-rw-r--r-- | test/xmlrpc/test_webrick_server.rb | 36 |
4 files changed, 46 insertions, 4 deletions
@@ -1,3 +1,13 @@ +Mon Jul 25 22:24:09 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * backport r32666 from trunk. + + * lib/xmlrpc/client.rb: Fix possible HTTP header formatting failure by + 'Basic' header. Long username caused the base64 String truncation in + HTTP header which is not allowed. See #5046. + + * test/xmlrpc/test_webrick_server.rb: test it. + Mon Jul 25 15:36:07 2011 Hiroshi Nakamura <nahi@ruby-lang.org> * ext/openssl/lib/openssl/{x509.rb,ssl.rb}: Add deprecation warning diff --git a/lib/xmlrpc/client.rb b/lib/xmlrpc/client.rb index 65c9cd0c9c..c09a9514d6 100644 --- a/lib/xmlrpc/client.rb +++ b/lib/xmlrpc/client.rb @@ -493,7 +493,7 @@ module XMLRPC else a = "#@user" a << ":#@password" if @password != nil - @auth = ("Basic " + [a].pack("m")).chomp + @auth = "Basic " + [a].pack("m0") end end diff --git a/test/xmlrpc/htpasswd b/test/xmlrpc/htpasswd new file mode 100644 index 0000000000..898fc8663b --- /dev/null +++ b/test/xmlrpc/htpasswd @@ -0,0 +1,2 @@ +admin:Qg266hq/YYKe2 +01234567890123456789012345678901234567890123456789012345678901234567890123456789:Yl.SJmoFETpS2 diff --git a/test/xmlrpc/test_webrick_server.rb b/test/xmlrpc/test_webrick_server.rb index 8a37cdec91..5a9f51be33 100644 --- a/test/xmlrpc/test_webrick_server.rb +++ b/test/xmlrpc/test_webrick_server.rb @@ -3,13 +3,25 @@ require 'webrick' require_relative 'webrick_testing' require "xmlrpc/server" require 'xmlrpc/client' +require 'logger' class Test_Webrick < Test::Unit::TestCase include WEBrick_Testing + @@basic_auth = WEBrick::HTTPAuth::BasicAuth.new( + :Realm => 'auth', + :UserDB => WEBrick::HTTPAuth::Htpasswd.new(File.expand_path('./htpasswd', File.dirname(__FILE__))), + :Logger => Logger.new(File::NULL), + ) + def create_servlet s = XMLRPC::WEBrickServlet.new + def s.service(req, res) + @@basic_auth.authenticate(req, res) + super(req, res) + end + s.add_handler("test.add") do |a,b| a + b end @@ -46,8 +58,6 @@ class Test_Webrick < Test::Unit::TestCase end start_server(option) {|w| w.mount('/RPC2', create_servlet) } - - @s = XMLRPC::Client.new3(:port => port, :use_ssl => use_ssl) end PORT = 8070 @@ -56,13 +66,33 @@ class Test_Webrick < Test::Unit::TestCase [false].each do |use_ssl| begin setup_http_server(PORT, use_ssl) - do_test + @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl) + @s.user = 'admin' + @s.password = 'admin' + silent do + do_test + end + @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl) + @s.user = '01234567890123456789012345678901234567890123456789012345678901234567890123456789' + @s.password = 'guest' + silent do + do_test + end ensure stop_server end end end + def silent + begin + back, $VERBOSE = $VERBOSE, nil + yield + ensure + $VERBOSE = back + end + end + def do_test # simple call assert_equal 9, @s.call('test.add', 4, 5) |