| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Create the substrings necessary parts only, instead of cutting the
rest of the buffer. Also removed a useless, probable typo, regexp.
|
|
[#15206] [Fix GH-1976]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Based on patch by akr [ruby-core:88477], use Tempfile.create
to avoid unnecessary unlink call. Unlike akr's original patch,
this does not change the return value of flush.
Thanks-to: Tanaka Akira <akr@fsij.org>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
This adds a password_hash keyword argument to
WEBrick::HTTPAuth::Htpasswd#initialize. If set to :bcrypt, it
will create bcrypt hashes instead of crypt hashes, and will
raise an exception if the .htpasswd file uses crypt hashes.
If :bcrypt is used, then instead of calling
BasicAuth.make_passwd (which uses crypt),
WEBrick::HTTPAuth::Htpasswd#set_passwd will set the bcrypt
password directly. It isn't possible to change the
make_passwd API to accept the password hash format, as that
would break configurations who use Htpasswd#auth_type= to set
a custom auth_type.
This modifies WEBrick::HTTPAuth::BasicAuth to handle checking
both crypt and bcrypt hashes.
There are commented out requires for 'string/crypt', to handle
when String#crypt is deprecated and the undeprecated version is
moved to a gem.
There is also a commented out warning for the case when
the password_hash keyword is not specified and 'string/crypt'
cannot be required. I think the warning makes sense to nudge
users to using bcrypt.
I've updated the tests to test nil, :crypt, and :bcrypt values
for the password_hash keyword, skipping the bcrypt tests if the
bcrypt library cannot be required.
[ruby-core:88111] [Feature #14940]
From: Jeremy Evans <code@jeremyevans.net>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
WARNING! WARNING! WARNING! LIKELY BROKEN CHANGE
Pass a proc to WEBrick::HTTPRequest#body to avoid reading a
potentially large request body into memory during
authentication.
WARNING! this will break apps completely which want to do
something with the body besides calculating the MD5 digest
of it.
Also, keep in mind that probably nobody uses "auth-int".
Servers such as Apache, lighttpd, nginx don't seem to
support it; nor does curl when using POST/PUT bodies;
and we didn't have tests for it until now...
* lib/webrick/httpauth/digestauth.rb (_authenticate): stream req.body
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62965 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Be sure we do not try to open a pipe to read from, since we care
about mtime in all cases.
* lib/webrick/httpauth/htdigest.rb: use File.open
* lib/webrick/httpauth/htgroup.rb: ditto
* lib/webrick/httpauth/htpasswd.rb: ditto
[Misc #14216]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61397 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Follow r56795. Since Ruby 2.2, calling #close on a closed
socket no longer raises exceptions.
* lib/cgi/session.rb (update): remove closed? check
* lib/net/http.rb (finish, transport_request): ditto
* lib/net/imap.rb (disconnect): ditto
* lib/net/pop.rb (do_start, do_finish): ditto
* lib/net/smtp.rb (do_start, do_finish): ditto
* lib/open3.rb (popen_run, pipeline_run): ditto
* lib/pstore.rb (transaction): ditto
* lib/shell/process-controller.rb (sfork):
* lib/tempfile (_close, call, Tempfile.create): ditto
* lib/webrick/httpauth/htdigest.rb (flush): ditto
* lib/webrick/httpauth/htpasswd.rb (flush): ditto
* lib/webrick/server.rb (start_thread, cleanup_shutdown_pipe): ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56865 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56037 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
We may use the '0' (zero) to avoid adding the line feed.
Furthermore, the '*' (asterisk) modifier is not needed for
a single-element arrays.
* ext/psych/lib/psych/visitors/yaml_tree.rb (visit_String):
eliminate chomp
* lib/net/http.rb (connect): eliminate delete
* lib/net/http/header.rb (basic_encode): ditto
* lib/net/imap.rb (authenticate): eliminate gsub
(self.encode_utf7): shorten delete arg
* lib/net/smtp.rb (base64_encode): eliminate gsub
* lib/open-uri.rb (OpenURI.open_http): eliminate delete
* lib/rss/rss.rb: ditto
* lib/securerandom.rb (base64): ditto
(urlsafe_base64): eliminate delete!
* lib/webrick/httpauth/digestauth.rb (split_param_value):
eliminate chop
* lib/webrick/httpproxy.rb (do_CONNECT): eliminate delete
(setup_upstream_proxy_authentication): ditto
[ruby-core:72666] [Feature #11938]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53488 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ci skip][fix GH-1099] Patch by @jwworth
* lib/webrick/httpauth/digestauth.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52581 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* test/ruby/test_parse.rb: Fix typo in a test name.
s/allowd/allowed/
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43917 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
unintentional unlink() by the finalizer.
lib/webrick/httpauth/htdigest.rb: Ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/cgi.rb: ditto.
* lib/webrick/config.rb: ditto.
* lib/webrick/cookie.rb: ditto.
* lib/webrick/httpauth/authenticator.rb: ditto.
* lib/webrick/httpauth/basicauth.rb: ditto.
* lib/webrick/httpauth/digestauth.rb: ditto.
* lib/webrick/httpproxy.rb: ditto.
* lib/webrick/httprequest.rb: ditto.
* lib/webrick/httpresponse.rb: ditto.
* lib/webrick/https.rb: ditto.
* lib/webrick/httpserver.rb: ditto.
* lib/webrick/httpservlet/cgihandler.rb: ditto.
* lib/webrick/httpservlet/filehandler.rb: ditto.
* lib/webrick/httpservlet/prochandler.rb: ditto.
* lib/webrick/httputils.rb: ditto.
* lib/webrick/httpversion.rb: ditto.
* lib/webrick/log.rb: ditto.
* lib/webrick/server.rb: ditto.
* lib/webrick/ssl.rb: ditto.
* lib/webrick/utils.rb: ditto.
* lib/webrick/version.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Literal texts in HTTP ABNF is case-insensitive (RFC2616 2.1),
and a ample implementation in RFC2617 also ignores the case
of algorithms. So now this ignores those cases.
[ruby-dev:43965] [Feature #4936]
* lib/webrick/httpauth/digestauth.rb (initialize):
Because of above, opera_hack is useless and removed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32410 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/logger.rb: ditto
* lib/rss.rb: ditto
* lib/webrick/httpauth/authenticator.rb: ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/httpstatus.rb: ditto
* lib/webrick/htmlutils.rb: ditto
* lib/webrick/httpversion.rb: ditto
* lib/webrick/version.rb: ditto
* lib/webrick/httpauth/userdb.rb: ditto
* lib/webrick/httpauth/authenticator.rb: ditto
* lib/webrick/accesslog.rb: ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31497 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(WEBrick::HTTPAuth::ProxyDigestAuth#check_uri): privated.
[ruby-dev:42344]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29546 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29224 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
use #bytesize instead of #size. a patch submitted from
raspberry lemon in [ruby-core:18571].
* lib/webrick/httpauth/digestauth.rb, lib/webrick/httpproxy.rb,
lib/webrick/httprequest.rb, lib/webrick/httpservlet/cgi_runner.rb,
lib/webrick/httpservlet/abstract.rb, lib/webrick/httpresponse.rb,
lib/webrick/httpservlet/cgihandler.rb, lib/webrick/utils.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(WEBrick::HTTPAuth::DigestAuth#initialize): fix typo.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20078 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(WEBrick::HTTPAuth::Authenticator#check_scheme): auth-scheme must be
treated as a case-insensitive token according to RFC 2617 section 1.2.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12692 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8711 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
raise NotImplementedError if password is encrypted by digest
algorithms. This patch is contributed by sheepman. [ruby-list:40467]
* lib/webrick/httpauth/digestauth.rb
(WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
This patch is contributed by sheepman. [ruby-list:40482]
* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
pack/unpack-template char "m" instead of lib/base64.rb to do base64
encoding/decoding. fixed: [ruby-dev:25336]
* test/webrick/test_httpauth.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
lib/webrick/httpauth/{basicauth.rb,digestauth.rb}: use
pack/unpack-template char "m" instead of lib/base64.rb to do base64
encoding/decoding.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7593 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
avoid warnings. [webrickja:128]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7192 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
