diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | lib/xmlrpc/client.rb | 2 | ||||
-rw-r--r-- | test/xmlrpc/test_webrick_server.rb | 36 |
3 files changed, 42 insertions, 4 deletions
@@ -1,3 +1,11 @@ +Mon Jul 25 22:14:37 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * lib/xmlrpc/client.rb: Fix possible HTTP header formatting failure by + 'Basic' header. Long username caused the base64 String truncation in + HTTP header which is not allowed. See #5046. + + * test/xmlrpc/test_webrick_server.rb: test it. + Mon Jul 25 15:04:33 2011 Hiroshi Nakamura <nahi@ruby-lang.org> * ext/openssl/lib/openssl.rb: End of transition period introduced by diff --git a/lib/xmlrpc/client.rb b/lib/xmlrpc/client.rb index 65c9cd0c9c..c09a9514d6 100644 --- a/lib/xmlrpc/client.rb +++ b/lib/xmlrpc/client.rb @@ -493,7 +493,7 @@ module XMLRPC else a = "#@user" a << ":#@password" if @password != nil - @auth = ("Basic " + [a].pack("m")).chomp + @auth = "Basic " + [a].pack("m0") end end diff --git a/test/xmlrpc/test_webrick_server.rb b/test/xmlrpc/test_webrick_server.rb index 8a37cdec91..5a9f51be33 100644 --- a/test/xmlrpc/test_webrick_server.rb +++ b/test/xmlrpc/test_webrick_server.rb @@ -3,13 +3,25 @@ require 'webrick' require_relative 'webrick_testing' require "xmlrpc/server" require 'xmlrpc/client' +require 'logger' class Test_Webrick < Test::Unit::TestCase include WEBrick_Testing + @@basic_auth = WEBrick::HTTPAuth::BasicAuth.new( + :Realm => 'auth', + :UserDB => WEBrick::HTTPAuth::Htpasswd.new(File.expand_path('./htpasswd', File.dirname(__FILE__))), + :Logger => Logger.new(File::NULL), + ) + def create_servlet s = XMLRPC::WEBrickServlet.new + def s.service(req, res) + @@basic_auth.authenticate(req, res) + super(req, res) + end + s.add_handler("test.add") do |a,b| a + b end @@ -46,8 +58,6 @@ class Test_Webrick < Test::Unit::TestCase end start_server(option) {|w| w.mount('/RPC2', create_servlet) } - - @s = XMLRPC::Client.new3(:port => port, :use_ssl => use_ssl) end PORT = 8070 @@ -56,13 +66,33 @@ class Test_Webrick < Test::Unit::TestCase [false].each do |use_ssl| begin setup_http_server(PORT, use_ssl) - do_test + @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl) + @s.user = 'admin' + @s.password = 'admin' + silent do + do_test + end + @s = XMLRPC::Client.new3(:port => PORT, :use_ssl => use_ssl) + @s.user = '01234567890123456789012345678901234567890123456789012345678901234567890123456789' + @s.password = 'guest' + silent do + do_test + end ensure stop_server end end end + def silent + begin + back, $VERBOSE = $VERBOSE, nil + yield + ensure + $VERBOSE = back + end + end + def do_test # simple call assert_equal 9, @s.call('test.add', 4, 5) |