dalli 0.9.2 → 0.9.3

data/test/test_dalli.rb

@@ -73,6 +73,7 @@ class TestDalli < Test::Unit::TestCase
 
     should "support multi-get" do
       memcached do |dc|
+        dc.close
         dc.flush
         resp = dc.get_multi(%w(a b c d e f))
         assert_equal({}, resp)
@@ -129,6 +130,7 @@ class TestDalli < Test::Unit::TestCase
         # rollover the 64-bit value, we'll get something undefined.
         resp = dc.incr('big', 1)
         assert_not_equal 0x10000000000000000, resp
+        dc.reset
       end
     end
 
@@ -179,11 +181,13 @@ class TestDalli < Test::Unit::TestCase
 
         resp = dc.stats
         assert_equal Hash, resp.class
+
+        dc.close
       end
     end
     
     should "support multithreaded access" do
-      memcached(11211) do |cache|
+      memcached(19123) do |cache|
         cache.flush
         workers = []
 

data/test/test_session_store.rb

@@ -0,0 +1,200 @@
+require 'helper'
+
+require 'abstract_unit'
+require 'action_dispatch/middleware/session/dalli_store'
+
+class Foo
+  def initialize(bar='baz')
+    @bar = bar
+  end
+  def inspect
+    "#<#{self.class} bar:#{@bar.inspect}>"
+  end
+end
+
+class TestSessionStore < ActionController::IntegrationTest
+  class TestController < ActionController::Base
+    def no_session_access
+      head :ok
+    end
+
+    def set_session_value
+      session[:foo] = "bar"
+      head :ok
+    end
+
+    def set_serialized_session_value
+      session[:foo] = Foo.new
+      head :ok
+    end
+
+    def get_session_value
+      render :text => "foo: #{session[:foo].inspect}"
+    end
+
+    def get_session_id
+      render :text => "#{request.session_options[:id]}"
+    end
+
+    def call_reset_session
+      session[:bar]
+      reset_session
+      session[:bar] = "baz"
+      head :ok
+    end
+
+    def rescue_action(e) raise end
+  end
+
+  begin
+    require 'dalli'
+    memcache = Dalli::Client.new('localhost:11211')
+    memcache.set('ping', '')
+
+    def test_setting_and_getting_session_value
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: "bar"', response.body
+      end
+    end
+
+    def test_getting_nil_session_value
+      with_test_route_set do
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: nil', response.body
+      end
+    end
+
+    def test_getting_session_value_after_session_reset
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+        session_cookie = cookies.send(:hash_for)['_session_id']
+
+        get '/call_reset_session'
+        assert_response :success
+        assert_not_equal [], headers['Set-Cookie']
+
+        cookies << session_cookie # replace our new session_id with our old, pre-reset session_id
+
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: nil', response.body, "data for this session should have been obliterated from memcached"
+      end
+    end
+
+    def test_getting_from_nonexistent_session
+      with_test_route_set do
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: nil', response.body
+        assert_nil cookies['_session_id'], "should only create session on write, not read"
+      end
+    end
+
+    def test_setting_session_value_after_session_reset
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+        session_id = cookies['_session_id']
+
+        get '/call_reset_session'
+        assert_response :success
+        assert_not_equal [], headers['Set-Cookie']
+
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: nil', response.body
+
+        get '/get_session_id'
+        assert_response :success
+        assert_not_equal session_id, response.body
+      end
+    end
+
+    def test_getting_session_id
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+        session_id = cookies['_session_id']
+
+        get '/get_session_id'
+        assert_response :success
+        assert_equal session_id, response.body, "should be able to read session id without accessing the session hash"
+      end
+    end
+
+    def test_deserializes_unloaded_class
+      with_test_route_set do
+        with_autoload_path "session_autoload_test" do
+          get '/set_serialized_session_value'
+          assert_response :success
+          assert cookies['_session_id']
+        end
+        with_autoload_path "session_autoload_test" do
+          get '/get_session_id'
+          assert_response :success
+        end
+        with_autoload_path "session_autoload_test" do
+          get '/get_session_value'
+          assert_response :success
+          assert_equal 'foo: #<Foo bar:"baz">', response.body, "should auto-load unloaded class"
+        end
+      end
+    end
+
+    def test_doesnt_write_session_cookie_if_session_id_is_already_exists
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+
+        get '/get_session_value'
+        assert_response :success
+        assert_equal nil, headers['Set-Cookie'], "should not resend the cookie again if session_id cookie is already exists"
+      end
+    end
+
+    def test_prevents_session_fixation
+      with_test_route_set do
+        get '/get_session_value'
+        assert_response :success
+        assert_equal 'foo: nil', response.body
+        session_id = cookies['_session_id']
+
+        reset!
+
+        get '/set_session_value', :_session_id => session_id
+        assert_response :success
+        assert_not_equal session_id, cookies['_session_id']
+      end
+    end
+  rescue LoadError, RuntimeError
+    $stderr.puts "Skipping TestSessionStore tests. Start memcached and try again."
+  end
+
+  private
+    def with_test_route_set
+      with_routing do |set|
+        set.draw do |map|
+          match ':action', :to => ::TestSessionStore::TestController
+        end
+
+        @app = self.class.build_app(set) do |middleware|
+          middleware.use ActionDispatch::Session::DalliStore, :key => '_session_id'
+          middleware.delete "ActionDispatch::ShowExceptions"
+        end
+
+        yield
+      end
+    end
+end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 9
-  - 2
-  version: 0.9.2
+  - 3
+  version: 0.9.3
 platform: ruby
 authors: 
 - Mike Perham
@@ -55,8 +55,7 @@ dependencies:
         - 3
         - 0
         - 0
-        - rc2
-        version: 3.0.0.rc2
+        version: 3.0.0
   type: :development
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
@@ -83,14 +82,14 @@ extensions: []
 extra_rdoc_files: []
 
 files: 
+- lib/action_dispatch/middleware/session/dalli_store.rb
 - lib/active_support/cache/dalli_store.rb
+- lib/active_support/cache/dalli_store23.rb
 - lib/dalli/client.rb
 - lib/dalli/options.rb
 - lib/dalli/ring.rb
 - lib/dalli/sasl/anonymous.rb
 - lib/dalli/sasl/base.rb
-- lib/dalli/sasl/base64.rb
-- lib/dalli/sasl/digest_md5.rb
 - lib/dalli/sasl/plain.rb
 - lib/dalli/server.rb
 - lib/dalli/version.rb
@@ -103,12 +102,15 @@ files:
 - Gemfile
 - dalli.gemspec
 - Performance.md
+- Upgrade.md
+- test/abstract_unit.rb
+- test/benchmark_test.rb
 - test/helper.rb
 - test/memcached_mock.rb
 - test/test_active_support.rb
-- test/test_benchmark.rb
 - test/test_dalli.rb
 - test/test_network.rb
+- test/test_session_store.rb
 has_rdoc: true
 homepage: http://github.com/mperham/dalli
 licenses: []
@@ -142,9 +144,11 @@ signing_key:
 specification_version: 3
 summary: High performance memcached client for Ruby
 test_files: 
+- test/abstract_unit.rb
+- test/benchmark_test.rb
 - test/helper.rb
 - test/memcached_mock.rb
 - test/test_active_support.rb
-- test/test_benchmark.rb
 - test/test_dalli.rb
 - test/test_network.rb
+- test/test_session_store.rb

data/lib/dalli/sasl/base64.rb

@@ -1,14 +0,0 @@
-begin
-  require 'base64'
-rescue LoadError
-  # Ruby 1.9 compat
-  module Base64
-    def self.encode64(data)
-      [data].pack('m')
-    end
-
-    def self.decode64(data64)
-      data64.unpack('m')[0]
-    end
-  end
-end

data/lib/dalli/sasl/digest_md5.rb

@@ -1,175 +0,0 @@
-require 'digest/md5'
-
-module SASL
-  ##
-  # RFC 2831:
-  # http://tools.ietf.org/html/rfc2831
-  class DigestMD5 < Mechanism
-    attr_writer :cnonce
-
-    def initialize(*a)
-      super
-      @nonce_count = 0
-    end
-
-    def start
-      @state = nil
-      unless defined? @nonce
-        ['auth', nil]
-      else
-        # reauthentication
-        receive('challenge', '')
-      end
-    end
-
-    def receive(message_name, content)
-      if message_name == 'challenge'
-        c = decode_challenge(content)
-
-        unless c['rspauth']
-          response = {}
-          if defined?(@nonce) && response['nonce'].nil?
-            # Could be reauth
-          else
-            # No reauth:
-            @nonce_count = 0
-          end
-          @nonce ||= c['nonce']
-          response['nonce'] = @nonce
-          response['charset'] = 'utf-8'
-          response['username'] = preferences.username
-          response['realm'] = c['realm'] || preferences.realm
-          @cnonce = generate_nonce unless defined? @cnonce
-          response['cnonce'] = @cnonce
-          @nc = next_nc
-          response['nc'] = @nc
-          @qop = c['qop'] || 'auth'
-          response['qop'] = @qop
-          response['digest-uri'] = preferences.digest_uri #"memcached/#{self.hostname}"
-          response['response'] = response_value(response['nonce'], response['nc'], response['cnonce'], response['qop'])
-          ['response', encode_response(response)]
-        else
-          rspauth_expected = response_value(@nonce, @nc, @cnonce, @qop, '')
-          p :rspauth_received=>c['rspauth'], :rspauth_expected=>rspauth_expected
-          if c['rspauth'] == rspauth_expected
-            ['response', nil]
-          else
-            # Bogus server?
-            @state = :failure
-            ['failure', nil]
-          end
-        end
-      else
-        # No challenge? Might be success or failure
-        super
-      end
-    end
-
-    private
-
-    def decode_challenge(text)
-      challenge = {}
-      
-      state = :key
-      key = ''
-      value = ''
-
-      text.scan(/./) do |ch|
-        if state == :key
-          if ch == '='
-            state = :value
-          elsif ch =~ /\S/
-            key += ch
-          end
-          
-        elsif state == :value
-          if ch == ','
-            challenge[key] = value
-            key = ''
-            value = ''
-            state = :key
-          elsif ch == '"' and value == ''
-            state = :quote
-          else
-            value += ch
-          end
-
-        elsif state == :quote
-          if ch == '"'
-            state = :value
-          else
-            value += ch
-          end
-        end
-      end
-      challenge[key] = value unless key == ''
-      
-      p :decode_challenge => challenge
-      challenge
-    end
-
-    def encode_response(response)
-      p :encode_response => response
-      response.collect do |k,v|
-        if v.include?('"')
-          v.sub!('\\', '\\\\')
-          v.sub!('"', '\\"')
-          "#{k}=\"#{v}\""
-        else
-          "#{k}=#{v}"
-        end
-      end.join(',')
-    end
-
-    def generate_nonce
-      nonce = ''
-      while nonce.length < 16
-        c = rand(128).chr
-        nonce += c if c =~ /^[a-zA-Z0-9]$/
-      end
-      nonce
-    end
-
-    ##
-    # Function from RFC2831
-    def h(s); Digest::MD5.digest(s); end
-    ##
-    # Function from RFC2831
-    def hh(s); Digest::MD5.hexdigest(s); end
-    
-    ##
-    # Calculate the value for the response field
-    def response_value(nonce, nc, cnonce, qop, a2_prefix='AUTHENTICATE')
-      p :response_value => {:nonce=>nonce,
-        :cnonce=>cnonce,
-        :qop=>qop,
-        :username=>preferences.username,
-        :realm=>preferences.realm,
-        :password=>preferences.password,
-        :authzid=>preferences.authzid}
-      a1_h = h("#{preferences.username}:#{preferences.realm}:#{preferences.password}")
-      a1 = "#{a1_h}:#{nonce}:#{cnonce}"
-      if preferences.authzid
-        a1 += ":#{preferences.authzid}"
-      end
-      if qop && (qop.downcase == 'auth-int' || qop.downcase == 'auth-conf')
-        a2 = "#{a2_prefix}:#{preferences.digest_uri}:00000000000000000000000000000000"
-      else
-        a2 = "#{a2_prefix}:#{preferences.digest_uri}"
-      end
-      hh("#{hh(a1)}:#{nonce}:#{nc}:#{cnonce}:#{qop}:#{hh(a2)}")
-    end
-
-    def next_nc
-      @nonce_count += 1
-      s = @nonce_count.to_s
-      s = "0#{s}" while s.length < 8
-      s
-    end
-  end
-  
-  # TODO: need to test
-  #MECHANISMS['DIGEST-MD5'] = SASL::DigestMD5
-  
-end
-