RubyGems - net_dav - Versions diffs - 0.2.2 → 0.3.0 - Mend

net_dav 0.2.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

data/Rakefile CHANGED Viewed

@@ -36,7 +36,11 @@ task :spec => :check_dependencies
 task :default => :spec
-task :dist => [:clean, :release]
+task "dist" => [:clean, :release]
+task "dist:patch" => [:clean, "version:bump:patch", :release]
+task "dist:minor" => [:clean, "version:bump:minor", :release]
 task :clean do
   Dir.glob("**/*~").each do |file|

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.2.2
1	+ 0.3.0

data/bin/dav CHANGED Viewed

@@ -6,6 +6,9 @@ require 'net/dav'
 dav_user = ENV['DAVUSER']
 dav_pass = ENV['DAVPASS']
+disable_basic_auth = (ENV['DISABLE_BASIC_AUTH'] && ENV['DISABLE_BASIC_AUTH'] != "0")
+enable_curl = !(ENV['DISABLE_CURL'] && ENV['DISABLE_CURL'] != "0")
 cmd = $*[0]
 def print_usage
@@ -36,9 +39,8 @@ else
   url = URI.parse $*[1]
 end
-enable_curl = !(ENV['DISABLE_CURL'] && ENV['DISABLE_CURL'] != "0")
 dav = Net::DAV.new(url, :curl => enable_curl)
+dav.disable_basic_auth = disable_basic_auth
 if (url.scheme == 'https')
   dav.verify_callback = lambda do |preverify_ok, x509_store|

data/lib/net/dav.rb CHANGED Viewed

@@ -3,6 +3,7 @@ require 'uri'
 require 'nokogiri'
 require 'net/dav/item'
 require 'base64'
+require 'digest/md5'
 begin
   require 'curb'
 rescue LoadError
@@ -15,6 +16,8 @@ module Net #:nodoc:
     class NetHttpHandler
       attr_writer :user, :pass
+      attr_accessor :disable_basic_auth
       def verify_callback=(callback)
 	@http.verify_callback = callback
       end
@@ -24,6 +27,7 @@ module Net #:nodoc:
       end
       def initialize(uri)
+	@disable_basic_auth = false
 	@uri = uri
 	case @uri.scheme
 	when "http"
@@ -69,9 +73,6 @@ module Net #:nodoc:
 	req.content_length = length
 	headers.each_pair { |key, value| req[key] = value } if headers
 	req.content_type = 'text/xml; charset="utf-8"'
-	if (@user)
-	  req.basic_auth @user, @pass
-	end
 	res = handle_request(req, headers)
 	res
       end
@@ -87,9 +88,6 @@ module Net #:nodoc:
 	req.body = body
 	headers.each_pair { |key, value| req[key] = value } if headers
 	req.content_type = 'text/xml; charset="utf-8"'
-	if (@user)
-	  req.basic_auth @user, @pass
-	end
 	res = handle_request(req, headers)
 	res
       end
@@ -103,9 +101,6 @@ module Net #:nodoc:
 	    raise "unkown returning_body verb #{verb}"
 	  end
 	headers.each_pair { |key, value| req[key] = value } if headers
-	if (@user)
-	  req.basic_auth @user, @pass
-	end
 	res = handle_request(req, headers, MAX_REDIRECTS, &block)
 	res.body
       end
@@ -123,9 +118,6 @@ module Net #:nodoc:
 	req.body = body
 	headers.each_pair { |key, value| req[key] = value } if headers
 	req.content_type = 'text/xml; charset="utf-8"'
-	if (@user)
-	  req.basic_auth @user, @pass
-	end
 	res = handle_request(req, headers)
 	res
       end
@@ -144,7 +136,21 @@ module Net #:nodoc:
 	  response = @http.request(req)
 	end
 	case response
-	when Net::HTTPSuccess     then response
+	when Net::HTTPSuccess     then
+	  return response
+	when Net::HTTPUnauthorized     then
+	  response.error! unless @user
+	  response.error! if req['authorization']
+	  new_req = clone_req(req.path, req, headers)
+	  if response['www-authenticate'] =~ /^Basic/
+	    if disable_basic_auth
+	      raise "server requested basic auth, but that is disabled"
+	    end
+	    new_req.basic_auth @user, @pass
+	  else
+	    digest_auth(new_req, @user, @pass, response)
+	  end
+	  return handle_request(new_req, headers, limit - 1, &block)
 	when Net::HTTPRedirection then
 	  location = URI.parse(response['location'])
 	  if (@uri.scheme != location.scheme ||
@@ -152,18 +158,56 @@ module Net #:nodoc:
 	      @uri.port != location.port)
 	    raise "cannot redirect to a different host #{@uri} => #{location}"
 	  end
-	  new_req = req.class.new(location.path)
-	  new_req.body = req.body
-	  new_req.body_stream = req.body_stream
-	  headers.each_pair { |key, value| new_req[key] = value } if headers
-	  if (@user)
-	    new_req.basic_auth @user, @pass
-	  end
-	  handle_request(new_req, limit - 1, &block)
+	  new_req = clone_req(location.path, req, headers)
+	  return handle_request(new_req, headers, limit - 1, &block)
 	else
 	  response.error!
 	end
       end
+      def clone_req(path, req, headers)
+	new_req = req.class.new(path)
+	new_req.body = req.body
+	new_req.body_stream = req.body_stream
+	headers.each_pair { |key, value| new_req[key] = value } if headers
+	return new_req
+      end
+      CNONCE = Digest::MD5.hexdigest("%x" % (Time.now.to_i + rand(65535))).slice(0, 8)
+      def digest_auth(request, user, password, response)
+	# based on http://segment7.net/projects/ruby/snippets/digest_auth.rb
+	@nonce_count = 0 if @nonce_count.nil?
+	@nonce_count += 1
+	raise "bad www-authenticate header" unless (response['www-authenticate'] =~ /^(\w+) (.*)/)
+	params = {}
+	$2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
+	a_1 = "#{user}:#{params['realm']}:#{password}"
+	a_2 = "#{request.method}:#{request.path}"
+	request_digest = ''
+	request_digest << Digest::MD5.hexdigest(a_1)
+	request_digest << ':' << params['nonce']
+	request_digest << ':' << ('%08x' % @nonce_count)
+	request_digest << ':' << CNONCE
+	request_digest << ':' << params['qop']
+	request_digest << ':' << Digest::MD5.hexdigest(a_2)
+	header = []
+	header << "Digest username=\"#{user}\""
+	header << "realm=\"#{params['realm']}\""
+	header << "nonce=\"#{params['nonce']}\""
+	header << "uri=\"#{request.path}\""
+	header << "cnonce=\"#{CNONCE}\""
+	header << "nc=#{'%08x' % @nonce_count}"
+	header << "qop=#{params['qop']}"
+	header << "response=\"#{Digest::MD5.hexdigest(request_digest)}\""
+	header << "algorithm=\"MD5\""
+	header = header.join(', ')
+	request['Authorization'] = header
+      end
     end
@@ -187,6 +231,9 @@ module Net #:nodoc:
 	  @curl.timeout = @http.read_timeout
 	  @curl.follow_location = true
 	  @curl.max_redirects = MAX_REDIRECTS
+	  if disable_basic_auth
+	    @curl.http_auth_types = Curl::CURLAUTH_DIGEST
+	  end
 	end
 	@curl
       end
@@ -210,11 +257,25 @@ module Net #:nodoc:
 	  end
 	end
 	curl.perform
+	unless curl.response_code >= 200 && curl.response_code < 300
+	  headers = curl.header_str.split(/\r?\n/)
+	  raise Exception.new("Curl response #{headers[0]}")
+	end
 	curl.body_str
       end
     end
+    # Disable basic auth - to protect passwords from going in the clear
+    # through a man-in-the-middle attack.
+    def disable_basic_auth?
+      @handler.disable_basic_auth
+    end
+    def disable_basic_auth=(value)
+      @handler.disable_basic_auth = value
+    end
     # Seconds to wait until reading one block (by one system call).
     # If the DAV object cannot read a block in this many seconds,
     # it raises a TimeoutError exception.

data/net_dav.gemspec CHANGED Viewed

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{net_dav}
-  s.version = "0.2.2"
+  s.version = "0.3.0"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Miron Cuperman"]
-  s.date = %q{2009-11-01}
+  s.date = %q{2009-11-02}
   s.default_executable = %q{dav}
   s.description = %q{WebDAV client library in the style of Net::HTTP}
   s.email = %q{c1.github@niftybox.net}

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: net_dav
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors:
 - Miron Cuperman
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-11-01 00:00:00 -07:00
+date: 2009-11-02 00:00:00 -08:00
 default_executable: dav
 dependencies:
 - !ruby/object:Gem::Dependency