rack-auth-kerberos 0.2.3 → 0.2.4

data/CHANGES

@@ -1,3 +1,10 @@
+= 0.2.4 - 22-Apr-2010
+* Krb5Auth::Krb5 object creation has been moved from the constructor into the
+  call method in order to guarantee a new object is used every time. This solves
+  a potential issue where krb5-auth would segfault if it tried to use an object
+  that had already been closed.
+* Some minor documentation updates. 
+
 = 0.2.3 - 14-Jan-2010
 * Resetting log with each call now, instead of initialize
 

data/lib/rack/auth/kerberos.rb

@@ -1,14 +1,15 @@
 require 'krb5_auth'
 
+# The Rack module serves as a namespace only.
 module Rack
+
+  # The Auth module serves as a namespace only.
   module Auth
+
+    # The Kerberos class encapsulates kerberos authentication handling.
     class Kerberos
       # The version of the rack-auth-kerberos library.
-      VERSION = '0.2.3'
-
-      def log(msg)
-        @log << "\n    #{msg}"
-      end
+      VERSION = '0.2.4'
 
       # Creates a new Rack::Kerberos object. The +user_field+ and +password_field+
       # are the params looked for in the call method. The defaults are 'username'
@@ -22,16 +23,11 @@ module Rack
       # supply a username with or without a realm and it will Just Work (TM).
       #
       def initialize(app, user_field = 'username', password_field = 'password', realm = nil)
+        @kerberos = nil
         @app = app
         @user_field = user_field
         @password_field = password_field
-        @kerberos = Krb5Auth::Krb5.new
-
-        if realm
-          @realm = realm
-        else
-          @realm = @kerberos.get_default_realm
-        end
+        @realm = realm
       end
 
       # The call method we've defined first checks to see if the AUTH_USER
@@ -56,6 +52,9 @@ module Rack
       # AUTH_DATETIME           => Time.now.utc
       #
       def call(env)
+        @kerberos = Krb5Auth::Krb5.new
+        @realm ||= @kerberos.get_default_realm
+
         @log = "Entering Rack::Auth::Kerberos"
         request = Rack::Request.new(env)
 
@@ -63,6 +62,7 @@ module Rack
         password = request.params[@password_field]
 
         log "Kerberos user: #{user}, password length: #{password.nil? ? 'nil' : password.size}"
+
         # Only authenticate user if both the username and password fields are present
         unless user && password
           return @app.call(env)
@@ -113,6 +113,12 @@ module Rack
         env['AUTH_LOG'] = @log
         @app.call(env)
       end
+
+      # Append a +msg+ to a @log string that can be used for logging & debugging.
+      #
+      def log(msg)
+        @log << "\n    #{msg}"
+      end
     end
   end
 end

data/rack-auth-kerberos.gemspec

@@ -2,7 +2,7 @@ require 'rubygems'
 
 Gem::Specification.new do |gem|
   gem.name      = 'rack-auth-kerberos'
-  gem.version   = '0.2.3'
+  gem.version   = '0.2.4'
   gem.authors   = ["Daniel Berger", "Charlie O'Keefe", "Marty Haught"]
   gem.email     = 'dberger@globe.gov'
   gem.homepage  = 'http://www.github.com/rack-kerberos'

data/test/test_rack_auth_kerberos.rb

@@ -13,7 +13,7 @@ class TC_Rack_Auth_Kerberos < Test::Unit::TestCase
   end
 
   def test_version
-    assert_equal('0.2.3', Rack::Auth::Kerberos::VERSION)
+    assert_equal('0.2.4', Rack::Auth::Kerberos::VERSION)
   end
 
   def teardown

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: rack-auth-kerberos
 version: !ruby/object:Gem::Version 
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors: 
 - Daniel Berger
@@ -11,7 +11,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-01-15 00:00:00 -07:00
+date: 2010-04-22 00:00:00 -06:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency