webrick 1.3.1

data/lib/webrick/compat.rb

@@ -0,0 +1,35 @@
+#
+# compat.rb -- cross platform compatibility
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2002 GOTOU Yuuzou
+# Copyright (c) 2002 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: compat.rb,v 1.6 2002/10/01 17:16:32 gotoyuzo Exp $
+
+##
+# System call error module used by webrick for cross platform compatability.
+#
+# EPROTO:: protocol error
+# ECONNRESET:: remote host reset the connection request
+# ECONNABORTED:: Client sent TCP reset (RST) before server has accepted the
+#                connection requested by client.
+#
+module Errno
+  ##
+  # Protocol error.
+
+  class EPROTO       < SystemCallError; end
+
+  ##
+  # Remote host reset the connection request.
+
+  class ECONNRESET   < SystemCallError; end
+
+  ##
+  # Client sent TCP reset (RST) before server has accepted the connection
+  # requested by client.
+
+  class ECONNABORTED < SystemCallError; end
+end

data/lib/webrick/config.rb

@@ -0,0 +1,121 @@
+#
+# config.rb -- Default configurations.
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
+# Copyright (c) 2003 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: config.rb,v 1.52 2003/07/22 19:20:42 gotoyuzo Exp $
+
+require 'webrick/version'
+require 'webrick/httpversion'
+require 'webrick/httputils'
+require 'webrick/utils'
+require 'webrick/log'
+
+module WEBrick
+  module Config
+    LIBDIR = File::dirname(__FILE__)
+
+    # for GenericServer
+    General = {
+      :ServerName     => Utils::getservername,
+      :BindAddress    => nil,   # "0.0.0.0" or "::" or nil
+      :Port           => nil,   # users MUST specify this!!
+      :MaxClients     => 100,   # maximum number of the concurrent connections
+      :ServerType     => nil,   # default: WEBrick::SimpleServer
+      :Logger         => nil,   # default: WEBrick::Log.new
+      :ServerSoftware => "WEBrick/#{WEBrick::VERSION} " +
+                         "(Ruby/#{RUBY_VERSION}/#{RUBY_RELEASE_DATE})",
+      :TempDir        => ENV['TMPDIR']||ENV['TMP']||ENV['TEMP']||'/tmp',
+      :DoNotListen    => false,
+      :StartCallback  => nil,
+      :StopCallback   => nil,
+      :AcceptCallback => nil,
+      :DoNotReverseLookup => nil,
+      :ShutdownSocketWithoutClose => false,
+    }
+
+    # for HTTPServer, HTTPRequest, HTTPResponse ...
+    HTTP = General.dup.update(
+      :Port           => 80,
+      :RequestTimeout => 30,
+      :HTTPVersion    => HTTPVersion.new("1.1"),
+      :AccessLog      => nil,
+      :MimeTypes      => HTTPUtils::DefaultMimeTypes,
+      :DirectoryIndex => ["index.html","index.htm","index.cgi","index.rhtml"],
+      :DocumentRoot   => nil,
+      :DocumentRootOptions => { :FancyIndexing => true },
+      :RequestCallback => nil,
+      :ServerAlias    => nil,
+      :InputBufferSize  => 65536, # input buffer size in reading request body
+      :OutputBufferSize => 65536, # output buffer size in sending File or IO
+
+      # for HTTPProxyServer
+      :ProxyAuthProc  => nil,
+      :ProxyContentHandler => nil,
+      :ProxyVia       => true,
+      :ProxyTimeout   => true,
+      :ProxyURI       => nil,
+
+      :CGIInterpreter => nil,
+      :CGIPathEnv     => nil,
+
+      # workaround: if Request-URIs contain 8bit chars,
+      # they should be escaped before calling of URI::parse().
+      :Escape8bitURI  => false
+    )
+
+    FileHandler = {
+      :NondisclosureName => [".ht*", "*~"],
+      :FancyIndexing     => false,
+      :HandlerTable      => {},
+      :HandlerCallback   => nil,
+      :DirectoryCallback => nil,
+      :FileCallback      => nil,
+      :UserDir           => nil,  # e.g. "public_html"
+      :AcceptableLanguages => []  # ["en", "ja", ... ]
+    }
+
+    BasicAuth = {
+      :AutoReloadUserDB     => true,
+    }
+
+    ##
+    # Default configuration for WEBrick::HTTPAuth::DigestAuth.
+    #
+    # :Algorithm:: MD5, MD5-sess (default), SHA1, SHA1-sess
+    # :Domain:: An Array of URIs that define the protected space
+    # :Qop:: 'auth' for authentication, 'auth-int' for integrity protection or
+    #        both
+    # :UseOpaque:: Should the server send opaque values to the client?  This
+    #              helps prevent replay attacks.
+    # :CheckNc:: Should the server check the nonce count?  This helps the
+    #            server detect replay attacks.
+    # :UseAuthenticationInfoHeader:: Should the server send an
+    #                                AuthenticationInfo header?
+    # :AutoReloadUserDB:: Reload the user database provided by :UserDB
+    #                     automatically?
+    # :NonceExpirePeriod:: How long should we store used nonces?  Default is
+    #                      30 minutes.
+    # :NonceExpireDelta:: How long is a nonce valid?  Default is 1 minute
+    # :InternetExplorerHack:: Hack which allows Internet Explorer to work.
+    # :OperaHack:: Hack which allows Opera to work.
+
+    DigestAuth = {
+      :Algorithm            => 'MD5-sess', # or 'MD5'
+      :Domain               => nil,        # an array includes domain names.
+      :Qop                  => [ 'auth' ], # 'auth' or 'auth-int' or both.
+      :UseOpaque            => true,
+      :UseNextNonce         => false,
+      :CheckNc              => false,
+      :UseAuthenticationInfoHeader => true,
+      :AutoReloadUserDB     => true,
+      :NonceExpirePeriod    => 30*60,
+      :NonceExpireDelta     => 60,
+      :InternetExplorerHack => true,
+      :OperaHack            => true,
+    }
+  end
+end

data/lib/webrick/cookie.rb

@@ -0,0 +1,110 @@
+#
+# cookie.rb -- Cookie class
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
+# Copyright (c) 2002 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: cookie.rb,v 1.16 2002/09/21 12:23:35 gotoyuzo Exp $
+
+require 'time'
+require 'webrick/httputils'
+
+module WEBrick
+  class Cookie
+
+    attr_reader :name
+    attr_accessor :value, :version
+    attr_accessor :domain, :path, :secure
+    attr_accessor :comment, :max_age
+    #attr_accessor :comment_url, :discard, :port
+
+    def initialize(name, value)
+      @name = name
+      @value = value
+      @version = 0     # Netscape Cookie
+
+      @domain = @path = @secure = @comment = @max_age =
+      @expires = @comment_url = @discard = @port = nil
+    end
+
+    def expires=(t)
+      @expires = t && (t.is_a?(Time) ? t.httpdate : t.to_s)
+    end
+
+    def expires
+      @expires && Time.parse(@expires)
+    end
+
+    def to_s
+      ret = ""
+      ret << @name << "=" << @value
+      ret << "; " << "Version=" << @version.to_s if @version > 0
+      ret << "; " << "Domain="  << @domain  if @domain
+      ret << "; " << "Expires=" << @expires if @expires
+      ret << "; " << "Max-Age=" << @max_age.to_s if @max_age
+      ret << "; " << "Comment=" << @comment if @comment
+      ret << "; " << "Path="    << @path if @path
+      ret << "; " << "Secure"   if @secure
+      ret
+    end
+
+    # Cookie::parse()
+    #   It parses Cookie field sent from the user agent.
+    def self.parse(str)
+      if str
+        ret = []
+        cookie = nil
+        ver = 0
+        str.split(/[;,]\s+/).each{|x|
+          key, val = x.split(/=/,2)
+          val = val ? HTTPUtils::dequote(val) : ""
+          case key
+          when "$Version"; ver = val.to_i
+          when "$Path";    cookie.path = val
+          when "$Domain";  cookie.domain = val
+          when "$Port";    cookie.port = val
+          else
+            ret << cookie if cookie
+            cookie = self.new(key, val)
+            cookie.version = ver
+          end
+        }
+        ret << cookie if cookie
+        ret
+      end
+    end
+
+    def self.parse_set_cookie(str)
+      cookie_elem = str.split(/;/)
+      first_elem = cookie_elem.shift
+      first_elem.strip!
+      key, value = first_elem.split(/=/, 2)
+      cookie = new(key, HTTPUtils.dequote(value))
+      cookie_elem.each{|pair|
+        pair.strip!
+        key, value = pair.split(/=/, 2)
+        if value
+          value = HTTPUtils.dequote(value.strip)
+        end
+        case key.downcase
+        when "domain"  then cookie.domain  = value
+        when "path"    then cookie.path    = value
+        when "expires" then cookie.expires = value
+        when "max-age" then cookie.max_age = Integer(value)
+        when "comment" then cookie.comment = value
+        when "version" then cookie.version = Integer(value)
+        when "secure"  then cookie.secure = true
+        end
+      }
+      return cookie
+    end
+
+    def self.parse_set_cookies(str)
+      return str.split(/,(?=[^;,]*=)|,$/).collect{|c|
+        parse_set_cookie(c)
+      }
+    end
+  end
+end

data/lib/webrick/htmlutils.rb

@@ -0,0 +1,28 @@
+#--
+# htmlutils.rb -- HTMLUtils Module
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
+# Copyright (c) 2002 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: htmlutils.rb,v 1.7 2002/09/21 12:23:35 gotoyuzo Exp $
+
+module WEBrick
+  module HTMLUtils
+
+    ##
+    # Escapes &, ", > and < in +string+
+
+    def escape(string)
+      str = string ? string.dup : ""
+      str.gsub!(/&/n, '&amp;')
+      str.gsub!(/\"/n, '&quot;')
+      str.gsub!(/>/n, '&gt;')
+      str.gsub!(/</n, '&lt;')
+      str
+    end
+    module_function :escape
+
+  end
+end

data/lib/webrick/httpauth.rb

@@ -0,0 +1,95 @@
+#
+# httpauth.rb -- HTTP access authentication
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
+# Copyright (c) 2002 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: httpauth.rb,v 1.14 2003/07/22 19:20:42 gotoyuzo Exp $
+
+require 'webrick/httpauth/basicauth'
+require 'webrick/httpauth/digestauth'
+require 'webrick/httpauth/htpasswd'
+require 'webrick/httpauth/htdigest'
+require 'webrick/httpauth/htgroup'
+
+module WEBrick
+
+  ##
+  # HTTPAuth provides both basic and digest authentication.
+  #
+  # To enable authentication for requests in WEBrick you will need a user
+  # database and an authenticator.  To start, here's an Htpasswd database for
+  # use with a DigestAuth authenticator:
+  #
+  #   config = { :Realm => 'DigestAuth example realm' }
+  #
+  #   htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
+  #   htpasswd.auth_type = WEBrick::HTTPAuth::DigestAuth
+  #   htpasswd.set_passwd config[:Realm], 'username', 'password'
+  #   htpasswd.flush
+  #
+  # The +:Realm+ is used to provide different access to different groups
+  # across several resources on a server.  Typically you'll need only one
+  # realm for a server.
+  #
+  # This database can be used to create an authenticator:
+  #
+  #   config[:UserDB] = htpasswd
+  #
+  #   digest_auth = WEBrick::HTTPAuth::DigestAuth.new config
+  #
+  # To authenticate a request call #authenticate with a request and response
+  # object in a servlet:
+  #
+  #   def do_GET req, res
+  #     @authenticator.authenticate req, res
+  #   end
+  #
+  # For digest authentication the authenticator must not be created every
+  # request, it must be passed in as an option via WEBrick::HTTPServer#mount.
+
+  module HTTPAuth
+    module_function
+
+    def _basic_auth(req, res, realm, req_field, res_field, err_type,
+                    block) # :nodoc:
+      user = pass = nil
+      if /^Basic\s+(.*)/o =~ req[req_field]
+        userpass = $1
+        user, pass = userpass.unpack("m*")[0].split(":", 2)
+      end
+      if block.call(user, pass)
+        req.user = user
+        return
+      end
+      res[res_field] = "Basic realm=\"#{realm}\""
+      raise err_type
+    end
+
+    ##
+    # Simple wrapper for providing basic authentication for a request.  When
+    # called with a request +req+, response +res+, authentication +realm+ and
+    # +block+ the block will be called with a +username+ and +password+.  If
+    # the block returns true the request is allowed to continue, otherwise an
+    # HTTPStatus::Unauthorized error is raised.
+
+    def basic_auth(req, res, realm, &block) # :yield: username, password
+      _basic_auth(req, res, realm, "Authorization", "WWW-Authenticate",
+                  HTTPStatus::Unauthorized, block)
+    end
+
+    ##
+    # Simple wrapper for providing basic authentication for a proxied request.
+    # When called with a request +req+, response +res+, authentication +realm+
+    # and +block+ the block will be called with a +username+ and +password+.
+    # If the block returns true the request is allowed to continue, otherwise
+    # an HTTPStatus::ProxyAuthenticationRequired error is raised.
+
+    def proxy_basic_auth(req, res, realm, &block) # :yield: username, password
+      _basic_auth(req, res, realm, "Proxy-Authorization", "Proxy-Authenticate",
+                  HTTPStatus::ProxyAuthenticationRequired, block)
+    end
+  end
+end

data/lib/webrick/httpauth/authenticator.rb

@@ -0,0 +1,112 @@
+#--
+# httpauth/authenticator.rb -- Authenticator mix-in module.
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2003 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: authenticator.rb,v 1.3 2003/02/20 07:15:47 gotoyuzo Exp $
+
+module WEBrick
+  module HTTPAuth
+
+    ##
+    # Module providing generic support for both Digest and Basic
+    # authentication schemes.
+
+    module Authenticator
+
+      RequestField      = "Authorization"
+      ResponseField     = "WWW-Authenticate"
+      ResponseInfoField = "Authentication-Info"
+      AuthException     = HTTPStatus::Unauthorized
+
+      ##
+      # Method of authentication, must be overridden by the including class
+
+      AuthScheme        = nil
+
+      ##
+      # The realm this authenticator covers
+
+      attr_reader :realm
+
+      ##
+      # The user database for this authenticator
+
+      attr_reader :userdb
+
+      ##
+      # The logger for this authenticator
+
+      attr_reader :logger
+
+      private
+
+      ##
+      # Initializes the authenticator from +config+
+
+      def check_init(config)
+        [:UserDB, :Realm].each{|sym|
+          unless config[sym]
+            raise ArgumentError, "Argument #{sym.inspect} missing."
+          end
+        }
+        @realm     = config[:Realm]
+        @userdb    = config[:UserDB]
+        @logger    = config[:Logger] || Log::new($stderr)
+        @reload_db = config[:AutoReloadUserDB]
+        @request_field   = self::class::RequestField
+        @response_field  = self::class::ResponseField
+        @resp_info_field = self::class::ResponseInfoField
+        @auth_exception  = self::class::AuthException
+        @auth_scheme     = self::class::AuthScheme
+      end
+
+      ##
+      # Ensures +req+ has credentials that can be authenticated.
+
+      def check_scheme(req)
+        unless credentials = req[@request_field]
+          error("no credentials in the request.")
+          return nil
+        end
+        unless match = /^#{@auth_scheme}\s+/i.match(credentials)
+          error("invalid scheme in %s.", credentials)
+          info("%s: %s", @request_field, credentials) if $DEBUG
+          return nil
+        end
+        return match.post_match
+      end
+
+      def log(meth, fmt, *args)
+        msg = format("%s %s: ", @auth_scheme, @realm)
+        msg << fmt % args
+        @logger.send(meth, msg)
+      end
+
+      def error(fmt, *args)
+        if @logger.error?
+          log(:error, fmt, *args)
+        end
+      end
+
+      def info(fmt, *args)
+        if @logger.info?
+          log(:info, fmt, *args)
+        end
+      end
+    end
+
+    ##
+    # Module providing generic support for both Digest and Basic
+    # authentication schemes for proxies.
+
+    module ProxyAuthenticator
+      RequestField  = "Proxy-Authorization"
+      ResponseField = "Proxy-Authenticate"
+      InfoField     = "Proxy-Authentication-Info"
+      AuthException = HTTPStatus::ProxyAuthenticationRequired
+    end
+  end
+end