webrick 1.4.1 → 1.6.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +3 -0
- data/LICENSE.txt +22 -0
- data/README.md +63 -0
- data/Rakefile +10 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/webrick.rb +1 -1
- data/lib/webrick/accesslog.rb +3 -5
- data/lib/webrick/cgi.rb +7 -3
- data/lib/webrick/config.rb +5 -5
- data/lib/webrick/cookie.rb +1 -1
- data/lib/webrick/httpauth.rb +5 -5
- data/lib/webrick/httpauth/basicauth.rb +13 -5
- data/lib/webrick/httpauth/digestauth.rb +10 -23
- data/lib/webrick/httpauth/htdigest.rb +4 -4
- data/lib/webrick/httpauth/htgroup.rb +9 -6
- data/lib/webrick/httpauth/htpasswd.rb +39 -6
- data/lib/webrick/httpproxy.rb +44 -32
- data/lib/webrick/httprequest.rb +59 -15
- data/lib/webrick/httpresponse.rb +111 -52
- data/lib/webrick/https.rb +2 -2
- data/lib/webrick/httpserver.rb +23 -9
- data/lib/webrick/httpservlet.rb +5 -5
- data/lib/webrick/httpservlet/abstract.rb +3 -3
- data/lib/webrick/httpservlet/cgi_runner.rb +2 -2
- data/lib/webrick/httpservlet/cgihandler.rb +10 -6
- data/lib/webrick/httpservlet/erbhandler.rb +2 -2
- data/lib/webrick/httpservlet/filehandler.rb +49 -30
- data/lib/webrick/httpservlet/prochandler.rb +1 -1
- data/lib/webrick/httpstatus.rb +1 -1
- data/lib/webrick/httputils.rb +4 -4
- data/lib/webrick/log.rb +1 -1
- data/lib/webrick/server.rb +2 -2
- data/lib/webrick/ssl.rb +2 -2
- data/lib/webrick/version.rb +1 -1
- data/webrick.gemspec +76 -0
- metadata +16 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3fb619ce6c4c78dad51be27360158b7e70c92ebdaa17c7b67b238c43ede73637
|
4
|
+
data.tar.gz: a9a2262fe7d36731d0d251c800a59d9f266a49811da67d8fb8240339cc1fe884
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 051dbf7d8f19f366b7713835c2cc37c9f8c53c58c0a4d68fc8256d277c2379bc90099437a48fb876e8d3b6c414c417f5d8b9cf092f372a9dd715a7771c6764fb
|
7
|
+
data.tar.gz: 7541dc4794d62c5c6363ccc7da3742e9d61216e5f9a4a3d94418dc3239830320b416eeb464940ad75074802f673055141b7c4937983ede6d1092a888fc6f5df0
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (C) 1993-2013 Yukihiro Matsumoto. All rights reserved.
|
2
|
+
|
3
|
+
Redistribution and use in source and binary forms, with or without
|
4
|
+
modification, are permitted provided that the following conditions
|
5
|
+
are met:
|
6
|
+
1. Redistributions of source code must retain the above copyright
|
7
|
+
notice, this list of conditions and the following disclaimer.
|
8
|
+
2. Redistributions in binary form must reproduce the above copyright
|
9
|
+
notice, this list of conditions and the following disclaimer in the
|
10
|
+
documentation and/or other materials provided with the distribution.
|
11
|
+
|
12
|
+
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
13
|
+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
14
|
+
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
15
|
+
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
16
|
+
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
17
|
+
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
18
|
+
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
19
|
+
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
20
|
+
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
21
|
+
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
22
|
+
SUCH DAMAGE.
|
data/README.md
ADDED
@@ -0,0 +1,63 @@
|
|
1
|
+
# Webrick
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/ruby/webrick.svg?branch=master)](https://travis-ci.org/ruby/webrick)
|
4
|
+
|
5
|
+
WEBrick is an HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server.
|
6
|
+
|
7
|
+
WEBrick features complete logging of both server operations and HTTP access.
|
8
|
+
|
9
|
+
WEBrick supports both basic and digest authentication in addition to algorithms not in RFC 2617.
|
10
|
+
|
11
|
+
A WEBrick server can be composed of multiple WEBrick servers or servlets to provide differing behavior on a per-host or per-path basis. WEBrick includes servlets for handling CGI scripts, ERB pages, Ruby blocks and directory listings.
|
12
|
+
|
13
|
+
WEBrick also includes tools for daemonizing a process and starting a process at a higher privilege level and dropping permissions.
|
14
|
+
|
15
|
+
## Installation
|
16
|
+
|
17
|
+
Add this line to your application's Gemfile:
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
gem 'webrick'
|
21
|
+
```
|
22
|
+
|
23
|
+
And then execute:
|
24
|
+
|
25
|
+
$ bundle
|
26
|
+
|
27
|
+
Or install it yourself as:
|
28
|
+
|
29
|
+
$ gem install webrick
|
30
|
+
|
31
|
+
## Usage
|
32
|
+
|
33
|
+
To create a new WEBrick::HTTPServer that will listen to connections on port 8000 and serve documents from the current user's public_html folder:
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
require 'webrick'
|
37
|
+
|
38
|
+
root = File.expand_path '~/public_html'
|
39
|
+
server = WEBrick::HTTPServer.new :Port => 8000, :DocumentRoot => root
|
40
|
+
```
|
41
|
+
|
42
|
+
To run the server you will need to provide a suitable shutdown hook as
|
43
|
+
starting the server blocks the current thread:
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
trap 'INT' do server.shutdown end
|
47
|
+
|
48
|
+
server.start
|
49
|
+
```
|
50
|
+
|
51
|
+
## Development
|
52
|
+
|
53
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
54
|
+
|
55
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
56
|
+
|
57
|
+
## Contributing
|
58
|
+
|
59
|
+
Bug reports and Patch are welcome on https://bugs.ruby-lang.org/.
|
60
|
+
|
61
|
+
## License
|
62
|
+
|
63
|
+
The gem is available as open source under the terms of the [2-Clause BSD License](https://opensource.org/licenses/BSD-2-Clause).
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "webrick"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
data/lib/webrick.rb
CHANGED
@@ -212,7 +212,7 @@ require 'webrick/version.rb'
|
|
212
212
|
require 'webrick/config.rb'
|
213
213
|
require 'webrick/log.rb'
|
214
214
|
require 'webrick/server.rb'
|
215
|
-
|
215
|
+
require_relative 'webrick/utils.rb'
|
216
216
|
require 'webrick/accesslog'
|
217
217
|
|
218
218
|
require 'webrick/htmlutils.rb'
|
data/lib/webrick/accesslog.rb
CHANGED
@@ -149,11 +149,9 @@ module WEBrick
|
|
149
149
|
# Escapes control characters in +data+
|
150
150
|
|
151
151
|
def escape(data)
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
data
|
156
|
-
end
|
152
|
+
data = data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}
|
153
|
+
data.untaint if RUBY_VERSION < '2.7'
|
154
|
+
data
|
157
155
|
end
|
158
156
|
end
|
159
157
|
end
|
data/lib/webrick/cgi.rb
CHANGED
@@ -8,9 +8,9 @@
|
|
8
8
|
#
|
9
9
|
# $Id$
|
10
10
|
|
11
|
-
|
12
|
-
|
13
|
-
|
11
|
+
require_relative "httprequest"
|
12
|
+
require_relative "httpresponse"
|
13
|
+
require_relative "config"
|
14
14
|
require "stringio"
|
15
15
|
|
16
16
|
module WEBrick
|
@@ -265,6 +265,10 @@ module WEBrick
|
|
265
265
|
@out_port << data
|
266
266
|
end
|
267
267
|
|
268
|
+
def write(data)
|
269
|
+
@out_port.write(data)
|
270
|
+
end
|
271
|
+
|
268
272
|
def cert
|
269
273
|
return nil unless defined?(OpenSSL)
|
270
274
|
if pem = @env["SSL_SERVER_CERT"]
|
data/lib/webrick/config.rb
CHANGED
@@ -9,11 +9,11 @@
|
|
9
9
|
#
|
10
10
|
# $IPR: config.rb,v 1.52 2003/07/22 19:20:42 gotoyuzo Exp $
|
11
11
|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
12
|
+
require_relative 'version'
|
13
|
+
require_relative 'httpversion'
|
14
|
+
require_relative 'httputils'
|
15
|
+
require_relative 'utils'
|
16
|
+
require_relative 'log'
|
17
17
|
|
18
18
|
module WEBrick
|
19
19
|
module Config
|
data/lib/webrick/cookie.rb
CHANGED
data/lib/webrick/httpauth.rb
CHANGED
@@ -9,11 +9,11 @@
|
|
9
9
|
#
|
10
10
|
# $IPR: httpauth.rb,v 1.14 2003/07/22 19:20:42 gotoyuzo Exp $
|
11
11
|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
12
|
+
require_relative 'httpauth/basicauth'
|
13
|
+
require_relative 'httpauth/digestauth'
|
14
|
+
require_relative 'httpauth/htpasswd'
|
15
|
+
require_relative 'httpauth/htdigest'
|
16
|
+
require_relative 'httpauth/htgroup'
|
17
17
|
|
18
18
|
module WEBrick
|
19
19
|
|
@@ -8,9 +8,9 @@
|
|
8
8
|
#
|
9
9
|
# $IPR: basicauth.rb,v 1.5 2003/02/20 07:15:47 gotoyuzo Exp $
|
10
10
|
|
11
|
-
|
12
|
-
|
13
|
-
|
11
|
+
require_relative '../config'
|
12
|
+
require_relative '../httpstatus'
|
13
|
+
require_relative 'authenticator'
|
14
14
|
|
15
15
|
module WEBrick
|
16
16
|
module HTTPAuth
|
@@ -24,7 +24,7 @@ module WEBrick
|
|
24
24
|
#
|
25
25
|
# config = { :Realm => 'BasicAuth example realm' }
|
26
26
|
#
|
27
|
-
# htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
|
27
|
+
# htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file', password_hash: :bcrypt
|
28
28
|
# htpasswd.set_passwd config[:Realm], 'username', 'password'
|
29
29
|
# htpasswd.flush
|
30
30
|
#
|
@@ -81,7 +81,15 @@ module WEBrick
|
|
81
81
|
error("%s: the user is not allowed.", userid)
|
82
82
|
challenge(req, res)
|
83
83
|
end
|
84
|
-
|
84
|
+
|
85
|
+
case encpass
|
86
|
+
when /\A\$2[aby]\$/
|
87
|
+
password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password
|
88
|
+
else
|
89
|
+
password_matches = password.crypt(encpass) == encpass
|
90
|
+
end
|
91
|
+
|
92
|
+
unless password_matches
|
85
93
|
error("%s: password unmatch.", userid)
|
86
94
|
challenge(req, res)
|
87
95
|
end
|
@@ -12,9 +12,9 @@
|
|
12
12
|
#
|
13
13
|
# $IPR: digestauth.rb,v 1.5 2003/02/20 07:15:47 gotoyuzo Exp $
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
15
|
+
require_relative '../config'
|
16
|
+
require_relative '../httpstatus'
|
17
|
+
require_relative 'authenticator'
|
18
18
|
require 'digest/md5'
|
19
19
|
require 'digest/sha1'
|
20
20
|
|
@@ -235,9 +235,11 @@ module WEBrick
|
|
235
235
|
ha2 = hexdigest(req.request_method, auth_req['uri'])
|
236
236
|
ha2_res = hexdigest("", auth_req['uri'])
|
237
237
|
elsif auth_req['qop'] == "auth-int"
|
238
|
-
|
239
|
-
|
240
|
-
|
238
|
+
body_digest = @h.new
|
239
|
+
req.body { |chunk| body_digest.update(chunk) }
|
240
|
+
body_digest = body_digest.hexdigest
|
241
|
+
ha2 = hexdigest(req.request_method, auth_req['uri'], body_digest)
|
242
|
+
ha2_res = hexdigest("", auth_req['uri'], body_digest)
|
241
243
|
end
|
242
244
|
|
243
245
|
if auth_req['qop'] == "auth" || auth_req['qop'] == "auth-int"
|
@@ -288,23 +290,8 @@ module WEBrick
|
|
288
290
|
|
289
291
|
def split_param_value(string)
|
290
292
|
ret = {}
|
291
|
-
|
292
|
-
|
293
|
-
when /^\s*([\w\-\.\*\%\!]+)=\s*\"((\\.|[^\"])*)\"\s*,?/
|
294
|
-
key = $1
|
295
|
-
matched = $2
|
296
|
-
string = $'
|
297
|
-
ret[key] = matched.gsub(/\\(.)/, "\\1")
|
298
|
-
when /^\s*([\w\-\.\*\%\!]+)=\s*([^,\"]*),?/
|
299
|
-
key = $1
|
300
|
-
matched = $2
|
301
|
-
string = $'
|
302
|
-
ret[key] = matched.clone
|
303
|
-
when /^s*^,/
|
304
|
-
string = $'
|
305
|
-
else
|
306
|
-
break
|
307
|
-
end
|
293
|
+
string.scan(/\G\s*([\w\-.*%!]+)=\s*(?:\"((?>\\.|[^\"])*)\"|([^,\"]*))\s*,?/) do
|
294
|
+
ret[$1] = $3 || $2.gsub(/\\(.)/, "\\1")
|
308
295
|
end
|
309
296
|
ret
|
310
297
|
end
|
@@ -8,8 +8,8 @@
|
|
8
8
|
#
|
9
9
|
# $IPR: htdigest.rb,v 1.4 2003/07/22 19:20:45 gotoyuzo Exp $
|
10
10
|
|
11
|
-
|
12
|
-
|
11
|
+
require_relative 'userdb'
|
12
|
+
require_relative 'digestauth'
|
13
13
|
require 'tempfile'
|
14
14
|
|
15
15
|
module WEBrick
|
@@ -40,7 +40,7 @@ module WEBrick
|
|
40
40
|
@digest = Hash.new
|
41
41
|
@mutex = Thread::Mutex::new
|
42
42
|
@auth_type = DigestAuth
|
43
|
-
open(@path,"a").close unless File
|
43
|
+
File.open(@path,"a").close unless File.exist?(@path)
|
44
44
|
reload
|
45
45
|
end
|
46
46
|
|
@@ -51,7 +51,7 @@ module WEBrick
|
|
51
51
|
mtime = File::mtime(@path)
|
52
52
|
if mtime > @mtime
|
53
53
|
@digest.clear
|
54
|
-
open(@path){|io|
|
54
|
+
File.open(@path){|io|
|
55
55
|
while line = io.gets
|
56
56
|
line.chomp!
|
57
57
|
user, realm, pass = line.split(/:/, 3)
|
@@ -36,7 +36,7 @@ module WEBrick
|
|
36
36
|
@path = path
|
37
37
|
@mtime = Time.at(0)
|
38
38
|
@group = Hash.new
|
39
|
-
open(@path,"a").close unless File
|
39
|
+
File.open(@path,"a").close unless File.exist?(@path)
|
40
40
|
reload
|
41
41
|
end
|
42
42
|
|
@@ -46,7 +46,7 @@ module WEBrick
|
|
46
46
|
def reload
|
47
47
|
if (mtime = File::mtime(@path)) > @mtime
|
48
48
|
@group.clear
|
49
|
-
open(@path){|io|
|
49
|
+
File.open(@path){|io|
|
50
50
|
while line = io.gets
|
51
51
|
line.chomp!
|
52
52
|
group, members = line.split(/:\s*/)
|
@@ -63,15 +63,18 @@ module WEBrick
|
|
63
63
|
|
64
64
|
def flush(output=nil)
|
65
65
|
output ||= @path
|
66
|
-
tmp = Tempfile.
|
66
|
+
tmp = Tempfile.create("htgroup", File::dirname(output))
|
67
67
|
begin
|
68
68
|
@group.keys.sort.each{|group|
|
69
69
|
tmp.puts(format("%s: %s", group, self.members(group).join(" ")))
|
70
70
|
}
|
71
|
+
ensure
|
71
72
|
tmp.close
|
72
|
-
|
73
|
-
|
74
|
-
|
73
|
+
if $!
|
74
|
+
File.unlink(tmp.path)
|
75
|
+
else
|
76
|
+
return File.rename(tmp.path, output)
|
77
|
+
end
|
75
78
|
end
|
76
79
|
end
|
77
80
|
|
@@ -8,8 +8,8 @@
|
|
8
8
|
#
|
9
9
|
# $IPR: htpasswd.rb,v 1.4 2003/07/22 19:20:45 gotoyuzo Exp $
|
10
10
|
|
11
|
-
|
12
|
-
|
11
|
+
require_relative 'userdb'
|
12
|
+
require_relative 'basicauth'
|
13
13
|
require 'tempfile'
|
14
14
|
|
15
15
|
module WEBrick
|
@@ -35,12 +35,30 @@ module WEBrick
|
|
35
35
|
##
|
36
36
|
# Open a password database at +path+
|
37
37
|
|
38
|
-
def initialize(path)
|
38
|
+
def initialize(path, password_hash: nil)
|
39
39
|
@path = path
|
40
40
|
@mtime = Time.at(0)
|
41
41
|
@passwd = Hash.new
|
42
42
|
@auth_type = BasicAuth
|
43
|
-
|
43
|
+
@password_hash = password_hash
|
44
|
+
|
45
|
+
case @password_hash
|
46
|
+
when nil
|
47
|
+
# begin
|
48
|
+
# require "string/crypt"
|
49
|
+
# rescue LoadError
|
50
|
+
# warn("Unable to load string/crypt, proceeding with deprecated use of String#crypt, consider using password_hash: :bcrypt")
|
51
|
+
# end
|
52
|
+
@password_hash = :crypt
|
53
|
+
when :crypt
|
54
|
+
# require "string/crypt"
|
55
|
+
when :bcrypt
|
56
|
+
require "bcrypt"
|
57
|
+
else
|
58
|
+
raise ArgumentError, "only :crypt and :bcrypt are supported for password_hash keyword argument"
|
59
|
+
end
|
60
|
+
|
61
|
+
File.open(@path,"a").close unless File.exist?(@path)
|
44
62
|
reload
|
45
63
|
end
|
46
64
|
|
@@ -51,11 +69,19 @@ module WEBrick
|
|
51
69
|
mtime = File::mtime(@path)
|
52
70
|
if mtime > @mtime
|
53
71
|
@passwd.clear
|
54
|
-
open(@path){|io|
|
72
|
+
File.open(@path){|io|
|
55
73
|
while line = io.gets
|
56
74
|
line.chomp!
|
57
75
|
case line
|
58
76
|
when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z!
|
77
|
+
if @password_hash == :bcrypt
|
78
|
+
raise StandardError, ".htpasswd file contains crypt password, only bcrypt passwords supported"
|
79
|
+
end
|
80
|
+
user, pass = line.split(":")
|
81
|
+
when %r!\A[^:]+:\$2[aby]\$\d{2}\$.{53}\z!
|
82
|
+
if @password_hash == :crypt
|
83
|
+
raise StandardError, ".htpasswd file contains bcrypt password, only crypt passwords supported"
|
84
|
+
end
|
59
85
|
user, pass = line.split(":")
|
60
86
|
when /:\$/, /:{SHA}/
|
61
87
|
raise NotImplementedError,
|
@@ -102,7 +128,14 @@ module WEBrick
|
|
102
128
|
# Sets a password in the database for +user+ in +realm+ to +pass+.
|
103
129
|
|
104
130
|
def set_passwd(realm, user, pass)
|
105
|
-
@
|
131
|
+
if @password_hash == :bcrypt
|
132
|
+
# Cost of 5 to match Apache default, and because the
|
133
|
+
# bcrypt default of 10 will introduce significant delays
|
134
|
+
# for every request.
|
135
|
+
@passwd[user] = BCrypt::Password.create(pass, :cost=>5)
|
136
|
+
else
|
137
|
+
@passwd[user] = make_passwd(realm, user, pass)
|
138
|
+
end
|
106
139
|
end
|
107
140
|
|
108
141
|
##
|