webrick 1.8.2 → 1.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 963bdfcf1a0e919027a92007be283a146cd054be3a60e539e9f3cbce5c0a908f
-  data.tar.gz: 2ed0bd918c3c5dbb908a59350c9e3691afe88c63a4a5c0a2b5085de7c30aeab5
+  metadata.gz: 706b97607998e5b9d2a966fd09af6f7fa6a5b40f2df22977b111e5afa2bbc0f6
+  data.tar.gz: e4376566540a86f896f31b61ed924d69f0fb415fe491273b0365169c16663ef7
 SHA512:
-  metadata.gz: 2433fb9da7e7e7f10495059ac90de49238758fc0581fb8d0dfed28f08d47c9b21329fc4a03a7ade064cea71097f86e29a74003ca6369d3d9e58c401979871a0e
-  data.tar.gz: b0bd6929f6d49967215825cce3c7ad5c7e6b1b45fcda8fd97c898f377df2453934d62ff0cc0a941b2d4a374487b901a207674f76229d45a899938d40516c9271
+  metadata.gz: d4321cb073b84fc0e32211b4fa1510520ec396a62b3165761638e84471a1e56915f751d46aceae6ac8d13aafd09b9066a05928a5b76abf3c82bc8501e74a9029
+  data.tar.gz: 9f66a53d89839da69abb3afd75a48f746e4023f888db3afd404a903bebde1f878318f08dff470e3006e1fa0637185f9f5bdc9e59c627f162e3664a482b149d06

data/Gemfile

@@ -5,3 +5,6 @@ gemspec
 gem "rake"
 gem "test-unit"
 gem "test-unit-ruby-core"
+
+# rbs requires ruby 3.0+
+gem "rbs", require: false if !RUBY_VERSION.start_with?('2.')

data/README.md

@@ -10,6 +10,8 @@ A WEBrick server can be composed of multiple WEBrick servers or servlets to prov
 
 WEBrick also includes tools for daemonizing a process and starting a process at a higher privilege level and dropping permissions.
 
+WEBrick is suitable for use in testing and for development.  However, while the developers of WEBrick will attempt to fix security issues, they do not encourage the use of WEBrick to serve production web applications that may be subject to hostile input.
+
 ## Installation
 
 Add this line to your application's Gemfile:

data/lib/webrick/version.rb

@@ -14,5 +14,5 @@ module WEBrick
   ##
   # The WEBrick version
 
-  VERSION      = "1.8.2"
+  VERSION      = "1.9.0"
 end

data/sig/accesslog.rbs

@@ -0,0 +1,24 @@
+module WEBrick
+  module AccessLog
+    class AccessLogError < StandardError
+    end
+
+    CLF_TIME_FORMAT: String
+
+    COMMON_LOG_FORMAT: String
+
+    CLF: String
+
+    REFERER_LOG_FORMAT: String
+
+    AGENT_LOG_FORMAT: String
+
+    COMBINED_LOG_FORMAT: String
+
+    def self?.setup_params: (Hash[Symbol, untyped] config, HTTPRequest req, HTTPResponse res) -> Hash[String, untyped]
+
+    def self?.format: (String format_string, Hash[String, untyped] params) -> String
+
+    def self?.escape: (String data) -> String
+  end
+end

data/sig/cgi.rbs

@@ -0,0 +1,92 @@
+module WEBrick
+  class CGI
+    @options: Array[untyped]
+
+    class CGIError < StandardError
+    end
+
+    attr_reader config: Hash[Symbol, untyped]
+
+    attr_reader logger: BasicLog
+
+    def initialize: (*untyped args) -> void
+
+    def []: (Symbol key) -> untyped
+
+    interface _Env
+      def []: (String) -> String?
+    end
+
+    def start: (?_Env env, ?IO stdin, ?IO stdout) -> void
+
+    def self.setup_header: () -> untyped
+
+    def self.status_line: () -> ""
+
+    def service: (HTTPRequest req, HTTPResponse res) -> void
+
+    class Socket
+      @config: Hash[Symbol, untyped]
+
+      @env: _Env
+
+      @header_part: StringIO
+
+      @body_part: IO
+
+      @out_port: IO
+
+      @server_addr: String
+
+      @server_name: String?
+
+      @server_port: String?
+
+      @remote_addr: String?
+
+      @remote_host: String?
+
+      @remote_port: (String | 0)
+
+      include Enumerable[String]
+
+      private
+
+      def initialize: (Hash[Symbol, untyped] config, _Env env, IO stdin, IO stdout) -> void
+
+      def request_line: () -> String
+
+      def setup_header: () -> void
+
+      def add_header: (String hdrname, String value) -> void
+
+      def input: () -> (IO | StringIO)
+
+      public
+
+      def peeraddr: () -> [nil, (String | 0), String?, String?]
+
+      def addr: () -> [nil, String?, String?, String]
+
+      def gets: (?String eol, ?Integer? size) -> String?
+
+      def read: (?Integer? size) -> String?
+
+      def each: () { (String) -> void } -> void
+
+      def eof?: () -> bool
+
+      def <<: (_ToS data) -> IO
+
+      def write: (_ToS data) -> Integer
+
+      def cert: () -> OpenSSL::X509::Certificate?
+
+      def peer_cert: () -> OpenSSL::X509::Certificate?
+
+      def peer_cert_chain: () -> Array[OpenSSL::X509::Certificate]?
+
+      def cipher: () -> [String?, String?, String?, String?]?
+    end
+  end
+end

data/sig/compat.rbs

@@ -0,0 +1,18 @@
+#
+# System call error module used by webrick for cross platform compatibility.
+#
+# EPROTO:: protocol error
+# ECONNRESET:: remote host reset the connection request
+# ECONNABORTED:: Client sent TCP reset (RST) before server has accepted the
+#                connection requested by client.
+#
+module Errno
+  class EPROTO < SystemCallError
+  end
+
+  class ECONNRESET < SystemCallError
+  end
+
+  class ECONNABORTED < SystemCallError
+  end
+end

data/sig/config.rbs

@@ -0,0 +1,17 @@
+module WEBrick
+  module Config
+    LIBDIR: String
+
+    # for GenericServer
+    General: Hash[Symbol, untyped]
+
+    # for HTTPServer, HTTPRequest, HTTPResponse ...
+    HTTP: Hash[Symbol, untyped]
+
+    FileHandler: Hash[Symbol, untyped]
+
+    BasicAuth: Hash[Symbol, untyped]
+
+    DigestAuth: Hash[Symbol, untyped]
+  end
+end

data/sig/cookie.rbs

@@ -0,0 +1,37 @@
+module WEBrick
+  class Cookie
+    @expires: String?
+
+    attr_reader name: String?
+
+    attr_accessor value: String?
+
+    attr_accessor version: Integer
+
+    #
+    # The cookie domain
+    attr_accessor domain: String?
+
+    attr_accessor path: String?
+
+    attr_accessor secure: true?
+
+    attr_accessor comment: String?
+
+    attr_accessor max_age: Integer?
+
+    def initialize: (untyped name, untyped value) -> void
+
+    def expires=: ((Time | _ToS)? t) -> untyped
+
+    def expires: () -> Time?
+
+    def to_s: () -> String
+
+    def self.parse: (String? str) -> Array[instance]?
+
+    def self.parse_set_cookie: (String str) -> instance
+
+    def self.parse_set_cookies: (String str) -> Array[instance]
+  end
+end

data/sig/htmlutils.rbs

@@ -0,0 +1,5 @@
+module WEBrick
+  module HTMLUtils
+    def self?.escape: (String? string) -> String
+  end
+end

data/sig/httpauth/authenticator.rbs

@@ -0,0 +1,55 @@
+module WEBrick
+  module HTTPAuth
+    module Authenticator
+      @reload_db: bool?
+
+      @request_field: String
+
+      @response_field: String
+
+      @resp_info_field: String
+
+      @auth_exception: singleton(HTTPStatus::ClientError)
+
+      @auth_scheme: String
+
+      RequestField: String
+
+      ResponseField: String
+
+      ResponseInfoField: String
+
+      AuthException: singleton(HTTPStatus::ClientError)
+
+      AuthScheme: String?
+
+      attr_reader realm: String?
+
+      attr_reader userdb: UserDB
+
+      attr_reader logger: Log
+
+      private
+
+      def check_init: (Hash[Symbol, untyped] config) -> void
+
+      def check_scheme: (HTTPRequest req) -> String?
+
+      def log: (interned meth, String fmt, *untyped args) -> void
+
+      def error: (String fmt, *untyped args) -> void
+
+      def info: (String fmt, *untyped args) -> void
+    end
+
+    module ProxyAuthenticator
+      RequestField: String
+
+      ResponseField: String
+
+      InfoField: String
+
+      AuthException: singleton(HTTPStatus::ClientError)
+    end
+  end
+end

data/sig/httpauth/basicauth.rbs

@@ -0,0 +1,29 @@
+module WEBrick
+  module HTTPAuth
+    class BasicAuth
+      @config: Hash[Symbol, untyped]
+
+      include Authenticator
+
+      AuthScheme: String
+
+      def self.make_passwd: (String? realm, String? user, String? pass) -> String
+
+      attr_reader realm: String?
+
+      attr_reader userdb: UserDB
+
+      attr_reader logger: Log
+
+      def initialize: (Hash[Symbol, untyped] config, ?Hash[Symbol, untyped] default) -> void
+
+      def authenticate: (HTTPRequest req, HTTPResponse res) -> void
+
+      def challenge: (HTTPRequest req, HTTPResponse res) -> bot
+    end
+
+    class ProxyBasicAuth < BasicAuth
+      include ProxyAuthenticator
+    end
+  end
+end

data/sig/httpauth/digestauth.rbs

@@ -0,0 +1,85 @@
+module WEBrick
+  module HTTPAuth
+    class DigestAuth
+      @config: Hash[Symbol, untyped]
+
+      @domain: Array[String]?
+
+      @use_opaque: bool
+
+      @use_next_nonce: bool
+
+      @check_nc: bool
+
+      @use_auth_info_header: bool
+
+      @nonce_expire_period: Integer
+
+      @nonce_expire_delta: Integer
+
+      @internet_explorer_hack: bool
+
+      @h: singleton(Digest::Base)
+
+      @instance_key: String
+
+      @opaques: Hash[String, OpaqueInfo]
+
+      @last_nonce_expire: Time
+
+      @mutex: Thread::Mutex
+
+      include Authenticator
+
+      AuthScheme: String
+
+      class OpaqueInfo < Struct[untyped]
+        attr_accessor time(): Time
+        attr_accessor nonce(): String?
+        attr_accessor nc(): String
+      end
+
+      attr_reader algorithm: String?
+
+      attr_reader qop: Array[String]
+
+      def self.make_passwd: (String realm, String user, String pass) -> untyped
+
+      def initialize: (Hash[Symbol, untyped] config, ?Hash[Symbol, untyped] default) -> void
+
+      def authenticate: (HTTPRequest req, HTTPResponse res) -> void
+
+      def challenge: (HTTPRequest req, HTTPResponse res, ?bool stale) -> bot
+
+      private
+
+      MustParams: Array[String]
+
+      MustParamsAuth: Array[String]
+
+      def _authenticate: (HTTPRequest req, HTTPResponse res) -> (:nonce_is_stale | bool)
+
+      def split_param_value: (String string) -> Hash[String, String]
+
+      def generate_next_nonce: (HTTPRequest req) -> String
+
+      def check_nonce: (HTTPRequest req, Hash[String, String] auth_req) -> bool
+
+      def generate_opaque: (HTTPRequest req) -> String
+
+      def check_opaque: (OpaqueInfo opaque_struct, untyped req, Hash[String, String] auth_req) -> bool
+
+      def check_uri: (HTTPRequest req, Hash[String, String] auth_req) -> bool
+
+      def hexdigest: (*_ToS? args) -> String
+    end
+
+    class ProxyDigestAuth < DigestAuth
+      include ProxyAuthenticator
+
+      private
+
+      def check_uri: (HTTPRequest req, Hash[String, String] auth_req) -> true
+    end
+  end
+end

data/sig/httpauth/htdigest.rbs

@@ -0,0 +1,31 @@
+module WEBrick
+  module HTTPAuth
+    class Htdigest
+      @path: String
+
+      @mtime: Time
+
+      @digest: Hash[String, Hash[String, String]]
+
+      @mutex: Thread::Mutex
+
+      @auth_type: String
+
+      include UserDB
+
+      def initialize: (String path) -> void
+
+      def reload: () -> void
+
+      def flush: (?String? output) -> void
+
+      def get_passwd: (String realm, String user, bool reload_db) -> String?
+
+      def set_passwd: (String realm, String user, String pass) -> String
+
+      def delete_passwd: (String realm, String user) -> String?
+
+      def each: () { (String user, String realm, String password_hash) -> void } -> void
+    end
+  end
+end

data/sig/httpauth/htgroup.rbs

@@ -0,0 +1,21 @@
+module WEBrick
+  module HTTPAuth
+    class Htgroup
+      @path: String
+
+      @mtime: Time
+
+      @group: Hash[String, Array[String]]
+
+      def initialize: (String path) -> void
+
+      def reload: () -> void
+
+      def flush: (?String? output) -> void
+
+      def members: (String group) -> Array[String]
+
+      def add: (String group, Array[String] members) -> void
+    end
+  end
+end

data/sig/httpauth/htpasswd.rbs

@@ -0,0 +1,31 @@
+module WEBrick
+  module HTTPAuth
+    class Htpasswd
+      @path: String
+
+      @mtime: Time
+
+      @passwd: Hash[String, String]
+
+      @auth_type: String
+
+      @password_hash: (:crypt | :bcrypt)
+
+      include UserDB
+
+      def initialize: (String path, ?password_hash: (:crypt | :bcrypt)?) -> void
+
+      def reload: () -> void
+
+      def flush: (?String? output) -> void
+
+      def get_passwd: (String realm, String user, bool reload_db) -> String?
+
+      def set_passwd: (String realm, String user, String pass) -> void
+
+      def delete_passwd: (String realm, String user) -> String
+
+      def each: () { ([String, String]) -> void } -> void
+    end
+  end
+end

data/sig/httpauth/userdb.rbs

@@ -0,0 +1,13 @@
+module WEBrick
+  module HTTPAuth
+    module UserDB
+      attr_accessor auth_type: String
+
+      def make_passwd: (String realm, String user, String pass) -> String
+
+      def set_passwd: (String realm, String user, String pass) -> void
+
+      def get_passwd: (String realm, String user, ?bool reload_db) -> String
+    end
+  end
+end

data/sig/httpauth.rbs

@@ -0,0 +1,13 @@
+module WEBrick
+  module HTTPAuth
+    interface _Callable
+      def call: (String user, String pass) -> bool
+    end
+
+    def self?._basic_auth: (HTTPRequest req, HTTPResponse res, String realm, String req_field, String res_field, HTTPStatus::Error err_type, _Callable block) -> void
+
+    def self?.basic_auth: (HTTPRequest req, HTTPResponse res, String realm) { (String user, String pass) -> bool } -> void
+
+    def self?.proxy_basic_auth: (HTTPRequest req, HTTPResponse res, String realm) { (String user, String pass) -> bool } -> void
+  end
+end

data/sig/httpproxy.rbs

@@ -0,0 +1,61 @@
+module WEBrick
+  NullReader: untyped
+
+  def self.read: (*untyped args) -> nil
+
+  alias self.gets self.read
+
+  FakeProxyURI: untyped
+
+  def self.method_missing: (untyped meth, *untyped args) -> (nil | untyped)
+
+  class HTTPProxyServer < HTTPServer
+    @via: untyped
+
+    def initialize: (?::Hash[untyped, untyped] config, ?untyped default) -> void
+
+    # :stopdoc:
+    def service: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def proxy_auth: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def proxy_uri: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def proxy_service: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def do_CONNECT: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def do_GET: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def do_HEAD: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def do_POST: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def do_OPTIONS: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    private
+
+    # Some header fields should not be transferred.
+    HopByHop: ::Array["connection" | "keep-alive" | "proxy-authenticate" | "upgrade" | "proxy-authorization" | "te" | "trailers" | "transfer-encoding"]
+
+    ShouldNotTransfer: ::Array["set-cookie" | "proxy-connection"]
+
+    def split_field: (untyped f) -> (untyped | ::Array[untyped])
+
+    def choose_header: (untyped src, untyped dst) -> untyped
+
+    # Net::HTTP is stupid about the multiple header fields.
+    # Here is workaround:
+    def set_cookie: (untyped src, untyped dst) -> (untyped | nil)
+
+    def set_via: (untyped h) -> (untyped | nil)
+
+    def setup_proxy_header: (HTTPRequest req, HTTPResponse res) -> untyped
+
+    def setup_upstream_proxy_authentication: (HTTPRequest req, HTTPResponse res, untyped header) -> untyped
+
+    def create_net_http: (untyped uri, untyped upstream) -> untyped
+
+    def perform_proxy_request: (HTTPRequest req, HTTPResponse res, untyped req_class, ?untyped? body_stream) -> untyped
+  end
+end