Permalink
Browse files

The client nonce count is now incremented in a syncronized method for…

… thread safety. Issue #2
  • Loading branch information...
1 parent ca0b75e commit d5fcf49e11a52a988ecb30ccc87dfbe06b8099bb @drbrain committed Nov 23, 2011
Showing with 26 additions and 5 deletions.
  1. +5 −0 History.txt
  2. +15 −5 lib/net/http/digest_auth.rb
  3. +6 −0 test/test_net_http_digest_auth.rb
View
@@ -1,3 +1,8 @@
+=== 1.2 / 2011-11-22
+
+* Minor enhancement
+ * Now thread safe. Issue #2 by chrisochs.
+
=== 1.1.1 / 2011-04-03
* Bug fix
@@ -1,6 +1,7 @@
-require 'net/http'
-require 'digest'
require 'cgi'
+require 'digest'
+require 'net/http'
+require 'monitor'
##
# An implementation of RFC 2617 Digest Access Authentication.
@@ -33,6 +34,8 @@
class Net::HTTP::DigestAuth
+ include MonitorMixin
+
##
# DigestAuth error class
@@ -41,7 +44,7 @@ class Error < RuntimeError; end
##
# Version of Net::HTTP::DigestAuth you are using
- VERSION = '1.1.1'
+ VERSION = '1.2'
##
# Creates a new DigestAuth header creator.
@@ -50,6 +53,7 @@ class Error < RuntimeError; end
# secret value.
def initialize cnonce = make_cnonce
+ mon_initialize
@nonce_count = -1
@cnonce = cnonce
end
@@ -69,7 +73,7 @@ def initialize cnonce = make_cnonce
# differently so you may need to set +iis+ to true for such servers.
def auth_header uri, www_authenticate, method, iis = false
- @nonce_count += 1
+ nonce_count = next_nonce
user = CGI.unescape uri.user
password = CGI.unescape uri.password
@@ -111,7 +115,7 @@ def auth_header uri, www_authenticate, method, iis = false
ha2 = algorithm.hexdigest "#{method}:#{uri.request_uri}"
request_digest = [ha1, params['nonce']]
- request_digest.push(('%08x' % @nonce_count), @cnonce, qop) if qop
+ request_digest.push(('%08x' % nonce_count), @cnonce, qop) if qop
request_digest << ha2
request_digest = request_digest.join ':'
@@ -145,5 +149,11 @@ def make_cnonce
Digest::MD5.hexdigest "%x" % (Time.now.to_i + rand(65535))
end
+ def next_nonce
+ synchronize do
+ @nonce_count += 1
+ end
+ end
+
end
@@ -101,5 +101,11 @@ def test_make_cnonce
assert_match %r%\A[a-f\d]{32}\z%, @da.make_cnonce
end
+ def test_next_nonce
+ first = @da.next_nonce
+
+ assert_equal first + 1, @da.next_nonce
+ end
+
end

0 comments on commit d5fcf49

Please sign in to comment.