[perl-HTTP-Tiny/f20] Unescape any basic authentication stanza
Petr Pisar
ppisar at fedoraproject.org
Tue Nov 19 15:12:05 UTC 2013
commit 054f1f2f51d5d19cfd4c7b17beed1559d7bd379e
Author: Petr Písař <ppisar at redhat.com>
Date: Tue Nov 19 15:58:39 2013 +0100
Unescape any basic authentication stanza
...-unescape-any-basic-authentication-stanza.patch | 82 ++++++++++++++++++++
perl-HTTP-Tiny.spec | 8 ++-
2 files changed, 89 insertions(+), 1 deletions(-)
---
diff --git a/HTTP-Tiny-0.034-unescape-any-basic-authentication-stanza.patch b/HTTP-Tiny-0.034-unescape-any-basic-authentication-stanza.patch
new file mode 100644
index 0000000..bec33f5
--- /dev/null
+++ b/HTTP-Tiny-0.034-unescape-any-basic-authentication-stanza.patch
@@ -0,0 +1,82 @@
+From 00821c1f1a9635ff38c43fff9728e0e650c398a7 Mon Sep 17 00:00:00 2001
+From: David Golden <dagolden at cpan.org>
+Date: Mon, 28 Oct 2013 13:23:35 -0400
+Subject: [PATCH] unescape any basic authentication stanza
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Petr Pisar: Ported to 0.034.
+
+Signed-off-by: Petr Písař <ppisar at redhat.com>
+---
+ MANIFEST | 1 +
+ lib/HTTP/Tiny.pm | 7 +++++++
+ t/cases/auth-04.txt | 18 ++++++++++++++++++
+ 3 files changed, 26 insertions(+)
+ create mode 100644 t/cases/auth-04.txt
+
+diff --git a/MANIFEST b/MANIFEST
+index a3b599d..5b046cc 100644
+--- a/MANIFEST
++++ b/MANIFEST
+@@ -46,6 +46,7 @@ t/Util.pm
+ t/cases/auth-01.txt
+ t/cases/auth-02.txt
+ t/cases/auth-03.txt
++t/cases/auth-04.txt
+ t/cases/cookies-01.txt
+ t/cases/cookies-02.txt
+ t/cases/cookies-03.txt
+diff --git a/lib/HTTP/Tiny.pm b/lib/HTTP/Tiny.pm
+index 30ef26c..6a045f6 100644
+--- a/lib/HTTP/Tiny.pm
++++ b/lib/HTTP/Tiny.pm
+@@ -393,6 +393,8 @@ sub _split_url {
+ $authority = (length($authority)) ? $authority : 'localhost';
+ if ( $authority =~ /@/ ) {
+ ($auth,$host) = $authority =~ m/\A([^@]*)@(.*)\z/; # user:pass at host
++ # userinfo might be percent escaped, so recover real auth info
++ $auth =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
+ }
+ else {
+ $host = $authority;
+@@ -1187,6 +1189,11 @@ redirected request.) For example:
+
+ $http->request('GET', 'http://Aladdin:open sesame at example.com/');
+
++If the "user:password" stanza contains reserved characters, they must
++be percent-escaped:
++
++ $http->request('GET', 'http://john%40example.com:password@example.com/');
++
+ A hashref of options may be appended to modify the request.
+
+ Valid options are:
+diff --git a/t/cases/auth-04.txt b/t/cases/auth-04.txt
+new file mode 100644
+index 0000000..2c832a0
+--- /dev/null
++++ b/t/cases/auth-04.txt
+@@ -0,0 +1,18 @@
++url
++ http://rjbs%40cpan.org:password@example.com/index.html
++expected
++ abcdefghijklmnopqrstuvwxyz1234567890abcdef
++----------
++GET /index.html HTTP/1.1
++Host: example.com
++Connection: close
++User-Agent: HTTP-Tiny/VERSION
++Authorization: Basic cmpic0BjcGFuLm9yZzpwYXNzd29yZA==
++
++----------
++HTTP/1.1 200 OK
++Date: Thu, 03 Feb 1994 00:00:00 GMT
++Content-Type: text/plain
++Content-Length: 42
++
++abcdefghijklmnopqrstuvwxyz1234567890abcdef
+--
+1.8.3.1
+
diff --git a/perl-HTTP-Tiny.spec b/perl-HTTP-Tiny.spec
index eb66166..4c8f8ea 100644
--- a/perl-HTTP-Tiny.spec
+++ b/perl-HTTP-Tiny.spec
@@ -1,11 +1,13 @@
Name: perl-HTTP-Tiny
Version: 0.034
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Small, simple, correct HTTP/1.1 client
License: GPL+ or Artistic
Group: Development/Libraries
URL: http://search.cpan.org/dist/HTTP-Tiny/
Source0: http://www.cpan.org/authors/id/D/DA/DAGOLDEN/HTTP-Tiny-%{version}.tar.gz
+# Bug #1032089, in upstream 0.037
+Patch0: HTTP-Tiny-0.034-unescape-any-basic-authentication-stanza.patch
BuildArch: noarch
BuildRequires: perl
BuildRequires: perl(ExtUtils::MakeMaker) >= 6.30
@@ -52,6 +54,7 @@ resumes after EINTR.
%prep
%setup -q -n HTTP-Tiny-%{version}
+%patch0 -p1
%build
perl Makefile.PL INSTALLDIRS=vendor
@@ -71,6 +74,9 @@ make test
%{_mandir}/man3/*
%changelog
+* Tue Nov 19 2013 Petr Pisar <ppisar at redhat.com> - 0.034-4
+- Unescape any basic authentication stanza (bug #1032089)
+
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.034-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
More information about the scm-commits
mailing list