Your message dated Wed, 10 Apr 2013 11:31:25 +0200
with message-id <[email protected]>
and subject line Re: Bug#633842: ruby1.9: Bug with xmlrpc::client, basic auth
and long authentication strings
has caused the Debian Bug report #633842,
regarding ruby1.9: Bug with xmlrpc::client, basic auth and long authentication
strings
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
633842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633842
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ruby1.9
Version: 1.9.0.2-9lenny1
Severity: normal
Tags: patch
XMLRPC::Client has support for basic auth. This tries to encode the
combination of the username and password with the base64 algorithm using
Array.pack. If however your username and password exceed a certain
length the truncate algorithm of Array.pack kicks in and adds a newline
character in the result, which creates HTTP headers that are invalid.
If I understand the documentation of Array.pack correctly, this can be
suppressed by using the pack template 'm0' instead of 'm', but this does
not yield to any change in the output. Maybe I've misunderstood the
documentation at this point, but this might be another bug.
I've added an ugly workaround by using the double of the length. Since
base64 adds about 30% in length this should be enough for everybody
(famous last words)
-- System Information:
Debian Release: 5.0.8
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-bpo.4-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages ruby1.9 depends on:
ii libc6 2.7-18lenny7 GNU C Library: Shared libraries
ii libruby1.9 1.9.0.2-9lenny1 Libraries necessary to run
Ruby 1.
ruby1.9 recommends no packages.
Versions of packages ruby1.9 suggests:
ii rdoc1.9 1.9.0.2-9lenny1 Generate documentation from
Ruby s
pn ri1.9 <none> (no description available)
pn ruby1.9-examples <none> (no description available)
ii rubygems1.9 1.2.0-3 package management
framework for R
-- no debconf information
--- client.rb.orig 2011-07-14 10:53:14.000000000 +0200
+++ client.rb 2011-07-14 10:53:39.000000000 +0200
@@ -493,7 +493,7 @@
else
a = "#@user"
a << ":#@password" if @password != nil
- @auth = ("Basic " + [a].pack("m")).chomp
+ @auth = ("Basic " + [a].pack("m#{a.length*2}")).chomp
end
end
--- End Message ---
--- Begin Message ---
Control: fixed -1 ruby1.9.1/1.9.3.0-1
(According to the upstream bugtracker, this bug was fixed in 1.9.3, so
I'm setting the fixed thing to the first 1.9.3 upload.)
Herwin Weststrate <[email protected]> writes:
> The bug has actually been fixed in the Ruby 1.9 packages of Debian
> Wheezy, so I guess this bug report can be closed.
Lets do that then!
--
|8]
--- End Message ---
