[CalendarServer-changes] [1592] CalendarServer/trunk/twistedcaldav/directory

source_changes at macosforge.org source_changes at macosforge.org
Wed Jun 6 15:17:51 PDT 2007 

Revision: 1592
          http://trac.macosforge.org/projects/calendarserver/changeset/1592
Author:   cdaboo at apple.com
Date:     2007-06-06 15:17:51 -0700 (Wed, 06 Jun 2007)

Log Message:
-----------
Handle digest response with a missing value without generating a 500 error.

Modified Paths:
--------------
    CalendarServer/trunk/twistedcaldav/directory/digest.py
    CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py

Modified: CalendarServer/trunk/twistedcaldav/directory/digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/digest.py	2007-06-06 21:38:12 UTC (rev 1591)
+++ CalendarServer/trunk/twistedcaldav/directory/digest.py	2007-06-06 22:17:51 UTC (rev 1592)
@@ -337,7 +337,7 @@
             username, a nonce, an opaque, or if the opaque is invalid.
         """
         def unq(s):
-            if s[0] == s[-1] == '"':
+            if len(s) != 0 and s[0] == s[-1] == '"':
                 return s[1:-1]
             return s
         response = ' '.join(response.splitlines())

Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py	2007-06-06 21:38:12 UTC (rev 1591)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py	2007-06-06 22:17:51 UTC (rev 1592)
@@ -60,7 +60,9 @@
 
 namelessAuthRequest = 'realm="test realm",nonce="doesn\'t matter"'
 
+emtpyAttributeAuthRequest = 'realm=,nonce="doesn\'t matter"'
 
+
 class DigestAuthTestCase(unittest.TestCase):
     """
     Test the behavior of DigestCredentialFactory
@@ -233,6 +235,20 @@
                                   _trivial_GET)
             self.assertEquals(str(e), "Invalid response, no nonce given.")
 
+    def test_emptyAttribute(self):
+        """
+        Test that login fails when our response contains an attribute
+        with no value,
+        """
+
+        # Check for no username
+        for factory in self.credentialFactories:
+            e = self.assertRaises(error.LoginFailed,
+                                  factory.decode,
+                                  emtpyAttributeAuthRequest,
+                                  _trivial_GET)
+            self.assertEquals(str(e), "Invalid response, no username given.")
+
     def test_checkHash(self):
         """
         Check that given a hash of the form 'username:realm:password'

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20070606/f81cc670/attachment.html

More information about the calendarserver-changes mailing list