activesupport 5.0.7.2 → 5.1.0.beta1

data/lib/active_support/key_generator.rb

@@ -1,5 +1,5 @@
-require 'concurrent/map'
-require 'openssl'
+require "concurrent/map"
+require "openssl"
 
 module ActiveSupport
   # KeyGenerator is a simple wrapper around OpenSSL's implementation of PBKDF2.
@@ -17,7 +17,7 @@ module ActiveSupport
     # Returns a derived key suitable for use.  The default key_size is chosen
     # to be compatible with the default settings of ActiveSupport::MessageVerifier.
     # i.e. OpenSSL::Digest::SHA1#block_length
-    def generate_key(salt, key_size=64)
+    def generate_key(salt, key_size = 64)
       OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
     end
   end
@@ -51,21 +51,21 @@ module ActiveSupport
 
     private
 
-    # To prevent users from using something insecure like "Password" we make sure that the
-    # secret they've provided is at least 30 characters in length.
-    def ensure_secret_secure(secret)
-      if secret.blank?
-        raise ArgumentError, "A secret is required to generate an integrity hash " \
-          "for cookie session data. Set a secret_key_base of at least " \
-          "#{SECRET_MIN_LENGTH} characters in config/secrets.yml."
-      end
+      # To prevent users from using something insecure like "Password" we make sure that the
+      # secret they've provided is at least 30 characters in length.
+      def ensure_secret_secure(secret)
+        if secret.blank?
+          raise ArgumentError, "A secret is required to generate an integrity hash " \
+            "for cookie session data. Set a secret_key_base of at least " \
+            "#{SECRET_MIN_LENGTH} characters in config/secrets.yml."
+        end
 
-      if secret.length < SECRET_MIN_LENGTH
-        raise ArgumentError, "Secret should be something secure, " \
-          "like \"#{SecureRandom.hex(16)}\". The value you " \
-          "provided, \"#{secret}\", is shorter than the minimum length " \
-          "of #{SECRET_MIN_LENGTH} characters."
+        if secret.length < SECRET_MIN_LENGTH
+          raise ArgumentError, "Secret should be something secure, " \
+            "like \"#{SecureRandom.hex(16)}\". The value you " \
+            "provided, \"#{secret}\", is shorter than the minimum length " \
+            "of #{SECRET_MIN_LENGTH} characters."
+        end
       end
-    end
   end
 end

data/lib/active_support/lazy_load_hooks.rb

@@ -15,9 +15,9 @@ module ActiveSupport
   #     end
   #   end
   #
-  # When the entirety of +activerecord/lib/active_record/base.rb+ has been
+  # When the entirety of +ActiveRecord::Base+ has been
   # evaluated then +run_load_hooks+ is invoked. The very last line of
-  # +activerecord/lib/active_record/base.rb+ is:
+  # +ActiveRecord::Base+ is:
   #
   #   ActiveSupport.run_load_hooks(:active_record, ActiveRecord::Base)
   module LazyLoadHooks
@@ -25,51 +25,33 @@ module ActiveSupport
       base.class_eval do
         @load_hooks = Hash.new { |h, k| h[k] = [] }
         @loaded     = Hash.new { |h, k| h[k] = [] }
-        @run_once   = Hash.new { |h, k| h[k] = [] }
       end
     end
 
     # Declares a block that will be executed when a Rails component is fully
     # loaded.
-    #
-    # Options:
-    #
-    # * <tt>:yield</tt> - Yields the object that run_load_hooks to +block+.
-    # * <tt>:run_once</tt> - Given +block+ will run only once.
     def on_load(name, options = {}, &block)
       @loaded[name].each do |base|
-        execute_hook(name, base, options, block)
+        execute_hook(base, options, block)
       end
 
       @load_hooks[name] << [block, options]
     end
 
+    def execute_hook(base, options, block)
+      if options[:yield]
+        block.call(base)
+      else
+        base.instance_eval(&block)
+      end
+    end
+
     def run_load_hooks(name, base = Object)
       @loaded[name] << base
       @load_hooks[name].each do |hook, options|
-        execute_hook(name, base, options, hook)
+        execute_hook(base, options, hook)
       end
     end
-
-    private
-
-      def with_execution_control(name, block, once)
-        unless @run_once[name].include?(block)
-          @run_once[name] << block if once
-
-          yield
-        end
-      end
-
-      def execute_hook(name, base, options, block)
-        with_execution_control(name, block, options[:run_once]) do
-          if options[:yield]
-            block.call(base)
-          else
-            base.instance_eval(&block)
-          end
-        end
-      end
   end
 
   extend LazyLoadHooks

data/lib/active_support/log_subscriber.rb

@@ -1,6 +1,6 @@
-require 'active_support/core_ext/module/attribute_accessors'
-require 'active_support/core_ext/class/attribute'
-require 'active_support/subscriber'
+require "active_support/core_ext/module/attribute_accessors"
+require "active_support/core_ext/class/attribute"
+require "active_support/subscriber"
 
 module ActiveSupport
   # ActiveSupport::LogSubscriber is an object set to consume
@@ -85,7 +85,7 @@ module ActiveSupport
       logger.error "Could not log #{name.inspect} event. #{e.class}: #{e.message} #{e.backtrace}"
     end
 
-  protected
+  private
 
     %w(info debug warn error fatal unknown).each do |level|
       class_eval <<-METHOD, __FILE__, __LINE__ + 1
@@ -99,7 +99,7 @@ module ActiveSupport
     # option is set to +true+, it also adds bold to the string. This is based
     # on the Highline implementation and will automatically append CLEAR to the
     # end of the returned String.
-    def color(text, color, bold=false)
+    def color(text, color, bold = false) # :doc:
       return text unless colorize_logging
       color = self.class.const_get(color.upcase) if color.is_a?(Symbol)
       bold  = bold ? BOLD : ""

data/lib/active_support/log_subscriber/test_helper.rb

@@ -1,6 +1,6 @@
-require 'active_support/log_subscriber'
-require 'active_support/logger'
-require 'active_support/notifications'
+require "active_support/log_subscriber"
+require "active_support/logger"
+require "active_support/notifications"
 
 module ActiveSupport
   class LogSubscriber
@@ -58,15 +58,15 @@ module ActiveSupport
         def initialize(level = DEBUG)
           @flush_count = 0
           @level = level
-          @logged = Hash.new { |h,k| h[k] = [] }
+          @logged = Hash.new { |h, k| h[k] = [] }
         end
 
         def method_missing(level, message = nil)
-           if block_given?
-             @logged[level] << yield
-           else
-             @logged[level] << message
-           end
+          if block_given?
+            @logged[level] << yield
+          else
+            @logged[level] << message
+          end
         end
 
         def logged(level)

data/lib/active_support/logger.rb

@@ -1,6 +1,6 @@
-require 'active_support/logger_silence'
-require 'active_support/logger_thread_safe_level'
-require 'logger'
+require "active_support/logger_silence"
+require "active_support/logger_thread_safe_level"
+require "logger"
 
 module ActiveSupport
   class Logger < ::Logger

data/lib/active_support/logger_silence.rb

@@ -1,6 +1,6 @@
-require 'active_support/concern'
-require 'active_support/core_ext/module/attribute_accessors'
-require 'concurrent'
+require "active_support/concern"
+require "active_support/core_ext/module/attribute_accessors"
+require "concurrent"
 
 module LoggerSilence
   extend ActiveSupport::Concern

data/lib/active_support/logger_thread_safe_level.rb

@@ -1,4 +1,4 @@
-require 'active_support/concern'
+require "active_support/concern"
 
 module ActiveSupport
   module LoggerThreadSafeLevel # :nodoc:

data/lib/active_support/message_encryptor.rb

@@ -1,6 +1,7 @@
-require 'openssl'
-require 'base64'
-require 'active_support/core_ext/array/extract_options'
+require "openssl"
+require "base64"
+require "active_support/core_ext/array/extract_options"
+require "active_support/message_verifier"
 
 module ActiveSupport
   # MessageEncryptor is a simple way to encrypt values which get stored
@@ -30,6 +31,16 @@ module ActiveSupport
       end
     end
 
+    module NullVerifier #:nodoc:
+      def self.verify(value)
+        value
+      end
+
+      def self.generate(value)
+        value
+      end
+    end
+
     class InvalidMessage < StandardError; end
     OpenSSLCipherError = OpenSSL::Cipher::CipherError
 
@@ -42,15 +53,17 @@ module ActiveSupport
     # Options:
     # * <tt>:cipher</tt>     - Cipher to use. Can be any cipher returned by
     #   <tt>OpenSSL::Cipher.ciphers</tt>. Default is 'aes-256-cbc'.
-    # * <tt>:digest</tt> - String of digest to use for signing. Default is +SHA1+.
+    # * <tt>:digest</tt> - String of digest to use for signing. Default is
+    #   +SHA1+. Ignored when using an AEAD cipher like 'aes-256-gcm'.
     # * <tt>:serializer</tt> - Object serializer to use. Default is +Marshal+.
     def initialize(secret, *signature_key_or_options)
       options = signature_key_or_options.extract_options!
       sign_secret = signature_key_or_options.first
       @secret = secret
       @sign_secret = sign_secret
-      @cipher = options[:cipher] || 'aes-256-cbc'
-      @verifier = MessageVerifier.new(@sign_secret || @secret, digest: options[:digest] || 'SHA1', serializer: NullSerializer)
+      @cipher = options[:cipher] || "aes-256-cbc"
+      @digest = options[:digest] || "SHA1" unless aead_mode?
+      @verifier = resolve_verifier
       @serializer = options[:serializer] || Marshal
     end
 
@@ -73,42 +86,66 @@ module ActiveSupport
 
     private
 
-    def _encrypt(value)
-      cipher = new_cipher
-      cipher.encrypt
-      cipher.key = @secret
+      def _encrypt(value)
+        cipher = new_cipher
+        cipher.encrypt
+        cipher.key = @secret
 
-      # Rely on OpenSSL for the initialization vector
-      iv = cipher.random_iv
+        # Rely on OpenSSL for the initialization vector
+        iv = cipher.random_iv
+        cipher.auth_data = "" if aead_mode?
 
-      encrypted_data = cipher.update(@serializer.dump(value))
-      encrypted_data << cipher.final
-
-      "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}"
-    end
+        encrypted_data = cipher.update(@serializer.dump(value))
+        encrypted_data << cipher.final
 
-    def _decrypt(encrypted_message)
-      cipher = new_cipher
-      encrypted_data, iv = encrypted_message.split("--".freeze).map {|v| ::Base64.strict_decode64(v)}
+        blob = "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}"
+        blob << "--#{::Base64.strict_encode64 cipher.auth_tag}" if aead_mode?
+        blob
+      end
 
-      cipher.decrypt
-      cipher.key = @secret
-      cipher.iv  = iv
+      def _decrypt(encrypted_message)
+        cipher = new_cipher
+        encrypted_data, iv, auth_tag = encrypted_message.split("--".freeze).map { |v| ::Base64.strict_decode64(v) }
+
+        # Currently the OpenSSL bindings do not raise an error if auth_tag is
+        # truncated, which would allow an attacker to easily forge it. See
+        # https://github.com/ruby/openssl/issues/63
+        raise InvalidMessage if aead_mode? && auth_tag.bytes.length != 16
+
+        cipher.decrypt
+        cipher.key = @secret
+        cipher.iv  = iv
+        if aead_mode?
+          cipher.auth_tag = auth_tag
+          cipher.auth_data = ""
+        end
+
+        decrypted_data = cipher.update(encrypted_data)
+        decrypted_data << cipher.final
+
+        @serializer.load(decrypted_data)
+      rescue OpenSSLCipherError, TypeError, ArgumentError
+        raise InvalidMessage
+      end
 
-      decrypted_data = cipher.update(encrypted_data)
-      decrypted_data << cipher.final
+      def new_cipher
+        OpenSSL::Cipher.new(@cipher)
+      end
 
-      @serializer.load(decrypted_data)
-    rescue OpenSSLCipherError, TypeError, ArgumentError
-      raise InvalidMessage
-    end
+      def verifier
+        @verifier
+      end
 
-    def new_cipher
-      OpenSSL::Cipher.new(@cipher)
-    end
+      def aead_mode?
+        @aead_mode ||= new_cipher.authenticated?
+      end
 
-    def verifier
-      @verifier
-    end
+      def resolve_verifier
+        if aead_mode?
+          NullVerifier
+        else
+          MessageVerifier.new(@sign_secret || @secret, digest: @digest, serializer: NullSerializer)
+        end
+      end
   end
 end

data/lib/active_support/message_verifier.rb

@@ -1,6 +1,6 @@
-require 'base64'
-require 'active_support/core_ext/object/blank'
-require 'active_support/security_utils'
+require "base64"
+require "active_support/core_ext/object/blank"
+require "active_support/security_utils"
 
 module ActiveSupport
   # +MessageVerifier+ makes it easy to generate and verify messages which are
@@ -34,9 +34,9 @@ module ActiveSupport
     class InvalidSignature < StandardError; end
 
     def initialize(secret, options = {})
-      raise ArgumentError, 'Secret should not be nil.' unless secret
+      raise ArgumentError, "Secret should not be nil." unless secret
       @secret = secret
-      @digest = options[:digest] || 'SHA1'
+      @digest = options[:digest] || "SHA1"
       @serializer = options[:serializer] || Marshal
     end
 
@@ -83,7 +83,7 @@ module ActiveSupport
           data = signed_message.split("--".freeze)[0]
           @serializer.load(decode(data))
         rescue ArgumentError => argument_error
-          return if argument_error.message =~ %r{invalid base64}
+          return if argument_error.message.include?("invalid base64")
           raise
         end
       end
@@ -127,7 +127,7 @@ module ActiveSupport
       end
 
       def generate_digest(data)
-        require 'openssl' unless defined?(OpenSSL)
+        require "openssl" unless defined?(OpenSSL)
         OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
       end
   end

data/lib/active_support/multibyte.rb

@@ -1,7 +1,7 @@
 module ActiveSupport #:nodoc:
   module Multibyte
-    autoload :Chars, 'active_support/multibyte/chars'
-    autoload :Unicode, 'active_support/multibyte/unicode'
+    autoload :Chars, "active_support/multibyte/chars"
+    autoload :Unicode, "active_support/multibyte/unicode"
 
     # The proxy class returned when calling mb_chars. You can use this accessor
     # to configure your own proxy class so you can support other encodings. See

data/lib/active_support/multibyte/chars.rb

@@ -1,7 +1,8 @@
-require 'active_support/json'
-require 'active_support/core_ext/string/access'
-require 'active_support/core_ext/string/behavior'
-require 'active_support/core_ext/module/delegation'
+require "active_support/json"
+require "active_support/core_ext/string/access"
+require "active_support/core_ext/string/behavior"
+require "active_support/core_ext/module/delegation"
+require "active_support/core_ext/regexp"
 
 module ActiveSupport #:nodoc:
   module Multibyte #:nodoc:
@@ -15,7 +16,8 @@ module ActiveSupport #:nodoc:
     # through the +mb_chars+ method. Methods which would normally return a
     # String object now return a Chars object so methods can be chained.
     #
-    #   'The Perfect String  '.mb_chars.downcase.strip.normalize # => "the perfect string"
+    #   'The Perfect String  '.mb_chars.downcase.strip.normalize
+    #   # => #<ActiveSupport::Multibyte::Chars:0x007fdc434ccc10 @wrapped_string="the perfect string">
     #
     # Chars objects are perfectly interchangeable with String objects as long as
     # no explicit class checks are made. If certain methods do explicitly check
@@ -45,7 +47,7 @@ module ActiveSupport #:nodoc:
       alias to_s wrapped_string
       alias to_str wrapped_string
 
-      delegate :<=>, :=~, :acts_like_string?, :to => :wrapped_string
+      delegate :<=>, :=~, :acts_like_string?, to: :wrapped_string
 
       # Creates a new Chars instance by wrapping _string_.
       def initialize(string)
@@ -56,7 +58,7 @@ module ActiveSupport #:nodoc:
       # Forward all undefined methods to the wrapped string.
       def method_missing(method, *args, &block)
         result = @wrapped_string.__send__(method, *args, &block)
-        if method.to_s =~ /!$/
+        if /!$/.match?(method)
           self if result
         else
           result.kind_of?(String) ? chars(result) : result
@@ -86,7 +88,7 @@ module ActiveSupport #:nodoc:
       end
 
       # Works like <tt>String#slice!</tt>, but returns an instance of
-      # Chars, or nil if the string was not modified. The string will not be
+      # Chars, or +nil+ if the string was not modified. The string will not be
       # modified if the range given is out of bounds
       #
       #   string = 'Welcome'
@@ -105,7 +107,7 @@ module ActiveSupport #:nodoc:
       #
       #   'Café'.mb_chars.reverse.to_s # => 'éfaC'
       def reverse
-        chars(Unicode.unpack_graphemes(@wrapped_string).reverse.flatten.pack('U*'))
+        chars(Unicode.unpack_graphemes(@wrapped_string).reverse.flatten.pack("U*"))
       end
 
       # Limits the byte size of the string to a number of bytes without breaking
@@ -133,7 +135,7 @@ module ActiveSupport #:nodoc:
 
       # Converts characters in the string to the opposite case.
       #
-      #    'El Cañón".mb_chars.swapcase.to_s # => "eL cAÑÓN"
+      #    'El Cañón'.mb_chars.swapcase.to_s # => "eL cAÑÓN"
       def swapcase
         chars Unicode.swapcase(@wrapped_string)
       end
@@ -142,15 +144,15 @@ module ActiveSupport #:nodoc:
       #
       #  'über'.mb_chars.capitalize.to_s # => "Über"
       def capitalize
-        (slice(0) || chars('')).upcase + (slice(1..-1) || chars('')).downcase
+        (slice(0) || chars("")).upcase + (slice(1..-1) || chars("")).downcase
       end
 
       # Capitalizes the first letter of every word, when possible.
       #
-      #   "ÉL QUE SE ENTERÓ".mb_chars.titleize    # => "Él Que Se Enteró"
-      #   "日本語".mb_chars.titleize                 # => "日本語"
+      #   "ÉL QUE SE ENTERÓ".mb_chars.titleize.to_s    # => "Él Que Se Enteró"
+      #   "日本語".mb_chars.titleize.to_s               # => "日本語"
       def titleize
-        chars(downcase.to_s.gsub(/\b('?\S)/u) { Unicode.upcase($1)})
+        chars(downcase.to_s.gsub(/\b('?\S)/u) { Unicode.upcase($1) })
       end
       alias_method :titlecase, :titleize
 
@@ -170,7 +172,7 @@ module ActiveSupport #:nodoc:
       #   'é'.length                         # => 2
       #   'é'.mb_chars.decompose.to_s.length # => 3
       def decompose
-        chars(Unicode.decompose(:canonical, @wrapped_string.codepoints.to_a).pack('U*'))
+        chars(Unicode.decompose(:canonical, @wrapped_string.codepoints.to_a).pack("U*"))
       end
 
       # Performs composition on all the characters.
@@ -178,7 +180,7 @@ module ActiveSupport #:nodoc:
       #   'é'.length                       # => 3
       #   'é'.mb_chars.compose.to_s.length # => 2
       def compose
-        chars(Unicode.compose(@wrapped_string.codepoints.to_a).pack('U*'))
+        chars(Unicode.compose(@wrapped_string.codepoints.to_a).pack("U*"))
       end
 
       # Returns the number of grapheme clusters in the string.
@@ -209,21 +211,21 @@ module ActiveSupport #:nodoc:
         end
       end
 
-      protected
+      private
 
-        def translate_offset(byte_offset) #:nodoc:
+        def translate_offset(byte_offset)
           return nil if byte_offset.nil?
-          return 0   if @wrapped_string == ''
+          return 0   if @wrapped_string == ""
 
           begin
-            @wrapped_string.byteslice(0...byte_offset).unpack('U*').length
+            @wrapped_string.byteslice(0...byte_offset).unpack("U*").length
           rescue ArgumentError
             byte_offset -= 1
             retry
           end
         end
 
-        def chars(string) #:nodoc:
+        def chars(string)
           self.class.new(string)
         end
     end