bcrypt 3.1.11-java → 3.1.12-java

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a1bd0f47d1a3a5073e23a4269baf9a294c972edc
+  data.tar.gz: b0cf8677f04f7830dd5c13bc75df6a3ea4a5d1b9
+SHA512:
+  metadata.gz: 16b13fc03a3b87cae40577513c633b35b0f9f2696783bb01273afc138ccb42caafe2380829886d58a7ae6c4f458ce3cdb35d2043d278f03a7ca1e91f454e57e2
+  data.tar.gz: 981d4ab9048ae1054d6ebb8f2ed4f4e54e6f66d7eee2e230bc13d085ec90ff368fbf8dfd51eaa7d2ab7aaf247674a0bca9a4e173e01eafc03ff31d8b870ec127

data/.travis.yml

@@ -1,16 +1,21 @@
 language: ruby
+before_install:
+  - gem update --system
+  - gem install bundler
 rvm:
-  - 1.8.7
-  - 1.9.2
-  - 1.9.3
-  - 2.0.0
-  - 2.1.0
-  - 2.2.0
-  - 2.3.0
+  - 1.8
+  - 1.9
+  - 2.0
+  - 2.1
+  - 2.2
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
   - ruby-head
   - jruby-18mode
   - jruby-19mode
   - jruby-head
-  - rbx-2
+  - rbx-3
   - ree
 script: bundle exec rake

data/CHANGELOG

@@ -82,3 +82,7 @@
 
 3.1.11 Mar 06 2016
   - Add support for Ruby 2.2 in compiled Windows binaries
+
+3.1.12 May 16 2018
+  - Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
+  - Fix compatibility with libxcrypt [GH #164 by @besser82]

data/Gemfile.lock

@@ -1,14 +1,14 @@
 PATH
   remote: .
   specs:
-    bcrypt (3.1.11)
+    bcrypt (3.1.12)
 
 GEM
   remote: https://rubygems.org/
   specs:
     diff-lcs (1.2.5)
-    json (1.8.3)
-    json (1.8.3-java)
+    json (1.8.6)
+    json (1.8.6-java)
     rake (10.4.2)
     rake-compiler (0.9.5)
       rake
@@ -41,4 +41,4 @@ DEPENDENCIES
   rspec (>= 3)
 
 BUNDLED WITH
-   1.11.2
+   1.16.1

data/README.md

@@ -30,8 +30,8 @@ re-hash those passwords. This vulnerability only affected the JRuby gem.
 The bcrypt gem is available on the following ruby platforms:
 
 * JRuby
-* RubyInstaller 1.8, 1.9, 2.0, 2.1, and 2.2 builds on win32
-* Any 1.8, 1.9, 2.0, 2.1, 2.2, or 2.3 Ruby on a BSD/OS X/Linux system with a compiler
+* RubyInstaller 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, and 2.5 builds on Windows
+* Any 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, or 2.5 Ruby on a BSD/OS X/Linux system with a compiler
 
 ## How to use `bcrypt()` in your Rails application
 
@@ -40,69 +40,58 @@ The bcrypt gem is available on the following ruby platforms:
 implements a similar authentication strategy to the code below.
 
 ### The _User_ model
-
-    require 'bcrypt'
-
-    class User < ActiveRecord::Base
-      # users.password_hash in the database is a :string
-      include BCrypt
-
-      def password
-        @password ||= Password.new(password_hash)
-      end
-
-      def password=(new_password)
-        @password = Password.create(new_password)
-        self.password_hash = @password
-      end
-    end
-
+```ruby
+require 'bcrypt'
+
+class User < ActiveRecord::Base
+  # users.password_hash in the database is a :string
+  include BCrypt
+
+  def password
+    @password ||= Password.new(password_hash)
+  end
+
+  def password=(new_password)
+    @password = Password.create(new_password)
+    self.password_hash = @password
+  end
+end
+```
 ### Creating an account
-
-    def create
-      @user = User.new(params[:user])
-      @user.password = params[:password]
-      @user.save!
-    end
-
+```ruby
+def create
+  @user = User.new(params[:user])
+  @user.password = params[:password]
+  @user.save!
+end
+```
 ### Authenticating a user
-
-    def login
-      @user = User.find_by_email(params[:email])
-      if @user.password == params[:password]
-        give_token
-      else
-        redirect_to home_url
-      end
-    end
-
-### If a user forgets their password?
-
-    # assign them a random one and mail it to them, asking them to change it
-    def forgot_password
-      @user = User.find_by_email(params[:email])
-      random_password = Array.new(10).map { (65 + rand(58)).chr }.join
-      @user.password = random_password
-      @user.save!
-      Mailer.create_and_deliver_password_change(@user, random_password)
-    end
-
+```ruby
+def login
+  @user = User.find_by_email(params[:email])
+  if @user.password == params[:password]
+    give_token
+  else
+    redirect_to home_url
+  end
+end
+```
 ## How to use bcrypt-ruby in general
+```ruby
+require 'bcrypt'
 
-    require 'bcrypt'
-
-    my_password = BCrypt::Password.create("my password")
-      #=> "$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa"
-
-    my_password.version              #=> "2a"
-    my_password.cost                 #=> 10
-    my_password == "my password"     #=> true
-    my_password == "not my password" #=> false
+my_password = BCrypt::Password.create("my password")
+#=> "$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa"
 
-    my_password = BCrypt::Password.new("$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa")
-    my_password == "my password"     #=> true
-    my_password == "not my password" #=> false
+my_password.version              #=> "2a"
+my_password.cost                 #=> 10
+my_password == "my password"     #=> true
+my_password == "not my password" #=> false
 
+my_password = BCrypt::Password.new("$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa")
+my_password == "my password"     #=> true
+my_password == "not my password" #=> false
+```
 Check the rdocs for more details -- BCrypt, BCrypt::Password.
 
 ## How `bcrypt()` works
@@ -171,15 +160,15 @@ stateless authentication architecture (e.g., HTTP Basic Auth), you will want to
 server load and keep your request times down. This will lower the security provided you, but there are few alternatives.
 
 To change the default cost factor used by bcrypt-ruby, use `BCrypt::Engine.cost = new_value`:
-
-    BCrypt::Password.create('secret').cost
-      #=> 10, the default provided by bcrypt-ruby
-
-    # set a new default cost
-    BCrypt::Engine.cost = 8
-    BCrypt::Password.create('secret').cost
-      #=> 8
-
+```ruby
+BCrypt::Password.create('secret').cost
+  #=> 10, the default provided by bcrypt-ruby
+
+# set a new default cost
+BCrypt::Engine.cost = 8
+BCrypt::Password.create('secret').cost
+  #=> 8
+```
 The default cost can be overridden as needed by passing an options hash with a different cost:
 
     BCrypt::Password.create('secret', :cost => 6).cost  #=> 6

data/Rakefile

@@ -12,6 +12,10 @@ CLEAN.include(
   "lib/1.9",
   "lib/2.0",
   "lib/2.1",
+  "lib/2.2",
+  "lib/2.3",
+  "lib/2.4",
+  "lib/2.5",
   "lib/bcrypt_ext.jar",
   "lib/bcrypt_ext.so"
 )

data/appveyor.yml

@@ -0,0 +1,50 @@
+###############################################################################
+#
+# This AppVeyor config is *NOT* for running the tests on Windows.
+#
+# This is to ensure that the latest version of the bcrypt gem can be installed
+# on Windows across all of the currently supported versions of Ruby.
+#
+###############################################################################
+
+version: "{branch}-{build}"
+build: off
+clone_depth: 1
+
+init:
+  # Install Ruby 1.8.7
+  - if %RUBY_VERSION%==187 (
+      appveyor DownloadFile https://dl.bintray.com/oneclick/rubyinstaller/rubyinstaller-1.8.7-p374.exe -FileName C:\ruby_187.exe &
+      C:\ruby_187.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
+    )
+
+environment:
+  matrix:
+    - RUBY_VERSION: "187"
+    - RUBY_VERSION: "193"
+    - RUBY_VERSION: "200"
+    - RUBY_VERSION: "200-x64"
+    - RUBY_VERSION: "21"
+    - RUBY_VERSION: "21-x64"
+    - RUBY_VERSION: "22"
+    - RUBY_VERSION: "22-x64"
+    - RUBY_VERSION: "23"
+    - RUBY_VERSION: "23-x64"
+    - RUBY_VERSION: "24"
+    - RUBY_VERSION: "24-x64"
+    - RUBY_VERSION: "25"
+    - RUBY_VERSION: "25-x64"
+
+install:
+  - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
+  - if %RUBY_VERSION%==187 (
+      gem update --system 2.0.17
+    )
+
+before_test:
+  - ruby -v
+  - gem -v
+
+test_script:
+  - gem install bcrypt --prerelease --no-ri --no-rdoc
+  - ruby -e "require 'rubygems'; require 'bcrypt'"

data/bcrypt.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'bcrypt'
-  s.version = '3.1.11'
+  s.version = '3.1.12'
 
   s.summary = "OpenBSD's bcrypt() password hashing algorithm."
   s.description = <<-EOF

data/ext/mri/bcrypt_ext.c

@@ -45,7 +45,7 @@ static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
 
     if(!value) return Qnil;
 
-    out = rb_str_new(data, size - 1);
+    out = rb_str_new2(value);
 
     xfree(data);
 

metadata

@@ -1,64 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: bcrypt
 version: !ruby/object:Gem::Version
-  prerelease:
-  version: 3.1.11
+  version: 3.1.12
 platform: java
 authors:
 - Coda Hale
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-03-06 00:00:00.000000000 Z
+date: 2018-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rake-compiler
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.9.2
-    none: false
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.2
-    none: false
+  name: rake-compiler
   prerelease: false
   type: :development
-- !ruby/object:Gem::Dependency
-  name: rspec
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
-    none: false
+        version: 0.9.2
+- !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3'
-    none: false
+  name: rspec
   prerelease: false
   type: :development
-- !ruby/object:Gem::Dependency
-  name: rdoc
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.12'
-    none: false
+        version: '3'
+- !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.12'
-    none: false
+  name: rdoc
   prerelease: false
   type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.12'
 description: |2
       bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD project
       for hashing passwords. The bcrypt Ruby gem provides a simple wrapper for safely handling
@@ -71,19 +64,20 @@ extra_rdoc_files:
 - COPYING
 - CHANGELOG
 - lib/bcrypt.rb
+- lib/bcrypt/password.rb
 - lib/bcrypt/engine.rb
 - lib/bcrypt/error.rb
-- lib/bcrypt/password.rb
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - CHANGELOG
 - COPYING
 - Gemfile
 - Gemfile.lock
 - README.md
 - Rakefile
+- appveyor.yml
 - bcrypt.gemspec
 - ext/jruby/bcrypt_jruby/BCrypt.java
 - ext/mri/bcrypt_ext.c
@@ -98,47 +92,40 @@ files:
 - lib/bcrypt/engine.rb
 - lib/bcrypt/error.rb
 - lib/bcrypt/password.rb
+- lib/bcrypt_ext.jar
 - spec/TestBCrypt.java
 - spec/bcrypt/engine_spec.rb
 - spec/bcrypt/error_spec.rb
 - spec/bcrypt/password_spec.rb
 - spec/spec_helper.rb
-- lib/bcrypt_ext.jar
 homepage: https://github.com/codahale/bcrypt-ruby
 licenses:
 - MIT
+metadata: {}
 post_install_message:
 rdoc_options:
-- --title
+- "--title"
 - bcrypt-ruby
-- --line-numbers
-- --inline-source
-- --main
+- "--line-numbers"
+- "--inline-source"
+- "--main"
 - README.md
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
-      hash: 2
       version: '0'
-  none: false
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
-      hash: 2
       version: '0'
-  none: false
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.25
+rubygems_version: 2.6.14.1
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: OpenBSD's bcrypt() password hashing algorithm.
 test_files: []