bcrypt 3.1.17-java → 3.1.18-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 982723920ec5f97cff8b34987babf6a5f1ee632e8f942e40cf28246940e067d6
-  data.tar.gz: ab2bb1ace746eb5efa5b2ce1d9b1bcc9fe5445899ae3c78510198a6df19152d0
+  metadata.gz: f35948f2d6985ec5e338d0dd89e2481e0c2e91df63a9623b02bad157c1da0967
+  data.tar.gz: c9cdd80dbf146b2497091bc2e09b613fea5784eacf7e570bcebb7e4a0c3b175c
 SHA512:
-  metadata.gz: 79951a4c7612737f25550f701d387d7c7325798eae87d898cccefd83762cf713d9817a19ca29d95b950ed85b32915efbdf7dd93e146a08230135309876a26a27
-  data.tar.gz: d3618098d76210298bb5e05b39f75469cc4f64dfea5e55cc5cebf0372eb8a529b076d771f184e311c564a6d08932b7160fb46355e09188592f7de1608dd65d83
+  metadata.gz: 3c5d43f9ff8813d14f866a5a87354b0f3152dff9c2b75ab08a7b70e0e84e8f71d2582b36cbdb71b3d45f68fa1a3cd38f30de75db812c5bc23ff613918070a09a
+  data.tar.gz: 8ec660bd584fc110d347dbd5a4d1d0c1cf75e36e7ac9f455a7ed86c100c8111c3f62ef3b4ae5aa15275d30d034d1289756eb1104ed55ad4ff8656c21836cdab6

data/.github/workflows/ruby.yml

@@ -30,8 +30,6 @@ jobs:
           - truffleruby-head
           - mingw
         exclude:
-          - { os: ubuntu,  ruby: jruby }
-          - { os: ubuntu,  ruby: jruby-head }
           - { os: ubuntu,  ruby: mingw }
           - { os: macos,   ruby: mingw }
           - { os: windows, ruby: truffleruby }
@@ -46,8 +44,12 @@ jobs:
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
+        env:
+          JAVA_OPTS: -Djdk.io.File.enableADS=true
       - name: Run tests
         run: bundle exec rake default
+        env:
+          JAVA_OPTS: -Djdk.io.File.enableADS=true
 
   finish:
     runs-on: ubuntu-latest

data/CHANGELOG

@@ -1,3 +1,7 @@
+3.1.18 May 16 2022
+  - Unlock GVL when calculating hashes and salts [GH #260]
+  - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]
+
 3.1.17 Mar 14 2022
 - Fix regex in validators to use \A and \z instead of ^ and $ [GH #121]
 - Truncate secrets greater than 72 bytes in hash_secret [GH #255]

data/README.md

@@ -5,7 +5,6 @@ An easy way to keep your users' passwords secure.
 * https://github.com/bcrypt-ruby/bcrypt-ruby/tree/master
 
 [![Github Actions Build Status](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml/badge.svg?branch=master)](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml)
-[![AppVeyor Build Status](https://ci.appveyor.com/api/projects/status/6fplerx9lnaf0hyo?svg=true)](https://ci.appveyor.com/project/TJSchuck35975/bcrypt-ruby)
 
 ## Why you should use `bcrypt()`
 

data/bcrypt.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'bcrypt'
-  s.version = '3.1.17'
+  s.version = '3.1.18'
 
   s.summary = "OpenBSD's bcrypt() password hashing algorithm."
   s.description = <<-EOF
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
   s.files = `git ls-files`.split("\n")
   s.require_path = 'lib'
 
-  s.add_development_dependency 'rake-compiler', '~> 0.9.2'
+  s.add_development_dependency 'rake-compiler', '~> 1.2.0'
   s.add_development_dependency 'rspec', '>= 3'
 
   s.rdoc_options += ['--title', 'bcrypt-ruby', '--line-numbers', '--inline-source', '--main', 'README.md']

data/ext/mri/bcrypt_ext.c

@@ -1,20 +1,50 @@
 #include <ruby.h>
 #include <ow-crypt.h>
 
+#ifdef HAVE_RUBY_THREAD_H
+#include <ruby/thread.h>
+#endif
+
 static VALUE mBCrypt;
 static VALUE cBCryptEngine;
 
+struct bc_salt_args {
+    const char * prefix;
+    unsigned long count;
+    const char * input;
+    int size;
+};
+
+static void * bc_salt_nogvl(void * ptr) {
+    struct bc_salt_args * args = ptr;
+
+    return crypt_gensalt_ra(args->prefix, args->count, args->input, args->size);
+}
+
 /* Given a logarithmic cost parameter, generates a salt for use with +bc_crypt+.
 */
 static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
     char * salt;
     VALUE str_salt;
-
-    salt = crypt_gensalt_ra(
-	    StringValuePtr(prefix),
-	    NUM2ULONG(count),
-	    NIL_P(input) ? NULL : StringValuePtr(input),
-	    NIL_P(input) ? 0 : RSTRING_LEN(input));
+    struct bc_salt_args args;
+
+    /* duplicate the parameters for thread safety.  If another thread has a
+     * reference to the parameters and mutates them while we are working,
+     * that would be very bad.  Duping the strings means that the reference
+     * isn't shared. */
+    prefix = rb_str_new_frozen(prefix);
+    input  = rb_str_new_frozen(input);
+
+    args.prefix = StringValueCStr(prefix);
+    args.count  = NUM2ULONG(count);
+    args.input  = NIL_P(input) ? NULL : StringValuePtr(input);
+    args.size   = NIL_P(input) ? 0 : RSTRING_LEN(input);
+
+#ifdef HAVE_RUBY_THREAD_H
+    salt = rb_thread_call_without_gvl(bc_salt_nogvl, &args, NULL, NULL);
+#else
+    salt = bc_salt_nogvl((void *)&args);
+#endif
 
     if(!salt) return Qnil;
 
@@ -24,30 +54,52 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
     return str_salt;
 }
 
+struct bc_crypt_args {
+    const char * key;
+    const char * setting;
+    void * data;
+    int size;
+};
+
+static void * bc_crypt_nogvl(void * ptr) {
+    struct bc_crypt_args * args = ptr;
+
+    return crypt_ra(args->key, args->setting, &args->data, &args->size);
+}
+
 /* Given a secret and a salt, generates a salted hash (which you can then store safely).
 */
 static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
     char * value;
-    void * data;
-    int size;
     VALUE out;
 
-    data = NULL;
-    size = 0xDEADBEEF;
+    struct bc_crypt_args args;
 
     if(NIL_P(key) || NIL_P(setting)) return Qnil;
 
-    value = crypt_ra(
-	    NIL_P(key) ? NULL : StringValuePtr(key),
-	    NIL_P(setting) ? NULL : StringValuePtr(setting),
-	    &data,
-	    &size);
+    /* duplicate the parameters for thread safety.  If another thread has a
+     * reference to the parameters and mutates them while we are working,
+     * that would be very bad.  Duping the strings means that the reference
+     * isn't shared. */
+    key     = rb_str_new_frozen(key);
+    setting = rb_str_new_frozen(setting);
+
+    args.data    = NULL;
+    args.size    = 0xDEADBEEF;
+    args.key     = NIL_P(key)     ? NULL : StringValueCStr(key);
+    args.setting = NIL_P(setting) ? NULL : StringValueCStr(setting);
+
+#ifdef HAVE_RUBY_THREAD_H
+    value = rb_thread_call_without_gvl(bc_crypt_nogvl, &args, NULL, NULL);
+#else
+    value = bc_crypt_nogvl((void *)&args);
+#endif
 
-    if(!value || !data) return Qnil;
+    if(!value || !args.data) return Qnil;
 
     out = rb_str_new2(value);
 
-    xfree(data);
+    free(args.data);
 
     return out;
 }

metadata

@@ -1,21 +1,21 @@
 --- !ruby/object:Gem::Specification
 name: bcrypt
 version: !ruby/object:Gem::Version
-  version: 3.1.17
+  version: 3.1.18
 platform: java
 authors:
 - Coda Hale
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-14 00:00:00.000000000 Z
+date: 2022-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.2
+        version: 1.2.0
   name: rake-compiler
   prerelease: false
   type: :development
@@ -23,7 +23,7 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.2
+        version: 1.2.0
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
@@ -62,7 +62,6 @@ files:
 - Gemfile
 - README.md
 - Rakefile
-- appveyor.yml
 - bcrypt.gemspec
 - ext/jruby/bcrypt_jruby/BCrypt.java
 - ext/mri/bcrypt_ext.c

data/appveyor.yml

@@ -1,50 +0,0 @@
-version: "{branch}-{build}"
-build: off
-clone_depth: 1
-
-init:
-  # Install Ruby head
-  - if %RUBY_VERSION%==head (
-      appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x86.exe -FileName C:\head_x86.exe &
-      C:\head_x86.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
-    )
-  - if %RUBY_VERSION%==head-x64 (
-      appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x64.exe -FileName C:\head_x64.exe &
-      C:\head_x64.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
-    )
-
-  # Add Ruby to the path
-  - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
-
-environment:
-  matrix:
-    - RUBY_VERSION: "head"
-    - RUBY_VERSION: "head-x64"
-    - RUBY_VERSION: "25"
-    - RUBY_VERSION: "25-x64"
-    - RUBY_VERSION: "24"
-    - RUBY_VERSION: "24-x64"
-    - RUBY_VERSION: "23"
-    - RUBY_VERSION: "23-x64"
-    - RUBY_VERSION: "22"
-    - RUBY_VERSION: "22-x64"
-    - RUBY_VERSION: "21"
-    - RUBY_VERSION: "21-x64"
-    - RUBY_VERSION: "200"
-    - RUBY_VERSION: "200-x64"
-
-install:
-  - ps: "Set-Content -Value 'gem: --no-ri --no-rdoc ' -Path C:\\ProgramData\\gemrc"
-  - if %RUBY_VERSION%==head     ( gem install bundler -v'< 2' )
-  - if %RUBY_VERSION%==head-x64 ( gem install bundler -v'< 2' )
-  - bundle install
-
-before_build:
-  - ruby -v
-  - gem -v
-
-build_script:
-  - bundle exec rake compile -rdevkit
-
-test_script:
-  - bundle exec rake spec