RubyGems - bcrypt - Versions diffs - 3.1.17 → 3.1.18 - Mend

bcrypt 3.1.17 → 3.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a762862a2c11b386ab9e3177bf8dee1832c1909d7cdb0133dfe43b09cac84b51
-  data.tar.gz: abcd7395ac2dc6cefad250754e7b7e2c0d12fd730dab276f8ed66ebae313ec32
+  metadata.gz: ba8b7b14c18d5ad7f8dcd58b2e719925695a8af445b232d50fc21695b3cd4200
+  data.tar.gz: a3a566bb869dcc9001dbeae8041595152444596253d152c9a374ce9c1503d817
 SHA512:
-  metadata.gz: 055b9e3d854570d1a55b14ffbe0a904074579e3070366f4fa046c108f581239aa2a4cb59621ab0c312e4d8f0560fd116a961cb125d196d1874459653d52d9dda
-  data.tar.gz: 1967cda6bc354819f66c56815cfd355ed197e5cfb09fdcb0b64156eea49a8d7ed7c9bdab1d8a86816f5832dbf711ccf8068e4754921ca7062ee8803ad6dd060c
+  metadata.gz: 9e21ae566338f46280af6576c42b54d6dfe9e75619c35a72b87f6401bef689be8526b3385a556f332c28d9a939ca7cd4f2104ef1483f4cc24d144ba837b69af4
+  data.tar.gz: 1c2e714911083b8aa457d9d16c5dd084acd6610e67a4f2c489ec137b1c503f2753d4a2c98e06446bc7771caec176b7b24a207f7395541e32c31268c8d8773551

data/.github/workflows/ruby.yml CHANGED Viewed

@@ -30,8 +30,6 @@ jobs:
           - truffleruby-head
           - mingw
         exclude:
-          - { os: ubuntu,  ruby: jruby }
-          - { os: ubuntu,  ruby: jruby-head }
           - { os: ubuntu,  ruby: mingw }
           - { os: macos,   ruby: mingw }
           - { os: windows, ruby: truffleruby }
@@ -46,8 +44,12 @@ jobs:
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
+        env:
+          JAVA_OPTS: -Djdk.io.File.enableADS=true
       - name: Run tests
         run: bundle exec rake default
+        env:
+          JAVA_OPTS: -Djdk.io.File.enableADS=true
   finish:
     runs-on: ubuntu-latest

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,7 @@
+3.1.18 May 16 2022
+  - Unlock GVL when calculating hashes and salts [GH #260]
+  - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]
 3.1.17 Mar 14 2022
 - Fix regex in validators to use \A and \z instead of ^ and $ [GH #121]
 - Truncate secrets greater than 72 bytes in hash_secret [GH #255]

data/README.md CHANGED Viewed

@@ -5,7 +5,6 @@ An easy way to keep your users' passwords secure.
 * https://github.com/bcrypt-ruby/bcrypt-ruby/tree/master
 [![Github Actions Build Status](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml/badge.svg?branch=master)](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml)
-[![AppVeyor Build Status](https://ci.appveyor.com/api/projects/status/6fplerx9lnaf0hyo?svg=true)](https://ci.appveyor.com/project/TJSchuck35975/bcrypt-ruby)
 ## Why you should use `bcrypt()`

data/bcrypt.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'bcrypt'
-  s.version = '3.1.17'
+  s.version = '3.1.18'
   s.summary = "OpenBSD's bcrypt() password hashing algorithm."
   s.description = <<-EOF
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
   s.files = `git ls-files`.split("\n")
   s.require_path = 'lib'
-  s.add_development_dependency 'rake-compiler', '~> 0.9.2'
+  s.add_development_dependency 'rake-compiler', '~> 1.2.0'
   s.add_development_dependency 'rspec', '>= 3'
   s.rdoc_options += ['--title', 'bcrypt-ruby', '--line-numbers', '--inline-source', '--main', 'README.md']

data/ext/mri/bcrypt_ext.c CHANGED Viewed

@@ -1,20 +1,50 @@
 #include <ruby.h>
 #include <ow-crypt.h>
+#ifdef HAVE_RUBY_THREAD_H
+#include <ruby/thread.h>
+#endif
 static VALUE mBCrypt;
 static VALUE cBCryptEngine;
+struct bc_salt_args {
+    const char * prefix;
+    unsigned long count;
+    const char * input;
+    int size;
+};
+static void * bc_salt_nogvl(void * ptr) {
+    struct bc_salt_args * args = ptr;
+    return crypt_gensalt_ra(args->prefix, args->count, args->input, args->size);
+}
 /* Given a logarithmic cost parameter, generates a salt for use with +bc_crypt+.
 */
 static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
     char * salt;
     VALUE str_salt;
-    salt = crypt_gensalt_ra(
-	    StringValuePtr(prefix),
-	    NUM2ULONG(count),
-	    NIL_P(input) ? NULL : StringValuePtr(input),
-	    NIL_P(input) ? 0 : RSTRING_LEN(input));
+    struct bc_salt_args args;
+    /* duplicate the parameters for thread safety.  If another thread has a
+     * reference to the parameters and mutates them while we are working,
+     * that would be very bad.  Duping the strings means that the reference
+     * isn't shared. */
+    prefix = rb_str_new_frozen(prefix);
+    input  = rb_str_new_frozen(input);
+    args.prefix = StringValueCStr(prefix);
+    args.count  = NUM2ULONG(count);
+    args.input  = NIL_P(input) ? NULL : StringValuePtr(input);
+    args.size   = NIL_P(input) ? 0 : RSTRING_LEN(input);
+#ifdef HAVE_RUBY_THREAD_H
+    salt = rb_thread_call_without_gvl(bc_salt_nogvl, &args, NULL, NULL);
+#else
+    salt = bc_salt_nogvl((void *)&args);
+#endif
     if(!salt) return Qnil;
@@ -24,30 +54,52 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
     return str_salt;
 }
+struct bc_crypt_args {
+    const char * key;
+    const char * setting;
+    void * data;
+    int size;
+};
+static void * bc_crypt_nogvl(void * ptr) {
+    struct bc_crypt_args * args = ptr;
+    return crypt_ra(args->key, args->setting, &args->data, &args->size);
+}
 /* Given a secret and a salt, generates a salted hash (which you can then store safely).
 */
 static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
     char * value;
-    void * data;
-    int size;
     VALUE out;
-    data = NULL;
-    size = 0xDEADBEEF;
+    struct bc_crypt_args args;
     if(NIL_P(key) || NIL_P(setting)) return Qnil;
-    value = crypt_ra(
-	    NIL_P(key) ? NULL : StringValuePtr(key),
-	    NIL_P(setting) ? NULL : StringValuePtr(setting),
-	    &data,
-	    &size);
+    /* duplicate the parameters for thread safety.  If another thread has a
+     * reference to the parameters and mutates them while we are working,
+     * that would be very bad.  Duping the strings means that the reference
+     * isn't shared. */
+    key     = rb_str_new_frozen(key);
+    setting = rb_str_new_frozen(setting);
+    args.data    = NULL;
+    args.size    = 0xDEADBEEF;
+    args.key     = NIL_P(key)     ? NULL : StringValueCStr(key);
+    args.setting = NIL_P(setting) ? NULL : StringValueCStr(setting);
+#ifdef HAVE_RUBY_THREAD_H
+    value = rb_thread_call_without_gvl(bc_crypt_nogvl, &args, NULL, NULL);
+#else
+    value = bc_crypt_nogvl((void *)&args);
+#endif
-    if(!value || !data) return Qnil;
+    if(!value || !args.data) return Qnil;
     out = rb_str_new2(value);
-    xfree(data);
+    free(args.data);
     return out;
 }

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bcrypt
 version: !ruby/object:Gem::Version
-  version: 3.1.17
+  version: 3.1.18
 platform: ruby
 authors:
 - Coda Hale
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-14 00:00:00.000000000 Z
+date: 2022-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.2
+        version: 1.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.2
+        version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -63,7 +63,6 @@ files:
 - Gemfile
 - README.md
 - Rakefile
-- appveyor.yml
 - bcrypt.gemspec
 - ext/jruby/bcrypt_jruby/BCrypt.java
 - ext/mri/bcrypt_ext.c

data/appveyor.yml DELETED Viewed

@@ -1,50 +0,0 @@
-version: "{branch}-{build}"
-build: off
-clone_depth: 1
-init:
-  # Install Ruby head
-  - if %RUBY_VERSION%==head (
-      appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x86.exe -FileName C:\head_x86.exe &
-      C:\head_x86.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
-    )
-  - if %RUBY_VERSION%==head-x64 (
-      appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x64.exe -FileName C:\head_x64.exe &
-      C:\head_x64.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
-    )
-  # Add Ruby to the path
-  - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
-environment:
-  matrix:
-    - RUBY_VERSION: "head"
-    - RUBY_VERSION: "head-x64"
-    - RUBY_VERSION: "25"
-    - RUBY_VERSION: "25-x64"
-    - RUBY_VERSION: "24"
-    - RUBY_VERSION: "24-x64"
-    - RUBY_VERSION: "23"
-    - RUBY_VERSION: "23-x64"
-    - RUBY_VERSION: "22"
-    - RUBY_VERSION: "22-x64"
-    - RUBY_VERSION: "21"
-    - RUBY_VERSION: "21-x64"
-    - RUBY_VERSION: "200"
-    - RUBY_VERSION: "200-x64"
-install:
-  - ps: "Set-Content -Value 'gem: --no-ri --no-rdoc ' -Path C:\\ProgramData\\gemrc"
-  - if %RUBY_VERSION%==head     ( gem install bundler -v'< 2' )
-  - if %RUBY_VERSION%==head-x64 ( gem install bundler -v'< 2' )
-  - bundle install
-before_build:
-  - ruby -v
-  - gem -v
-build_script:
-  - bundle exec rake compile -rdevkit
-test_script:
-  - bundle exec rake spec