bcrypt 3.1.17 → 3.1.18

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +4 -2
  3. data/CHANGELOG +4 -0
  4. data/README.md +0 -1
  5. data/bcrypt.gemspec +2 -2
  6. data/ext/mri/bcrypt_ext.c +69 -17
  7. metadata +4 -5
  8. data/appveyor.yml +0 -50
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a762862a2c11b386ab9e3177bf8dee1832c1909d7cdb0133dfe43b09cac84b51
4
- data.tar.gz: abcd7395ac2dc6cefad250754e7b7e2c0d12fd730dab276f8ed66ebae313ec32
3
+ metadata.gz: ba8b7b14c18d5ad7f8dcd58b2e719925695a8af445b232d50fc21695b3cd4200
4
+ data.tar.gz: a3a566bb869dcc9001dbeae8041595152444596253d152c9a374ce9c1503d817
5
5
  SHA512:
6
- metadata.gz: 055b9e3d854570d1a55b14ffbe0a904074579e3070366f4fa046c108f581239aa2a4cb59621ab0c312e4d8f0560fd116a961cb125d196d1874459653d52d9dda
7
- data.tar.gz: 1967cda6bc354819f66c56815cfd355ed197e5cfb09fdcb0b64156eea49a8d7ed7c9bdab1d8a86816f5832dbf711ccf8068e4754921ca7062ee8803ad6dd060c
6
+ metadata.gz: 9e21ae566338f46280af6576c42b54d6dfe9e75619c35a72b87f6401bef689be8526b3385a556f332c28d9a939ca7cd4f2104ef1483f4cc24d144ba837b69af4
7
+ data.tar.gz: 1c2e714911083b8aa457d9d16c5dd084acd6610e67a4f2c489ec137b1c503f2753d4a2c98e06446bc7771caec176b7b24a207f7395541e32c31268c8d8773551
data/.github/workflows/ruby.yml CHANGED
@@ -30,8 +30,6 @@ jobs:
30
30
  - truffleruby-head
31
31
  - mingw
32
32
  exclude:
33
- - { os: ubuntu, ruby: jruby }
34
- - { os: ubuntu, ruby: jruby-head }
35
33
  - { os: ubuntu, ruby: mingw }
36
34
  - { os: macos, ruby: mingw }
37
35
  - { os: windows, ruby: truffleruby }
@@ -46,8 +44,12 @@ jobs:
46
44
  with:
47
45
  ruby-version: ${{ matrix.ruby }}
48
46
  bundler-cache: true
47
+ env:
48
+ JAVA_OPTS: -Djdk.io.File.enableADS=true
49
49
  - name: Run tests
50
50
  run: bundle exec rake default
51
+ env:
52
+ JAVA_OPTS: -Djdk.io.File.enableADS=true
51
53
 
52
54
  finish:
53
55
  runs-on: ubuntu-latest
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ 3.1.18 May 16 2022
2
+ - Unlock GVL when calculating hashes and salts [GH #260]
3
+ - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]
4
+
1
5
  3.1.17 Mar 14 2022
2
6
  - Fix regex in validators to use \A and \z instead of ^ and $ [GH #121]
3
7
  - Truncate secrets greater than 72 bytes in hash_secret [GH #255]
data/README.md CHANGED
@@ -5,7 +5,6 @@ An easy way to keep your users' passwords secure.
5
5
  * https://github.com/bcrypt-ruby/bcrypt-ruby/tree/master
6
6
 
7
7
  [![Github Actions Build Status](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml/badge.svg?branch=master)](https://github.com/bcrypt-ruby/bcrypt-ruby/actions/workflows/ruby.yml)
8
- [![AppVeyor Build Status](https://ci.appveyor.com/api/projects/status/6fplerx9lnaf0hyo?svg=true)](https://ci.appveyor.com/project/TJSchuck35975/bcrypt-ruby)
9
8
 
10
9
  ## Why you should use `bcrypt()`
11
10
 
data/bcrypt.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'bcrypt'
3
- s.version = '3.1.17'
3
+ s.version = '3.1.18'
4
4
 
5
5
  s.summary = "OpenBSD's bcrypt() password hashing algorithm."
6
6
  s.description = <<-EOF
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
12
12
  s.files = `git ls-files`.split("\n")
13
13
  s.require_path = 'lib'
14
14
 
15
- s.add_development_dependency 'rake-compiler', '~> 0.9.2'
15
+ s.add_development_dependency 'rake-compiler', '~> 1.2.0'
16
16
  s.add_development_dependency 'rspec', '>= 3'
17
17
 
18
18
  s.rdoc_options += ['--title', 'bcrypt-ruby', '--line-numbers', '--inline-source', '--main', 'README.md']
data/ext/mri/bcrypt_ext.c CHANGED
@@ -1,20 +1,50 @@
1
1
  #include <ruby.h>
2
2
  #include <ow-crypt.h>
3
3
 
4
+ #ifdef HAVE_RUBY_THREAD_H
5
+ #include <ruby/thread.h>
6
+ #endif
7
+
4
8
  static VALUE mBCrypt;
5
9
  static VALUE cBCryptEngine;
6
10
 
11
+ struct bc_salt_args {
12
+ const char * prefix;
13
+ unsigned long count;
14
+ const char * input;
15
+ int size;
16
+ };
17
+
18
+ static void * bc_salt_nogvl(void * ptr) {
19
+ struct bc_salt_args * args = ptr;
20
+
21
+ return crypt_gensalt_ra(args->prefix, args->count, args->input, args->size);
22
+ }
23
+
7
24
  /* Given a logarithmic cost parameter, generates a salt for use with +bc_crypt+.
8
25
  */
9
26
  static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
10
27
  char * salt;
11
28
  VALUE str_salt;
12
-
13
- salt = crypt_gensalt_ra(
14
- StringValuePtr(prefix),
15
- NUM2ULONG(count),
16
- NIL_P(input) ? NULL : StringValuePtr(input),
17
- NIL_P(input) ? 0 : RSTRING_LEN(input));
29
+ struct bc_salt_args args;
30
+
31
+ /* duplicate the parameters for thread safety. If another thread has a
32
+ * reference to the parameters and mutates them while we are working,
33
+ * that would be very bad. Duping the strings means that the reference
34
+ * isn't shared. */
35
+ prefix = rb_str_new_frozen(prefix);
36
+ input = rb_str_new_frozen(input);
37
+
38
+ args.prefix = StringValueCStr(prefix);
39
+ args.count = NUM2ULONG(count);
40
+ args.input = NIL_P(input) ? NULL : StringValuePtr(input);
41
+ args.size = NIL_P(input) ? 0 : RSTRING_LEN(input);
42
+
43
+ #ifdef HAVE_RUBY_THREAD_H
44
+ salt = rb_thread_call_without_gvl(bc_salt_nogvl, &args, NULL, NULL);
45
+ #else
46
+ salt = bc_salt_nogvl((void *)&args);
47
+ #endif
18
48
 
19
49
  if(!salt) return Qnil;
20
50
 
@@ -24,30 +54,52 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
24
54
  return str_salt;
25
55
  }
26
56
 
57
+ struct bc_crypt_args {
58
+ const char * key;
59
+ const char * setting;
60
+ void * data;
61
+ int size;
62
+ };
63
+
64
+ static void * bc_crypt_nogvl(void * ptr) {
65
+ struct bc_crypt_args * args = ptr;
66
+
67
+ return crypt_ra(args->key, args->setting, &args->data, &args->size);
68
+ }
69
+
27
70
  /* Given a secret and a salt, generates a salted hash (which you can then store safely).
28
71
  */
29
72
  static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
30
73
  char * value;
31
- void * data;
32
- int size;
33
74
  VALUE out;
34
75
 
35
- data = NULL;
36
- size = 0xDEADBEEF;
76
+ struct bc_crypt_args args;
37
77
 
38
78
  if(NIL_P(key) || NIL_P(setting)) return Qnil;
39
79
 
40
- value = crypt_ra(
41
- NIL_P(key) ? NULL : StringValuePtr(key),
42
- NIL_P(setting) ? NULL : StringValuePtr(setting),
43
- &data,
44
- &size);
80
+ /* duplicate the parameters for thread safety. If another thread has a
81
+ * reference to the parameters and mutates them while we are working,
82
+ * that would be very bad. Duping the strings means that the reference
83
+ * isn't shared. */
84
+ key = rb_str_new_frozen(key);
85
+ setting = rb_str_new_frozen(setting);
86
+
87
+ args.data = NULL;
88
+ args.size = 0xDEADBEEF;
89
+ args.key = NIL_P(key) ? NULL : StringValueCStr(key);
90
+ args.setting = NIL_P(setting) ? NULL : StringValueCStr(setting);
91
+
92
+ #ifdef HAVE_RUBY_THREAD_H
93
+ value = rb_thread_call_without_gvl(bc_crypt_nogvl, &args, NULL, NULL);
94
+ #else
95
+ value = bc_crypt_nogvl((void *)&args);
96
+ #endif
45
97
 
46
- if(!value || !data) return Qnil;
98
+ if(!value || !args.data) return Qnil;
47
99
 
48
100
  out = rb_str_new2(value);
49
101
 
50
- xfree(data);
102
+ free(args.data);
51
103
 
52
104
  return out;
53
105
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bcrypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.17
4
+ version: 3.1.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - Coda Hale
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-14 00:00:00.000000000 Z
11
+ date: 2022-05-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake-compiler
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.9.2
19
+ version: 1.2.0
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.9.2
26
+ version: 1.2.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -63,7 +63,6 @@ files:
63
63
  - Gemfile
64
64
  - README.md
65
65
  - Rakefile
66
- - appveyor.yml
67
66
  - bcrypt.gemspec
68
67
  - ext/jruby/bcrypt_jruby/BCrypt.java
69
68
  - ext/mri/bcrypt_ext.c
data/appveyor.yml DELETED
@@ -1,50 +0,0 @@
1
- version: "{branch}-{build}"
2
- build: off
3
- clone_depth: 1
4
-
5
- init:
6
- # Install Ruby head
7
- - if %RUBY_VERSION%==head (
8
- appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x86.exe -FileName C:\head_x86.exe &
9
- C:\head_x86.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
10
- )
11
- - if %RUBY_VERSION%==head-x64 (
12
- appveyor DownloadFile https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-head/rubyinstaller-head-x64.exe -FileName C:\head_x64.exe &
13
- C:\head_x64.exe /verysilent /dir=C:\Ruby%RUBY_VERSION%
14
- )
15
-
16
- # Add Ruby to the path
17
- - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
18
-
19
- environment:
20
- matrix:
21
- - RUBY_VERSION: "head"
22
- - RUBY_VERSION: "head-x64"
23
- - RUBY_VERSION: "25"
24
- - RUBY_VERSION: "25-x64"
25
- - RUBY_VERSION: "24"
26
- - RUBY_VERSION: "24-x64"
27
- - RUBY_VERSION: "23"
28
- - RUBY_VERSION: "23-x64"
29
- - RUBY_VERSION: "22"
30
- - RUBY_VERSION: "22-x64"
31
- - RUBY_VERSION: "21"
32
- - RUBY_VERSION: "21-x64"
33
- - RUBY_VERSION: "200"
34
- - RUBY_VERSION: "200-x64"
35
-
36
- install:
37
- - ps: "Set-Content -Value 'gem: --no-ri --no-rdoc ' -Path C:\\ProgramData\\gemrc"
38
- - if %RUBY_VERSION%==head ( gem install bundler -v'< 2' )
39
- - if %RUBY_VERSION%==head-x64 ( gem install bundler -v'< 2' )
40
- - bundle install
41
-
42
- before_build:
43
- - ruby -v
44
- - gem -v
45
-
46
- build_script:
47
- - bundle exec rake compile -rdevkit
48
-
49
- test_script:
50
- - bundle exec rake spec