bcrypt 3.1.18-java → 3.1.19-java

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f35948f2d6985ec5e338d0dd89e2481e0c2e91df63a9623b02bad157c1da0967
4
- data.tar.gz: c9cdd80dbf146b2497091bc2e09b613fea5784eacf7e570bcebb7e4a0c3b175c
3
+ metadata.gz: 636cc94d86701d3d34c7ba884587e9ff5429d78eb055f15d88104c3b2f006e9a
4
+ data.tar.gz: 9f67d235f53ea00410bcc0abfec5cb42a6bd22e7c52ae43923e161828d18e43c
5
5
  SHA512:
6
- metadata.gz: 3c5d43f9ff8813d14f866a5a87354b0f3152dff9c2b75ab08a7b70e0e84e8f71d2582b36cbdb71b3d45f68fa1a3cd38f30de75db812c5bc23ff613918070a09a
7
- data.tar.gz: 8ec660bd584fc110d347dbd5a4d1d0c1cf75e36e7ac9f455a7ed86c100c8111c3f62ef3b4ae5aa15275d30d034d1289756eb1104ed55ad4ff8656c21836cdab6
6
+ metadata.gz: 4d78ea03482ec52e987617f94a0b5a9108369585961e29746ab8ed65f035b1b40eca0e14137c10dd0a49072312c945e4ecbd91327e21c573d7b7dcd3428e83cf
7
+ data.tar.gz: f46639b8366442dfbe2ea6db81f56784f4b99443b790392d3e41bd4c6a06f8e16ab26f94fcc9bdca584eee80a1461fcc632eb4ab979a37378808c99a3ce13b47
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ 3.1.19 June 22 2023
2
+ - Deprecate passing the third argument to `BCrypt::Engine.hash_secret` [GH #207 by @sergey-alekseev]
3
+ - Add GC guards so the C compiler won't optimize out references [GH #270]
4
+
1
5
  3.1.18 May 16 2022
2
6
  - Unlock GVL when calculating hashes and salts [GH #260]
3
7
  - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]
data/Rakefile CHANGED
@@ -50,8 +50,8 @@ end
50
50
  if RUBY_PLATFORM =~ /java/
51
51
  Rake::JavaExtensionTask.new('bcrypt_ext', GEMSPEC) do |ext|
52
52
  ext.ext_dir = 'ext/jruby'
53
- ext.source_version = "1.7"
54
- ext.target_version = "1.7"
53
+ ext.source_version = "1.8"
54
+ ext.target_version = "1.8"
55
55
  end
56
56
  else
57
57
  Rake::ExtensionTask.new("bcrypt_ext", GEMSPEC) do |ext|
data/bcrypt.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'bcrypt'
3
- s.version = '3.1.18'
3
+ s.version = '3.1.19'
4
4
 
5
5
  s.summary = "OpenBSD's bcrypt() password hashing algorithm."
6
6
  s.description = <<-EOF
data/ext/mri/bcrypt_ext.c CHANGED
@@ -49,6 +49,9 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
49
49
  if(!salt) return Qnil;
50
50
 
51
51
  str_salt = rb_str_new2(salt);
52
+
53
+ RB_GC_GUARD(prefix);
54
+ RB_GC_GUARD(input);
52
55
  free(salt);
53
56
 
54
57
  return str_salt;
@@ -99,6 +102,8 @@ static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
99
102
 
100
103
  out = rb_str_new2(value);
101
104
 
105
+ RB_GC_GUARD(key);
106
+ RB_GC_GUARD(setting);
102
107
  free(args.data);
103
108
 
104
109
  return out;
data/lib/bcrypt/engine.rb CHANGED
@@ -53,6 +53,13 @@ module BCrypt
53
53
  # Given a secret and a valid salt (see BCrypt::Engine.generate_salt) calculates
54
54
  # a bcrypt() password hash. Secrets longer than 72 bytes are truncated.
55
55
  def self.hash_secret(secret, salt, _ = nil)
56
+ unless _.nil?
57
+ warn "[DEPRECATION] Passing the third argument to " \
58
+ "`BCrypt::Engine.hash_secret` is deprecated. " \
59
+ "Please do not pass the third argument which " \
60
+ "is currently not used."
61
+ end
62
+
56
63
  if valid_secret?(secret)
57
64
  if valid_salt?(salt)
58
65
  if RUBY_PLATFORM == "java"
data/lib/bcrypt_ext.jar CHANGED
Binary file
@@ -31,6 +31,12 @@ describe "Creating a hashed password" do
31
31
  specify "should tolerate very long string secrets" do
32
32
  expect { BCrypt::Password.create("abcd"*1024) }.not_to raise_error
33
33
  end
34
+
35
+ specify "blows up when null bytes are in the string" do
36
+ # JRuby can handle the null bytes
37
+ skip if RUBY_ENGINE == 'jruby'
38
+ expect { BCrypt::Password.create( "foo\0bar".chop ) }.to raise_error
39
+ end
34
40
  end
35
41
 
36
42
  describe "Reading a hashed password" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bcrypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.18
4
+ version: 3.1.19
5
5
  platform: java
6
6
  authors:
7
7
  - Coda Hale
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-16 00:00:00.000000000 Z
11
+ date: 2023-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement