cupsHashData did not use the correct hashing algorithm (<rdar://problem/28209220>)

diff --git a/CHANGES.txt b/CHANGES.txt
index f1768a66235ccd17591adce484cb3197501992c8..5bd7ca31b2ff59589069d36c53c340b4b53f77a5 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,4 @@
-CHANGES.txt - 2.2.1 - 2016-09-20
+CHANGES.txt - 2.2.1 - 2016-09-22
 --------------------------------
 
 CHANGES IN CUPS V2.2.1
@@ -8,6 +8,8 @@ CHANGES IN CUPS V2.2.1
           self-signed X.509 certificates for TLS connections (Issue #4876)
         - http*Connect did not handle partial failures (Issue #4870)
         - Addressed some build warnings on Linux (Issue #4881)
+        - cupsHashData did not use the correct hashing algorithm
+          (<rdar://problem/28209220>)
         - Updated localizations (PR #4877)
 
 

diff --git a/cups/hash.c b/cups/hash.c
index 6b7b6dadfbcfa244571f85f1c7281d6d3df28ebb..d52807ef7341598a6380f89414e0ca23d5783dc3 100644 (file)
--- a/cups/hash.c
+++ b/cups/hash.c
@@ -1,7 +1,7 @@
 /*
  * Hashing function for CUPS.
  *
- * Copyright 2015 by Apple Inc.
+ * Copyright 2015-2016 by Apple Inc.
  *
  * These coded instructions, statements, and computer programs are the
  * property of Apple Inc. and are protected by Federal copyright
@@ -53,7 +53,7 @@ cupsHashData(const char    *algorithm,        /* I - Algorithm name */
   }
 
 #ifdef __APPLE__
-  if (strcmp(algorithm, "sha"))
+  if (!strcmp(algorithm, "sha"))
   {
    /*
     * SHA-1...
@@ -70,7 +70,7 @@ cupsHashData(const char    *algorithm,        /* I - Algorithm name */
 
     return (CC_SHA1_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-224"))
+  else if (!strcmp(algorithm, "sha2-224"))
   {
     CC_SHA256_CTX      ctx;            /* SHA-224 context */
 
@@ -83,7 +83,7 @@ cupsHashData(const char    *algorithm,        /* I - Algorithm name */
 
     return (CC_SHA224_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-256"))
+  else if (!strcmp(algorithm, "sha2-256"))
   {
     CC_SHA256_CTX      ctx;            /* SHA-256 context */
 
@@ -96,7 +96,7 @@ cupsHashData(const char    *algorithm,        /* I - Algorithm name */
 
     return (CC_SHA256_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-384"))
+  else if (!strcmp(algorithm, "sha2-384"))
   {
     CC_SHA512_CTX      ctx;            /* SHA-384 context */
 
@@ -109,7 +109,7 @@ cupsHashData(const char    *algorithm,      /* I - Algorithm name */
 
     return (CC_SHA384_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-512"))
+  else if (!strcmp(algorithm, "sha2-512"))
   {
     CC_SHA512_CTX      ctx;            /* SHA-512 context */
 
@@ -122,7 +122,7 @@ cupsHashData(const char    *algorithm,      /* I - Algorithm name */
 
     return (CC_SHA512_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-512_224"))
+  else if (!strcmp(algorithm, "sha2-512_224"))
   {
     CC_SHA512_CTX      ctx;            /* SHA-512 context */
     unsigned char      temp[CC_SHA512_DIGEST_LENGTH];
@@ -143,7 +143,7 @@ cupsHashData(const char    *algorithm,      /* I - Algorithm name */
 
     return (CC_SHA224_DIGEST_LENGTH);
   }
-  else if (strcmp(algorithm, "sha2-512_256"))
+  else if (!strcmp(algorithm, "sha2-512_256"))
   {
     CC_SHA512_CTX      ctx;            /* SHA-512 context */
     unsigned char      temp[CC_SHA512_DIGEST_LENGTH];
@@ -171,22 +171,22 @@ cupsHashData(const char    *algorithm,    /* I - Algorithm name */
   unsigned char        temp[64];               /* Temporary hash buffer */
   size_t       tempsize = 0;           /* Truncate to this size? */
 
-  if (strcmp(algorithm, "sha"))
+  if (!strcmp(algorithm, "sha"))
     alg = GNUTLS_DIG_SHA1;
-  else if (strcmp(algorithm, "sha2-224"))
+  else if (!strcmp(algorithm, "sha2-224"))
     alg = GNUTLS_DIG_SHA224;
-  else if (strcmp(algorithm, "sha2-256"))
+  else if (!strcmp(algorithm, "sha2-256"))
     alg = GNUTLS_DIG_SHA256;
-  else if (strcmp(algorithm, "sha2-384"))
+  else if (!strcmp(algorithm, "sha2-384"))
     alg = GNUTLS_DIG_SHA384;
-  else if (strcmp(algorithm, "sha2-512"))
+  else if (!strcmp(algorithm, "sha2-512"))
     alg = GNUTLS_DIG_SHA512;
-  else if (strcmp(algorithm, "sha2-512_224"))
+  else if (!strcmp(algorithm, "sha2-512_224"))
   {
     alg      = GNUTLS_DIG_SHA512;
     tempsize = 28;
   }
-  else if (strcmp(algorithm, "sha2-512_256"))
+  else if (!strcmp(algorithm, "sha2-512_256"))
   {
     alg      = GNUTLS_DIG_SHA512;
     tempsize = 32;