- Security hardening fixes (<rdar://problem/23131948>,
<rdar://problem/23132108>, <rdar://problem/23132353>,
<rdar://problem/23132803>, <rdar://problem/23133230>,
- <rdar://problem/23133393>, <rdar://problem/23133466>)
+ <rdar://problem/23133393>, <rdar://problem/23133466>,
+ <rdar://problem/23133833>)
- The cupsGetPPD* functions did not work with IPP printers (STR #4725)
- Some older HP LaserJet printers need a delayed close when printing
using the libusb-based USB backend (STR #4549)
*
* Authentication certificate routines for the CUPS scheduler.
*
- * Copyright 2007-2014 by Apple Inc.
+ * Copyright 2007-2015 by Apple Inc.
* Copyright 1997-2006 by Easy Software Products.
*
* These coded instructions, statements, and computer programs are the
#endif /* HAVE_ACL_INIT */
+/*
+ * Local functions...
+ */
+
+static int ctcompare(const char *a, const char *b);
+
+
/*
* 'cupsdAddCert()' - Add a certificate.
*/
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindCert(certificate=%s)",
certificate);
for (cert = Certs; cert != NULL; cert = cert->next)
- if (!_cups_strcasecmp(certificate, cert->certificate))
+ if (!ctcompare(certificate, cert->certificate))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindCert: Returning %s...",
cert->username);
}
+/*
+ * 'ctcompare()' - Compare two strings in constant time.
+ */
+
+static int /* O - 0 on match, non-zero on non-match */
+ctcompare(const char *a, /* I - First string */
+ const char *b) /* I - Second string */
+{
+ int result = 0; /* Result */
+
+
+ while (*a && *b)
+ result |= *a ^ *b;
+
+ return (result);
+}
+
+
/*
* End of "$Id$".
*/