1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Revert "ruby 1.9 friendly secure_compare" because it breaks CI and Sam Ruby's suite

This reverts commit 5de75398c4.
This commit is contained in:
Yehuda Katz 2009-09-12 14:35:03 -05:00
parent 7152a4e9a6
commit a8a336cbfc

View file

@ -38,21 +38,24 @@ module ActiveSupport
end
private
if "foo".respond_to?(:bytesize)
if "foo".respond_to?(:force_encoding)
# constant-time comparison algorithm to prevent timing attacks
# > 1.8.6 friendly version
def secure_compare(a, b)
if a.bytesize == b.bytesize
a = a.force_encoding(Encoding::BINARY)
b = b.force_encoding(Encoding::BINARY)
if a.length == b.length
result = 0
j = b.each_byte
a.each_byte { |i| result |= i ^ j.next }
for i in 0..(a.length - 1)
result |= a[i].ord ^ b[i].ord
end
result == 0
else
false
end
end
else
# For <= 1.8.6
# For 1.8
def secure_compare(a, b)
if a.length == b.length
result = 0