result = 31 * result + peerCertificates.hashCode()
    result = 31 * result + localCertificates.hashCode()
    return result
  }

  override fun toString(): String {
    val peerCertificatesString = peerCertificates.map { it.name }.toString()
    return "Handshake{" +
      "tlsVersion=$tlsVersion " +
      "cipherSuite=$cipherSuite " +
      "peerCertificates=$peerCertificatesString " +

    @Override
    public boolean hasNext() {
      return !nextElements.isEmpty();
    }

    @Override
    public boolean hasPrevious() {
      return !previousElements.isEmpty();
    }

    @Override
    public E next() {
      return transferElement(nextElements, previousElements);
    }

    @Override
    public int nextIndex() {
      return previousElements.size();
    }

    @Override

    /**
     * Gets the specified data from the cache. <strong>Warning:</strong> The cache will directly return the saved
     * reference. If the cached data is to be modified after its retrieval, the caller is responsible to create a copy
     * of the returned data and use this instead of the cache record.
     *
     * @param request The repository request from which this cache was retrieved, must not be {@code null}.

	if !ok {
		return nil, nil, fmt.Errorf("response writer does not support hijacking. Type is %T", lrw.ResponseWriter)
	}
	return hj.Hijack()
}

// TTFB of the request - this function needs to be called
// when the request is finished to provide accurate data
func (lrw *ResponseRecorder) TTFB() time.Duration {
	if lrw.ttfbBody != 0 {
		return lrw.ttfbBody
	}
	return lrw.ttfbHeader
}

			})
			if zerr != nil {
				adminLogIf(ctx, zerr)
				return nil
			}
			header.Method = zip.Deflate
			zwriter, zerr := zipWriter.CreateHeader(header)
			if zerr != nil {
				adminLogIf(ctx, zerr)
				return nil
			}
			if _, err := io.Copy(zwriter, r); err != nil {
				adminLogIf(ctx, err)
			}
			return nil
		}
		for _, f := range iamExportFiles {

That way, using `secrets.compare_digest()` in your application code, it will be safe against this whole range of security attacks.

### Return the error { #return-the-error }

After detecting that the credentials are incorrect, return an `HTTPException` with a status code 401 (the same returned when no credentials are provided) and add the header `WWW-Authenticate` to make the browser show the login prompt again:

	}
	defer r.Close()
	b.ReportAllocs()

	b.SetBytes(int64(len(f)))
	var record sql.Record
	for b.Loop() {
		r, err = NewReader(io.NopCloser(bytes.NewBuffer(f)), &args)
		if err != nil {
			b.Fatalf("Reading init failed with %s", err)
		}
		for err == nil {
			record, err = r.Read(record)
			if err != nil && err != io.EOF {
				b.Fatalf("Reading failed with %s", err)
			}
		}

	select {
	case <-h.ctx.Done():
		return true
	default:
		return false
	}
}

// check if the heal sequence has ended
func (h *healSequence) hasEnded() bool {
	h.mutex.RLock()
	defer h.mutex.RUnlock()
	// background heal never ends
	if h.clientToken == bgHealingUUID {
		return false
	}
	return !h.endTime.IsZero()
}

func errOverMaxColumn(err error) *s3Error {
	return &s3Error{
		code:       "OverMaxColumn",
		message:    "The number of columns in the result is greater than the maximum allowable number of columns.",
		statusCode: 400,
		cause:      err,
	}
}

func errOverMaxRecordSize(err error) *s3Error {
	return &s3Error{
		code:       "OverMaxRecordSize",

        // Then
        assertNotNull(nonce1, "First secure nonce should not be null");
        assertNotNull(nonce2, "Second secure nonce should not be null");
        assertFalse(Arrays.equals(nonce1, nonce2), "Secure nonces should be different");
        assertTrue(nonce1.length > 0, "Secure nonce should have proper length");
    }

    @Test
    @DisplayName("Should handle concurrent secure nonce generation safely")