OF-3257/OF-3258: Improve one-time initialization of SERVER_SECRET_NONEXISTENT_USERS
The previous method for one-time initialization of the SERVER_SECRET_NONEXISTENT_USERS property (which depended on a static initializer block) proved to be fragile.
In this commit, initialization happens in a getter that should be used instead of directly accessing the property.
OF-3257: Use constant-time comparison for channel binding data in SCRAM-SHA-1(-PLUS) SASL server
Previously, the comparison of the expected and received channel binding payloads in ScramSha1SaslServer used Arrays.equals, which is not guaranteed to operate in constant time. This could potentially leak information about the channel binding data through timing side-channels.
This change replaces Arrays.equals with MessageDigest.isEqual, ensuring that the comparison is performed in constant time. This strengthens the implementation against timing attacks, aligns with secure coding best practices, and provides defense-in-depth for sensitive authentication operations.
