diff options
author | Daniel Stenberg <daniel@haxx.se> | 2013-06-25 11:28:22 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2013-06-25 11:28:22 +0200 |
commit | 98b0d66eb48c88191a8908627f722a464b7c4199 (patch) | |
tree | 4235bfaed079184c3bbe6c896531288385d791b5 /lib/http_digest.c | |
parent | 9c2853f2aecb53c05f9b78a223c3cbfac84327c7 (diff) | |
download | curl-98b0d66eb48c88191a8908627f722a464b7c4199.tar.gz |
digest: improve nonce generation
Use the new improved Curl_rand() to generate better random nonce for
Digest auth.
Diffstat (limited to 'lib/http_digest.c')
-rw-r--r-- | lib/http_digest.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/lib/http_digest.c b/lib/http_digest.c index 5459924df..50ccc05ad 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -33,6 +33,7 @@ #include "strtok.h" #include "url.h" /* for Curl_safefree() */ #include "curl_memory.h" +#include "sslgen.h" /* for Curl_rand() */ #include "non-ascii.h" /* included for Curl_convert_... prototypes */ #include "warnless.h" @@ -316,8 +317,6 @@ CURLcode Curl_output_digest(struct connectdata *conn, char *cnonce = NULL; size_t cnonce_sz = 0; char *tmp = NULL; - struct timeval now; - char **allocuserpwd; size_t userlen; const char *userp; @@ -376,10 +375,8 @@ CURLcode Curl_output_digest(struct connectdata *conn, d->nc = 1; if(!d->cnonce) { - /* Generate a cnonce */ - now = Curl_tvnow(); - snprintf(cnoncebuf, sizeof(cnoncebuf), "%32ld", - (long)now.tv_sec + now.tv_usec); + snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x", + Curl_rand(data), Curl_rand(data)); rc = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf), &cnonce, &cnonce_sz); |