From d689376cb0916cc9517c84f349eb321d424981e8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 25 Jun 2013 11:37:27 +0200 Subject: digest: append the timer to the random for the nonce --- lib/http_digest.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/http_digest.c b/lib/http_digest.c index 50ccc05ad..bc8e23d43 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -375,8 +375,11 @@ CURLcode Curl_output_digest(struct connectdata *conn, d->nc = 1; if(!d->cnonce) { - snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x", - Curl_rand(data), Curl_rand(data)); + struct timeval now = Curl_tvnow(); + snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x", + Curl_rand(data), Curl_rand(data), + (unsigned int)now.tv_sec, + (unsigned int)now.tv_usec); rc = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf), &cnonce, &cnonce_sz); -- cgit v1.2.3