diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-02 14:19:49 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-04 15:47:37 +0300 |
commit | 6224ac6264f0f582af7584696ae6081cfa84237a (patch) | |
tree | 3e8d0028c7e1ce0b1cf6fde549c6c1cac71b5d1d /src/microhttpd/digestauth.c | |
parent | 5658583a8811537a5a42d5c7a93d6b4d9c685327 (diff) | |
download | libmicrohttpd-6224ac6264f0f582af7584696ae6081cfa84237a.tar.gz libmicrohttpd-6224ac6264f0f582af7584696ae6081cfa84237a.zip |
digestauth: use mseconds for timestamp
The clash of nonces is lower with higher timestamp resolution
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 250276d1..33bec588 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -1018,13 +1018,13 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1018 | return MHD_NO; | 1018 | return MHD_NO; |
1019 | } | 1019 | } |
1020 | 1020 | ||
1021 | t = (uint64_t) MHD_monotonic_sec_counter (); | 1021 | t = MHD_monotonic_msec_counter (); |
1022 | /* | 1022 | /* |
1023 | * First level vetting for the nonce validity: if the timestamp | 1023 | * First level vetting for the nonce validity: if the timestamp |
1024 | * attached to the nonce exceeds `nonce_timeout', then the nonce is | 1024 | * attached to the nonce exceeds `nonce_timeout', then the nonce is |
1025 | * invalid. | 1025 | * invalid. |
1026 | */ | 1026 | */ |
1027 | if (TRIM_TO_TIMESTAMP (t - nonce_time) > nonce_timeout) | 1027 | if (TRIM_TO_TIMESTAMP (t - nonce_time) > (nonce_timeout * 1000)) |
1028 | { | 1028 | { |
1029 | /* too old */ | 1029 | /* too old */ |
1030 | return MHD_INVALID_NONCE; | 1030 | return MHD_INVALID_NONCE; |
@@ -1447,7 +1447,7 @@ MHD_queue_auth_fail_response2 (struct MHD_Connection *connection, | |||
1447 | 1447 | ||
1448 | VLA_CHECK_LEN_DIGEST (da.digest_size); | 1448 | VLA_CHECK_LEN_DIGEST (da.digest_size); |
1449 | /* Generating the server nonce */ | 1449 | /* Generating the server nonce */ |
1450 | calculate_nonce ((uint64_t) MHD_monotonic_sec_counter (), | 1450 | calculate_nonce (MHD_monotonic_msec_counter (), |
1451 | connection->method, | 1451 | connection->method, |
1452 | connection->daemon->digest_auth_random, | 1452 | connection->daemon->digest_auth_random, |
1453 | connection->daemon->digest_auth_rand_size, | 1453 | connection->daemon->digest_auth_rand_size, |