]> git.ipfire.org Git - thirdparty/curl.git/commitdiff
projects / thirdparty / curl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 509f50e)
digest: produce a shorter cnonce in Digest headers
authorDaniel Stenberg <daniel@haxx.se>
Tue, 3 Dec 2024 06:52:48 +0000 (07:52 +0100)
committerDaniel Stenberg <daniel@haxx.se>
Wed, 4 Dec 2024 14:34:25 +0000 (15:34 +0100)
Other programs (Postman, Chrome, Python request) use a 16 byte cnonce
and there are instances of server-side implementations that don't
support the larger lengths curl used previously.

Fixes #15653
Reported-by: Florian Eckert
Closes #15670

lib/vauth/digest.c patch | blob | blame | history

diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 0cc3da898f1a10794b303b46a7c61e21e1100003..0acfcace1d13abc343cba03ca42add1066f64f85 100644 (file)
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -709,13 +709,17 @@ static CURLcode auth_create_digest_http_message(
     digest->nc = 1;
 
   if(!digest->cnonce) {
-    char cnoncebuf[33];
-    result = Curl_rand_hex(data, (unsigned char *)cnoncebuf,
-                           sizeof(cnoncebuf));
+    char cnoncebuf[12];
+    result = Curl_rand_bytes(data,
+#ifdef DEBUGBUILD
+                             TRUE,
+#endif
+                             (unsigned char *)cnoncebuf,
+                             sizeof(cnoncebuf));
     if(result)
       return result;
 
-    result = Curl_base64_encode(cnoncebuf, strlen(cnoncebuf),
+    result = Curl_base64_encode(cnoncebuf, sizeof(cnoncebuf),
                                 &cnonce, &cnonce_sz);
     if(result)
       return result;
Mirror of https://github.com/curl/curl.git