[reSIProcate] Negative nonce value
Cullen Jennings
fluffy at cisco.com
Mon Apr 25 17:54:59 CDT 2005
Yah, I think we need to rethink how we generate the nonce - having them be
this predictable might have other issues too.
On 4/25/05 10:15 AM, "alt" <alt at kaluga.ru> wrote:
> Hi All
>
> During testing authentication I have found problem with ³nonce² value within
> challenge response returned by ServerAuthManager
>
> The problem is:
>
> We use next code to generate ³nonce²:
> ---8<-------------------------------------------------------------------------
> --------
> Helper::makeProxyChallenge(const SipMessage& request, const Data& realm, bool
> useAuth, bool stale)
> {
> Auth auth;
> auth.scheme() = "Digest";
> Data timestamp((int)(Timer::getTimeMs()/1000));
> auth.param(p_nonce) = makeNonce(request, timestamp);
> Š
> ---8<-------------------------------------------------------------------------
> --------
> because of timestamp is too big (in my case) when casted to int I get negative
> value.
> But later we check is the first char of ³nonce² digit.
>
> Using next code solves the problem:
> Data timestamp((unsigned int)(Timer::getTimeMs()/1000));
>
>
> But it¹s not only place when we use this construction (cast to int).
>
> Must we change the way how we generate ³now² nonce (in second) everywhere?
>
> Regards,
> Alex
>
>
>
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at list.sipfoundry.org
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20050425/ef939381/attachment.htm>
More information about the resiprocate-devel
mailing list