iliaa Thu May 10 21:05:14 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/soap php_http.c
Log:
Fixed random number generation for http auth mechanism in SOAP
# Identified by Stefan Esser
http://cvs.php.net/viewvc.cgi/php-src/ext/soap/php_http.c?r1=1.77.2.11.2.8&r2=1.77.2.11.2.9&diff_format=u
Index: php-src/ext/soap/php_http.c
diff -u php-src/ext/soap/php_http.c:1.77.2.11.2.8
php-src/ext/soap/php_http.c:1.77.2.11.2.9
--- php-src/ext/soap/php_http.c:1.77.2.11.2.8 Sat Feb 24 02:17:26 2007
+++ php-src/ext/soap/php_http.c Thu May 10 21:05:14 2007
@@ -17,11 +17,12 @@
| Dmitry Stogov <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: php_http.c,v 1.77.2.11.2.8 2007/02/24 02:17:26 helly Exp $ */
+/* $Id: php_http.c,v 1.77.2.11.2.9 2007/05/10 21:05:14 iliaa Exp $ */
#include "php_soap.h"
#include "ext/standard/base64.h"
#include "ext/standard/md5.h"
+#include "ext/standard/php_rand.h"
static char *get_http_header_value(char *headers, char *type);
static int get_http_body(php_stream *socketd, int close, char *headers, char
**response, int *out_size TSRMLS_DC);
@@ -469,10 +470,9 @@
char HA1[33], HA2[33],
response[33], cnonce[33], nc[9];
PHP_MD5_CTX md5ctx;
unsigned char hash[16];
- unsigned int ctx;
PHP_MD5Init(&md5ctx);
- snprintf(cnonce, sizeof(cnonce), "%d",
php_rand_r(&ctx));
+ snprintf(cnonce, sizeof(cnonce), "%d",
php_rand(TSRMLS_C));
PHP_MD5Update(&md5ctx, (unsigned
char*)cnonce, strlen(cnonce));
PHP_MD5Final(hash, &md5ctx);
make_digest(cnonce, hash);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
