fix cnonce generation to be really random and not too short.

1aacdc34 · Simon Morlat · 4215ac84 · 1aacdc34
Commit 1aacdc34 authored Jun 25, 2015 by Simon Morlat
--- a/src/auth_helper.c
+++ b/src/auth_helper.c
@@ -201,7 +201,9 @@ int belle_sip_auth_helper_fill_authorization(belle_sip_header_authorization_t* a
 	if (auth_mode) {
 		CHECK_IS_PRESENT(authorization,authorization,nonce_count)
 		if (!belle_sip_header_authorization_get_cnonce(authorization)) {
-			snprintf(cnonce,sizeof(cnonce),"%08x",(short)(long)authorization^0x5555555); /*spseudo randomly genrated cnonce*/
+			int cnonce_value=0;
+			belle_sip_random_bytes((unsigned char*)&cnonce_value, sizeof(cnonce_value));
+			snprintf(cnonce, sizeof(cnonce), "%08x", cnonce_value);
 			belle_sip_header_authorization_set_cnonce(authorization,cnonce);
 		}
 	}