Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nonce creation intransparent #72

Open
dodinh opened this issue Sep 18, 2018 · 2 comments
Open

Nonce creation intransparent #72

dodinh opened this issue Sep 18, 2018 · 2 comments

Comments

@dodinh
Copy link
Contributor

dodinh commented Sep 18, 2018

This is just a question about the nonce:

dhconvalidator/src/main/java/org/adho/dhconvalidator/conftool/ConfToolClient.java

Lines 147 to 150 in 13ed23b

private String getNonce() {
Date date = new Date(new Date().getTime() * 60);
return String.valueOf(date.getTime());
}

Is there a reason the current timestamp is multiplied by 60? This interferes with the example bash scripts at [1] (and other example scripts on the conftool forums, which by default just use the timestamp) - which is no problem if one knows about it, but can be otherwise quite a pain to find.

[1] https://www.conftool.net/ctforum/index.php/topic,281.0.html
@mpetris
Copy link
Contributor

mpetris commented Sep 18, 2018

Hi @dodinh,
I think the reason was that due to a misconfigured time setting on the development server the simple timestamp based nonce was invalid for a while and ConfTool complained. I don't recall the exact problem but I'm pretty sure I left the multiplication in the code accidentally and it could be removed.

@dodinh
Copy link
Contributor Author

dodinh commented Sep 28, 2018

Ah, makes sense, thanks for the insight!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mpetris @dodinh