34  *   - The source of the secret should be run-time directive (with server
119     char               last_nonce[NONCE_LEN+1]; /* for one-time nonce's      */
163     apr_time_t    time;
169 /* client-list, opaque, and one-time-nonce stuff */
174 static apr_time_t     *otn_counter;     /* one-time-nonce counter */
228                  "%s - all nonce-count checking and one-time nonces "
310     /* setup one-time-nonce counter */
493        /* by the time they use it, the provider should be loaded and
554                            "Invalid time in AuthDigestNonceLifetime: ",
728  * one-time nonces anyway.
992  * update the nonce-count each time we receive an Authorization header no
1030 /* The hash part of the nonce is a SHA-1 hash of the time, realm, server host
1058 /* The nonce has the format b64(time)+hash .
1068         t.time = now;
1074         t.time = (*otn_counter)++;
1078         t.time = 42;
1395     resp->nonce_time = nonce_time.time;
1405     dt = r->request_time - nonce_time.time;
1409                       "time travel", resp->nonce);
1428                           "user %s: one-time-nonce mismatch - sending "

Indexes created Tue Jul 24 14:28:13 CEST 2018