From 963078f6ac4555d04e8d8a5e5417772a033bcd2b Mon Sep 17 00:00:00 2001
From: Jakob Borg <jakob@nym.se>
Date: Fri, 23 May 2014 14:43:17 +0200
Subject: [PATCH] Don't reuse certificate serials

---
 cmd/syncthing/tls.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cmd/syncthing/tls.go b/cmd/syncthing/tls.go
index fc3cb535..148033d5 100644
--- a/cmd/syncthing/tls.go
+++ b/cmd/syncthing/tls.go
@@ -11,6 +11,7 @@ import (
 	"encoding/binary"
 	"encoding/pem"
 	"math/big"
+	mr "math/rand"
 	"os"
 	"path/filepath"
 	"strings"
@@ -50,7 +51,7 @@ func newCertificate(dir string, prefix string) {
 	notAfter := time.Date(2049, 12, 31, 23, 59, 59, 0, time.UTC)
 
 	template := x509.Certificate{
-		SerialNumber: new(big.Int).SetInt64(0),
+		SerialNumber: new(big.Int).SetInt64(mr.Int63()),
 		Subject: pkix.Name{
 			CommonName: tlsName,
 		},