diff options
author | Leah Neukirchen <leah@vuxu.org> | 2018-12-25 19:31:34 +0100 |
---|---|---|
committer | Leah Neukirchen <leah@vuxu.org> | 2018-12-25 19:31:34 +0100 |
commit | 5280abfa10d04fc294778f85335dcb72498481d7 (patch) | |
tree | e91aa92ef1f22136829fbaecce262cd295df59e8 | |
parent | 3cc19448774c4028179df34f26c1be258e57e10b (diff) | |
download | mblaze-5280abfa10d04fc294778f85335dcb72498481d7.tar.gz mblaze-5280abfa10d04fc294778f85335dcb72498481d7.tar.xz mblaze-5280abfa10d04fc294778f85335dcb72498481d7.zip |
mgenmid: do not use raw timestamp
We one-time-pad the timestamp with a random key instead. This will provide enough entropy to be unique, but not leak the system date. Even with a bad RNG state it should guarantee uniqueness, however.
-rw-r--r-- | man/mgenmid.1 | 4 | ||||
-rw-r--r-- | mgenmid.c | 21 |
2 files changed, 15 insertions, 10 deletions
diff --git a/man/mgenmid.1 b/man/mgenmid.1 index b63b5db..ad1abc2 100644 --- a/man/mgenmid.1 +++ b/man/mgenmid.1 @@ -1,4 +1,4 @@ -.Dd August 1, 2016 +.Dd December 25, 2018 .Dt MGENMID 1 .Os .Sh NAME @@ -9,7 +9,7 @@ .Sh DESCRIPTION .Nm generates and prints a unique Message-ID. -The Message-ID consists of an encoded timestamp, +The Message-ID consists of an encrypted timestamp, a random value, and a fully qualified domain name. .Pp diff --git a/mgenmid.c b/mgenmid.c index 497cbc4..c7d713c 100644 --- a/mgenmid.c +++ b/mgenmid.c @@ -85,30 +85,35 @@ int main() struct timeval tp; gettimeofday(&tp, (struct timezone *)0); - uint64_t rnd; + uint64_t rnd1, rnd2; int rndfd = open("/dev/urandom", O_RDONLY); if (rndfd >= 0) { - unsigned char rndb[8]; + unsigned char rndb[16]; if (read(rndfd, rndb, sizeof rndb) != sizeof rndb) goto fallback; close(rndfd); int i; - for (i = 0, rnd = 0; i < 8; i++) - rnd = rnd*256 + rndb[i]; + for (i = 0, rnd1 = 0; i < 8; i++) + rnd1 = rnd1*256 + rndb[i]; + for (i = 0, rnd2 = 0; i < 8; i++) + rnd2 = rnd2*256 + rndb[i+8]; } else { fallback: srand48(tp.tv_sec ^ tp.tv_usec ^ getpid()); - rnd = ((uint64_t)lrand48() << 32) + lrand48(); + rnd1 = ((uint64_t)lrand48() << 32) + lrand48(); + rnd2 = ((uint64_t)lrand48() << 32) + lrand48(); } - rnd |= (1ULL << 63); // set highest bit to force full width + rnd1 ^= ((uint64_t)tp.tv_sec * 1000000LL + tp.tv_usec); + rnd1 |= (1ULL << 63); // set highest bit to force full width + rnd2 |= (1ULL << 63); // set highest bit to force full width putchar('<'); - printb36(((uint64_t)tp.tv_sec * 1000000LL + tp.tv_usec)); + printb36(rnd1); putchar('.'); - printb36(rnd); + printb36(rnd2); putchar('@'); fputs(host, stdout); putchar('>'); |