From 5280abfa10d04fc294778f85335dcb72498481d7 Mon Sep 17 00:00:00 2001 From: Leah Neukirchen Date: Tue, 25 Dec 2018 19:31:34 +0100 Subject: [PATCH] mgenmid: do not use raw timestamp We one-time-pad the timestamp with a random key instead. This will provide enough entropy to be unique, but not leak the system date. Even with a bad RNG state it should guarantee uniqueness, however. --- man/mgenmid.1 | 4 ++-- mgenmid.c | 21 +++++++++++++-------- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/man/mgenmid.1 b/man/mgenmid.1 index b63b5db..ad1abc2 100644 --- a/man/mgenmid.1 +++ b/man/mgenmid.1 @@ -1,4 +1,4 @@ -.Dd August 1, 2016 +.Dd December 25, 2018 .Dt MGENMID 1 .Os .Sh NAME @@ -9,7 +9,7 @@ .Sh DESCRIPTION .Nm generates and prints a unique Message-ID. -The Message-ID consists of an encoded timestamp, +The Message-ID consists of an encrypted timestamp, a random value, and a fully qualified domain name. .Pp diff --git a/mgenmid.c b/mgenmid.c index 497cbc4..c7d713c 100644 --- a/mgenmid.c +++ b/mgenmid.c @@ -85,30 +85,35 @@ int main() struct timeval tp; gettimeofday(&tp, (struct timezone *)0); - uint64_t rnd; + uint64_t rnd1, rnd2; int rndfd = open("/dev/urandom", O_RDONLY); if (rndfd >= 0) { - unsigned char rndb[8]; + unsigned char rndb[16]; if (read(rndfd, rndb, sizeof rndb) != sizeof rndb) goto fallback; close(rndfd); int i; - for (i = 0, rnd = 0; i < 8; i++) - rnd = rnd*256 + rndb[i]; + for (i = 0, rnd1 = 0; i < 8; i++) + rnd1 = rnd1*256 + rndb[i]; + for (i = 0, rnd2 = 0; i < 8; i++) + rnd2 = rnd2*256 + rndb[i+8]; } else { fallback: srand48(tp.tv_sec ^ tp.tv_usec ^ getpid()); - rnd = ((uint64_t)lrand48() << 32) + lrand48(); + rnd1 = ((uint64_t)lrand48() << 32) + lrand48(); + rnd2 = ((uint64_t)lrand48() << 32) + lrand48(); } - rnd |= (1ULL << 63); // set highest bit to force full width + rnd1 ^= ((uint64_t)tp.tv_sec * 1000000LL + tp.tv_usec); + rnd1 |= (1ULL << 63); // set highest bit to force full width + rnd2 |= (1ULL << 63); // set highest bit to force full width putchar('<'); - printb36(((uint64_t)tp.tv_sec * 1000000LL + tp.tv_usec)); + printb36(rnd1); putchar('.'); - printb36(rnd); + printb36(rnd2); putchar('@'); fputs(host, stdout); putchar('>');