Skip to content

Commit

Permalink
Use crypto/rand for random id generation.
Browse files Browse the repository at this point in the history 
Fixes miekg#1043 and miekg#1037
  • Loading branch information
@jsha
jsha committed Dec 5, 2019
1 parent 9b7437f commit 400b5e3
Showing 1 changed file with 13 additions and 40 deletions.
53 changes: 13 additions & 40 deletions msg.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,9 @@ import (
"encoding/binary"
"fmt"
"math/big"
"math/rand"
mrand "math/rand"
"strconv"
"strings"
"sync"
)

const (
Expand Down Expand Up @@ -74,52 +73,26 @@ var (
)

// Id by default, returns a 16 bits random number to be used as a
// message id. The random provided should be good enough. This being a
// variable the function can be reassigned to a custom function.
// For instance, to make it return a static value:
// message id. This being a variable the function can be reassigned
// to a custom function. For instance, to make it return a static value:
//
// dns.Id = func() uint16 { return 3 }
//
// Randomness comes from crypto/rand. In the rare case that there is an error
// getting bytes from that source, this function will silently fall back to
// the predictable math/rand. If your program has more stringent requirements,
// you should override Id to do something different (e.g., terminate).
var Id = id

var (
idLock sync.Mutex
idRand *rand.Rand
)

// id returns a 16 bits random number to be used as a
// message id. The random provided should be good enough.
func id() uint16 {
idLock.Lock()

if idRand == nil {
// This (partially) works around
// https://github.com/golang/go/issues/11833 by only
// seeding idRand upon the first call to id.

var seed int64
var buf [8]byte

if _, err := crand.Read(buf[:]); err == nil {
seed = int64(binary.LittleEndian.Uint64(buf[:]))
} else {
seed = rand.Int63()
}

idRand = rand.New(rand.NewSource(seed))
var v uint16
err := binary.Read(crand.Reader, binary.BigEndian, &v)
if err != nil {
v = uint16(mrand.Uint32())
}

// The call to idRand.Uint32 must be within the
// mutex lock because *rand.Rand is not safe for
// concurrent use.
//
// There is no added performance overhead to calling
// idRand.Uint32 inside a mutex lock over just
// calling rand.Uint32 as the global math/rand rng
// is internally protected by a sync.Mutex.
id := uint16(idRand.Uint32())

idLock.Unlock()
return id
return v
}

// MsgHdr is a a manually-unpacked version of (id, bits).
Expand Down

0 comments on commit 400b5e3

Please sign in to comment.