diff --git a/msg.go b/msg.go index b3a68f1bf..480d1d53c 100644 --- a/msg.go +++ b/msg.go @@ -14,15 +14,15 @@ package dns import ( + "crypto/rand" "encoding/base32" "encoding/base64" "encoding/hex" "fmt" - "math/rand" + "math/big" "net" "reflect" "strconv" - "time" ) const maxCompressionOffset = 2 << 13 // We have 14 bits for the compression pointer @@ -49,6 +49,8 @@ var ( ErrAuth error = &Error{err: "bad authentication"} ErrSoa error = &Error{err: "no SOA"} ErrRRset error = &Error{err: "bad rrset"} + + maxId = big.NewInt(0xFFFF) ) // A manually-unpacked version of (id, bits). @@ -1453,8 +1455,12 @@ func compressionHelper(c map[string]int, s string) { } } -// Id return a 16 bits random number to be used as a -// message id. The random provided should be good enough. +// Id return a 16 bits true random number to be used as a +// message id. func Id() uint16 { - return uint16(rand.Int()) ^ uint16(time.Now().Nanosecond()) + id, err := rand.Int(rand.Reader, maxId) + if err != nil { + panic(fmt.Sprintf("Cannot generate random id: %s", err)) + } + return uint16(id.Uint64()) }