Change rand(), random(), drand48(), lrand48(), mrand48(), and srand48()

to returning strong random by default, source from arc4random(3).
Parameters to the seeding functions are ignored, and the subsystems remain
in strong random mode.  If you wish the standardized deterministic mode,
call srand_deterministic(), srandom_determistic(), srand48_deterministic(),
seed48_deterministic() or lcong48_deterministic() instead.
The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are
unaffected by this change and remain in deterministic mode (for now).

Verified as a good roadmap forward by auditing 8800 pieces of software.
Roughly 60 pieces of software will need adaptation to request the
deterministic mode.

Violates POSIX and C89, which violate best practice in this century.
ok guenther tedu millert

1 files changed, 10 insertions, 5 deletions

diff --git a/lib/libc/stdlib/rand.c b/lib/libc/stdlib/rand.c
index 6860dd4f712..618559fd9ce 100644
--- a/lib/libc/stdlib/rand.c
+++ b/lib/libc/stdlib/rand.c
@@ -30,6 +30,7 @@
 #include <sys/types.h>
 #include <stdlib.h>
 
+static int rand_deterministic;
 static u_int next = 1;
 
 int
@@ -47,6 +48,8 @@ __warn_references(rand_r,
 int
 rand(void)
 {
+	if (rand_deterministic)
+		return (arc4random() % ((u_int)RAND_MAX + 1));
 	return (rand_r(&next));
 }
 
@@ -58,10 +61,12 @@ __warn_references(rand,
 void
 srand(u_int seed)
 {
-	next = seed;
+	rand_deterministic = 0;
 }
 
-#if defined(APIWARN)
-__warn_references(srand,
-    "warning: srand() seed choices are invariably poor");
-#endif
+void
+srand_deterministic(u_int seed)
+{
+	rand_deterministic = 1;
+	next = seed;
+}