diff options
| author |   deraadt <deraadt@openbsd.org> | 2014-07-17 23:12:28 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2014-07-17 23:12:28 +0000 |
| commit | 659ea642727a3b08e65eb38c1b2b3ca3eb4f0aca (patch) | |
| tree | b3ec76a3bb27b82262cd2e9f3603628e006046e7 /lib/libc/stdlib | |
| parent | files-to-dump can be a duid; (diff) | |
| download | wireguard-openbsd-659ea642727a3b08e65eb38c1b2b3ca3eb4f0aca.tar.xz wireguard-openbsd-659ea642727a3b08e65eb38c1b2b3ca3eb4f0aca.zip | |
it is 2014, and we still need to encourage people away from srand()
and random(). Sigh.
Diffstat (limited to 'lib/libc/stdlib')
| -rw-r--r-- | lib/libc/stdlib/rand.3 | 9 | ||||
| -rw-r--r-- | lib/libc/stdlib/random.3 | 10 |
2 files changed, 14 insertions, 5 deletions
diff --git a/lib/libc/stdlib/rand.3 b/lib/libc/stdlib/rand.3 index 75395976f8f..be5481bb931 100644 --- a/lib/libc/stdlib/rand.3 +++ b/lib/libc/stdlib/rand.3 @@ -29,9 +29,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: rand.3,v 1.15 2014/04/07 17:57:56 schwarze Exp $ +.\" $OpenBSD: rand.3,v 1.16 2014/07/17 23:12:28 deraadt Exp $ .\" -.Dd $Mdocdate: April 7 2014 $ +.Dd $Mdocdate: July 17 2014 $ .Dt RAND 3 .Os .Sh NAME @@ -50,7 +50,10 @@ .Sh DESCRIPTION .Bf -symbolic These interfaces are obsoleted by -.Xr random 3 . +.Xr random 3 , +which is also unsafe. +Consider using +.Xr arc4random 3 . .Ef .Pp The diff --git a/lib/libc/stdlib/random.3 b/lib/libc/stdlib/random.3 index 2bac41796ed..1223745cb47 100644 --- a/lib/libc/stdlib/random.3 +++ b/lib/libc/stdlib/random.3 @@ -25,9 +25,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: random.3,v 1.23 2014/07/13 14:25:00 tedu Exp $ +.\" $OpenBSD: random.3,v 1.24 2014/07/17 23:12:28 deraadt Exp $ .\" -.Dd $Mdocdate: July 13 2014 $ +.Dd $Mdocdate: July 17 2014 $ .Dt RANDOM 3 .Os .Sh NAME @@ -50,6 +50,12 @@ .Ft char * .Fn setstate "char *state" .Sh DESCRIPTION +.Bf -symbolic +This interface is not cryptographically secure, so consider using +.Xr arc4random 3 +instead. +.Ef +.Pp The .Fn random function uses a non-linear additive feedback random number generator employing |