From f7510a6ece7d11f60752a2ac701b127e460d8361 Mon Sep 17 00:00:00 2001 From: deraadt Date: Mon, 8 Dec 2014 21:45:19 +0000 Subject: Change rand(), random(), drand48(), lrand48(), mrand48(), and srand48() to returning strong random by default, source from arc4random(3). Parameters to the seeding functions are ignored, and the subsystems remain in strong random mode. If you wish the standardized deterministic mode, call srand_deterministic(), srandom_determistic(), srand48_deterministic(), seed48_deterministic() or lcong48_deterministic() instead. The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are unaffected by this change and remain in deterministic mode (for now). Verified as a good roadmap forward by auditing 8800 pieces of software. Roughly 60 pieces of software will need adaptation to request the deterministic mode. Violates POSIX and C89, which violate best practice in this century. ok guenther tedu millert --- lib/libc/stdlib/rand.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'lib/libc/stdlib/rand.c') diff --git a/lib/libc/stdlib/rand.c b/lib/libc/stdlib/rand.c index 6860dd4f712..618559fd9ce 100644 --- a/lib/libc/stdlib/rand.c +++ b/lib/libc/stdlib/rand.c @@ -30,6 +30,7 @@ #include #include +static int rand_deterministic; static u_int next = 1; int @@ -47,6 +48,8 @@ __warn_references(rand_r, int rand(void) { + if (rand_deterministic) + return (arc4random() % ((u_int)RAND_MAX + 1)); return (rand_r(&next)); } @@ -58,10 +61,12 @@ __warn_references(rand, void srand(u_int seed) { - next = seed; + rand_deterministic = 0; } -#if defined(APIWARN) -__warn_references(srand, - "warning: srand() seed choices are invariably poor"); -#endif +void +srand_deterministic(u_int seed) +{ + rand_deterministic = 1; + next = seed; +} -- cgit v1.2.3-59-g8ed1b