From 1e2b0be5bee045db1b0abb1f87801004db563bb8 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Mon, 8 Dec 2014 21:45:20 +0000
Subject: Change rand(), random(), drand48(), lrand48(), mrand48(), and
 srand48() to returning strong random by default, source from arc4random(3).
 Parameters to the seeding functions are ignored, and the subsystems remain in
 strong random mode.  If you wish the standardized deterministic mode, call
 srand_deterministic(), srandom_determistic(), srand48_deterministic(),
 seed48_deterministic() or lcong48_deterministic() instead. The re-entrant
 functions rand_r(), erand48(), nrand48(), jrand48() are unaffected by this
 change and remain in deterministic mode (for now).

Verified as a good roadmap forward by auditing 8800 pieces of software.
Roughly 60 pieces of software will need adaptation to request the
deterministic mode.

Violates POSIX and C89, which violate best practice in this century.
ok guenther tedu millert
---
 src/lib/libc/stdlib/drand48.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'src/lib/libc/stdlib/drand48.c')

diff --git a/src/lib/libc/stdlib/drand48.c b/src/lib/libc/stdlib/drand48.c
index b6c046c831..bbeedf8a8a 100644
--- a/src/lib/libc/stdlib/drand48.c
+++ b/src/lib/libc/stdlib/drand48.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: drand48.c,v 1.3 2005/08/08 08:05:36 espie Exp $ */
+/*	$OpenBSD: drand48.c,v 1.4 2014/12/08 21:45:20 deraadt Exp $ */
 /*
  * Copyright (c) 1993 Martin Birgmeier
  * All rights reserved.
@@ -19,5 +19,13 @@ extern unsigned short __rand48_seed[3];
 double
 drand48(void)
 {
+	if (__rand48_deterministic == 0) {
+		short rseed[3];
+
+		arc4random_buf(rseed, sizeof rseed);
+		return ldexp((double) rseed[0], -48) +
+		       ldexp((double) rseed[1], -32) +
+		       ldexp((double) rseed[2], -16);
+	}
 	return erand48(__rand48_seed);
 }
-- 
cgit v1.2.3-55-g6feb