From 1e2b0be5bee045db1b0abb1f87801004db563bb8 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Mon, 8 Dec 2014 21:45:20 +0000 Subject: Change rand(), random(), drand48(), lrand48(), mrand48(), and srand48() to returning strong random by default, source from arc4random(3). Parameters to the seeding functions are ignored, and the subsystems remain in strong random mode. If you wish the standardized deterministic mode, call srand_deterministic(), srandom_determistic(), srand48_deterministic(), seed48_deterministic() or lcong48_deterministic() instead. The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are unaffected by this change and remain in deterministic mode (for now). Verified as a good roadmap forward by auditing 8800 pieces of software. Roughly 60 pieces of software will need adaptation to request the deterministic mode. Violates POSIX and C89, which violate best practice in this century. ok guenther tedu millert --- src/lib/libc/stdlib/rand.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'src/lib/libc/stdlib/rand.c') diff --git a/src/lib/libc/stdlib/rand.c b/src/lib/libc/stdlib/rand.c index 6860dd4f71..618559fd9c 100644 --- a/src/lib/libc/stdlib/rand.c +++ b/src/lib/libc/stdlib/rand.c @@ -30,6 +30,7 @@ #include #include +static int rand_deterministic; static u_int next = 1; int @@ -47,6 +48,8 @@ __warn_references(rand_r, int rand(void) { + if (rand_deterministic) + return (arc4random() % ((u_int)RAND_MAX + 1)); return (rand_r(&next)); } @@ -58,10 +61,12 @@ __warn_references(rand, void srand(u_int seed) { - next = seed; + rand_deterministic = 0; } -#if defined(APIWARN) -__warn_references(srand, - "warning: srand() seed choices are invariably poor"); -#endif +void +srand_deterministic(u_int seed) +{ + rand_deterministic = 1; + next = seed; +} -- cgit v1.2.3-55-g6feb