From 1e2b0be5bee045db1b0abb1f87801004db563bb8 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Mon, 8 Dec 2014 21:45:20 +0000 Subject: Change rand(), random(), drand48(), lrand48(), mrand48(), and srand48() to returning strong random by default, source from arc4random(3). Parameters to the seeding functions are ignored, and the subsystems remain in strong random mode. If you wish the standardized deterministic mode, call srand_deterministic(), srandom_determistic(), srand48_deterministic(), seed48_deterministic() or lcong48_deterministic() instead. The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are unaffected by this change and remain in deterministic mode (for now). Verified as a good roadmap forward by auditing 8800 pieces of software. Roughly 60 pieces of software will need adaptation to request the deterministic mode. Violates POSIX and C89, which violate best practice in this century. ok guenther tedu millert --- src/lib/libc/stdlib/random.c | 49 +++++++++++++------------------------------- 1 file changed, 14 insertions(+), 35 deletions(-) (limited to 'src/lib/libc/stdlib/random.c') diff --git a/src/lib/libc/stdlib/random.c b/src/lib/libc/stdlib/random.c index e4ff07ea0c..cba088c751 100644 --- a/src/lib/libc/stdlib/random.c +++ b/src/lib/libc/stdlib/random.c @@ -1,4 +1,4 @@ -/* $OpenBSD: random.c,v 1.24 2014/10/13 20:54:13 chl Exp $ */ +/* $OpenBSD: random.c,v 1.25 2014/12/08 21:45:20 deraadt Exp $ */ /* * Copyright (c) 1983 Regents of the University of California. * All rights reserved. @@ -176,7 +176,7 @@ static int rand_type = TYPE_3; static int rand_deg = DEG_3; static int rand_sep = SEP_3; -static int use_arc4random; +static int random_deterministic; _THREAD_PRIVATE_MUTEX(random); static long random_l(void); @@ -203,7 +203,7 @@ srandom_l(unsigned int x) int32_t test; div_t val; - use_arc4random = 0; + random_deterministic = 1; if (rand_type == TYPE_0) state[0] = x; else { @@ -231,39 +231,23 @@ srandom_l(unsigned int x) void srandom(unsigned int x) { - LOCK(); - srandom_l(x); - UNLOCK(); + random_deterministic = 0; } -#if defined(APIWARN) -__warn_references(srandom, - "warning: srandom() seed choices are invariably poor"); -#endif - -/* - * srandomdev: - * - * Many programs choose the seed value in a totally predictable manner. - * This often causes problems. We seed the generator using random data. - * Note that this particular seeding procedure can generate states - * which are impossible to reproduce by calling srandom() with any - * value, since the succeeding terms in the state buffer are no longer - * derived from the LC algorithm applied to a fixed seed. - */ void srandomdev(void) +{ + random_deterministic = 0; /* back to the default */ +} + +void +srandom_deterministic(unsigned int x) { LOCK(); - use_arc4random = 1; + srandom_l(x); UNLOCK(); } -#if defined(APIWARN) -__warn_references(srandomdev, - "warning: srandomdev() usage; consider switching to arc4random()"); -#endif - /* * initstate: * @@ -289,7 +273,7 @@ initstate(u_int seed, char *arg_state, size_t n) char *ostate = (char *)(&state[-1]); LOCK(); - use_arc4random = 0; + random_deterministic = 1; if (rand_type == TYPE_0) state[-1] = rand_type; else @@ -354,7 +338,7 @@ setstate(char *arg_state) char *ostate = (char *)(&state[-1]); LOCK(); - use_arc4random = 0; + random_deterministic = 1; if (rand_type == TYPE_0) state[-1] = rand_type; else @@ -405,7 +389,7 @@ random_l(void) { int32_t i; - if (use_arc4random) + if (random_deterministic == 0) return arc4random() & 0x7fffffff; if (rand_type == TYPE_0) @@ -431,8 +415,3 @@ random(void) UNLOCK(); return r; } - -#if defined(APIWARN) -__warn_references(random, - "warning: random() isn't random; consider using arc4random()"); -#endif -- cgit v1.2.3-55-g6feb