Hello,
Small comment below.
On Mon, Dec 08, 2014 at 01:55:47PM -0700, Theo de Raadt wrote:
> I have spent the last week researching all the uses of the srand(),
> srandom(), and srand48() subsystems in the ports tree.
[...]
> RAND(3) Library Functions Manual RAND(3)
>
> NAME
> rand, rand_r, srand, srand_deterministic - bad pseudo-random number
> generator
>
> SYNOPSIS
> #include <stdlib.h>
>
> void
> srand(unsigned int seed);
>
> void
> srand_deterministic(unsigned int seed);
>
> int
> rand(void);
>
> int
> rand_r(unsigned int *seed);
>
> DESCRIPTION
> Standards insist that this interface return deterministic results.
> Unsafe usage is very common, so OpenBSD changed the subsystem to return
> non-deterministic results by default.
>
> To satisfy portable code, srand() may be called to initialize the
> subsystem. In OpenBSD the seed variable is ignored, and strong random
> number results will be provided from arc4random(3.) In other systems, the
> seed variable primes a simplistic deterministic algorithm.
>
> If the standardized behavior is required srand_deterministic() can be
> substituted for srand(), then subsequent rand() calls will return results
> using the deterministic algorithm.
>
> The rand() function returns a result in the range of 0 to RAND_MAX. By
> default, this result comes from arc4random(3). If srand_deterministic()
> was called, the result will be computed using the deterministic
> algorithm.
>
> The rand_r() is a thread-safe version of rand(). Storage for the seed
> must be provided through the seed argument, and needs to have been
> initialized by the caller. It always operates using the deterministic
> algorithm.
>
> SEE ALSO
> arc4random(3), rand48(3), random(3)
>
> STANDARDS
> The rand() function conforms to ANSI X3.159-1989 (``ANSI C89'').
>
> The rand_r() function conforms to IEEE Std 1003.1-2008 (``POSIX.1'').
>
> The srand() function does not conform to ANSI X3.159-1989 (``ANSI C89''),
> intentionally.
>
> The srand_deterministic() function is an OpenBSD extension.
>
> HISTORY
> The functions rand() and srand() first appeared in Version 3 AT&T UNIX.
>
> OpenBSD 5.6 November 25, 2014 OpenBSD 5.6
[...]
> Index: lib/libc/stdlib/rand.c
> ===================================================================
> RCS file: /cvs/src/lib/libc/stdlib/rand.c,v
> retrieving revision 1.10
> diff -u -p -u -r1.10 rand.c
> --- lib/libc/stdlib/rand.c 1 Aug 2013 19:42:08 -0000 1.10
> +++ lib/libc/stdlib/rand.c 8 Dec 2014 03:50:34 -0000
> @@ -30,6 +30,7 @@
> #include <sys/types.h>
> #include <stdlib.h>
>
> +static int rand_deterministic;
> static u_int next = 1;
>
> int
> @@ -47,6 +48,8 @@ __warn_references(rand_r,
> int
> rand(void)
> {
> + if (rand_deterministic)
> + return (arc4random() % ((u_int)RAND_MAX + 1));
I think, based on man page change you sent, the if()
statement should check for '0 == rand_deterministic'
No?
--patrick
> return (rand_r(&next));
> }
>
> @@ -58,10 +61,12 @@ __warn_references(rand,
> void
> srand(u_int seed)
> {
> - next = seed;
> + rand_deterministic = 0;
> }
>
> -#if defined(APIWARN)
> -__warn_references(srand,
> - "warning: srand() seed choices are invariably poor");
> -#endif
> +void
> +srand_deterministic(u_int seed)
> +{
> + rand_deterministic = 1;
> + next = seed;
> +}
