From c62ff2800ba9e4b6e851ae71b1696b28920854b9 Mon Sep 17 00:00:00 2001 From: Conrad Meyer Date: Sat, 14 Dec 2019 08:28:10 +0000 Subject: [PATCH] Deprecate sranddev(3) API It serves no useful purpose and wasn't as popular as its equally meritless cousin, srandomdev(3). Setting aside the problems with rand(3) in general, the problem with this interface is that the seed isn't shared with the caller (other than by attacking the output of the generator, which is trivial, but not a hallmark of pleasant API design). The (arguable) utility of rand(3) or random(3) is as a semi-fast simulation generator which produces consistent results from a given seed. These are mutually at odd. Furthermore, sometimes people got the mistaken impression that a high quality random seed meant a weak generator like rand(3) or random(3) could be used for things like cryptographic key generation. This is absolutely not so. The API was never part of a standard and was not widely used in tree. Existing in-tree uses have all been removed. Possible replacement in out of tree codebases: char buf[3]; time_t t; time(t); strftime(buf, sizeof(buf), "%S", gmtime(&t)); srand(atoi(buf)); Relnotes: yes --- ObsoleteFiles.inc | 2 ++ include/stdlib.h | 7 ++++++- lib/libc/stdlib/Makefile.inc | 2 +- lib/libc/stdlib/Symbol.map | 1 - lib/libc/stdlib/rand.3 | 12 +++--------- lib/libc/stdlib/rand.c | 25 ++++++++++--------------- lib/libxo/xo_config.h | 2 +- 7 files changed, 23 insertions(+), 28 deletions(-) diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index 7d5acc389066..d46a500e2dbd 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -36,6 +36,8 @@ # xargs -n1 | sort | uniq -d; # done +# 20191214: Removal of sranddev(3) +OLD_FILES+=usr/share/man/man3/sranddev.3.gz # 20191213: remove timeout(9) OLD_FILES+=usr/share/man/man9/timeout.9.gz OLD_FILES+=usr/share/man/man9/untimeout.9.gz diff --git a/include/stdlib.h b/include/stdlib.h index 0289980d17f0..50bda707a0d3 100644 --- a/include/stdlib.h +++ b/include/stdlib.h @@ -309,12 +309,17 @@ int rpmatch(const char *); void setprogname(const char *); int sradixsort(const unsigned char **, int, const unsigned char *, unsigned); -void sranddev(void); void srandomdev(void); long long strtonum(const char *, long long, long long, const char **); /* Deprecated interfaces, to be removed. */ +static inline void +__attribute__((__deprecated__("sranddev to be removed in FreeBSD 13"))) +sranddev(void) +{ +} + __int64_t strtoq(const char *, char **, int); __uint64_t diff --git a/lib/libc/stdlib/Makefile.inc b/lib/libc/stdlib/Makefile.inc index ee6d98e9cf6a..1a4430697385 100644 --- a/lib/libc/stdlib/Makefile.inc +++ b/lib/libc/stdlib/Makefile.inc @@ -52,7 +52,7 @@ MLINKS+=insque.3 remque.3 MLINKS+=lsearch.3 lfind.3 MLINKS+=ptsname.3 grantpt.3 ptsname.3 unlockpt.3 MLINKS+=qsort.3 heapsort.3 qsort.3 mergesort.3 qsort.3 qsort_r.3 -MLINKS+=rand.3 rand_r.3 rand.3 srand.3 rand.3 sranddev.3 +MLINKS+=rand.3 rand_r.3 rand.3 srand.3 MLINKS+=random.3 initstate.3 random.3 setstate.3 random.3 srandom.3 \ random.3 srandomdev.3 MLINKS+=radixsort.3 sradixsort.3 diff --git a/lib/libc/stdlib/Symbol.map b/lib/libc/stdlib/Symbol.map index 8682901bca6d..d25b463241d7 100644 --- a/lib/libc/stdlib/Symbol.map +++ b/lib/libc/stdlib/Symbol.map @@ -56,7 +56,6 @@ FBSD_1.0 { rand_r; rand; srand; - sranddev; srandom; srandomdev; initstate; diff --git a/lib/libc/stdlib/rand.3 b/lib/libc/stdlib/rand.3 index ce3bae730a88..04de06ae4884 100644 --- a/lib/libc/stdlib/rand.3 +++ b/lib/libc/stdlib/rand.3 @@ -32,13 +32,12 @@ .\" @(#)rand.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd April 22, 2019 +.Dd December 14, 2019 .Dt RAND 3 .Os .Sh NAME .Nm rand , .Nm srand , -.Nm sranddev , .Nm rand_r .Nd bad random number generator .Sh LIBRARY @@ -47,8 +46,6 @@ .In stdlib.h .Ft void .Fn srand "unsigned seed" -.Ft void -.Fn sranddev void .Ft int .Fn rand void .Ft int @@ -90,10 +87,6 @@ value is provided, the functions are automatically seeded with a value of 1. .Pp The -.Fn sranddev -function initializes a seed using pseudo-random numbers obtained from the kernel. -.Pp -The .Fn rand_r function provides the same functionality as @@ -122,4 +115,5 @@ conform to .Pp The .Fn rand_r -function is as proposed in the POSIX.4a Draft #6 document. +function is marked as obsolescent in POSIX and may be removed in a future +revision of the standard. diff --git a/lib/libc/stdlib/rand.c b/lib/libc/stdlib/rand.c index be2c3d4f058b..3722e850549c 100644 --- a/lib/libc/stdlib/rand.c +++ b/lib/libc/stdlib/rand.c @@ -40,7 +40,9 @@ __FBSDID("$FreeBSD$"); #include "namespace.h" #include #include +#include #include +#include #include "un-namespace.h" #ifdef TEST @@ -102,25 +104,18 @@ srand(unsigned seed) } -/* - * sranddev: - * - * Many programs choose the seed value in a totally predictable manner. - * This often causes problems. We seed the generator using pseudo-random - * data from the kernel. - */ +void __sranddev_fbsd12(void); void -sranddev(void) +__sranddev_fbsd12(void) { - int mib[2]; - size_t len; + static bool warned = false; - len = sizeof(next); - - mib[0] = CTL_KERN; - mib[1] = KERN_ARND; - sysctl(mib, 2, (void *)&next, &len, NULL, 0); + if (!warned) { + syslog(LOG_DEBUG, "Deprecated function sranddev() called"); + warned = true; + } } +__sym_compat(sranddev, __sranddev_fbsd12, FBSD_1.0); #ifdef TEST diff --git a/lib/libxo/xo_config.h b/lib/libxo/xo_config.h index 857af5356c57..fd38c442b604 100644 --- a/lib/libxo/xo_config.h +++ b/lib/libxo/xo_config.h @@ -102,7 +102,7 @@ #define HAVE_SRAND 1 /* Define to 1 if you have the `sranddev' function. */ -#define HAVE_SRANDDEV 1 +/* #undef HAVE_SRANDDEV */ /* Define to 1 if you have the header file. */ #define HAVE_STDINT_H 1