Deprecate sranddev(3) API

It serves no useful purpose and wasn't as popular as its equally meritless
cousin, srandomdev(3).

Setting aside the problems with rand(3) in general, the problem with this
interface is that the seed isn't shared with the caller (other than by
attacking the output of the generator, which is trivial, but not a hallmark of
pleasant API design).  The (arguable) utility of rand(3) or random(3) is as a
semi-fast simulation generator which produces consistent results from a given
seed.  These are mutually at odd.  Furthermore, sometimes people got the
mistaken impression that a high quality random seed meant a weak generator like
rand(3) or random(3) could be used for things like cryptographic key
generation.  This is absolutely not so.

The API was never part of a standard and was not widely used in tree.  Existing
in-tree uses have all been removed.

Possible replacement in out of tree codebases:

	char buf[3];
	time_t t;

	time(t);
	strftime(buf, sizeof(buf), "%S", gmtime(&t));
	srand(atoi(buf));

Relnotes:	yes
This commit is contained in:
cem 2019-12-14 08:28:10 +00:00
parent f8a1d78a50
commit cd6bd6c451
7 changed files with 23 additions and 28 deletions

View File

@ -36,6 +36,8 @@
# xargs -n1 | sort | uniq -d;
# done
# 20191214: Removal of sranddev(3)
OLD_FILES+=usr/share/man/man3/sranddev.3.gz
# 20191213: remove timeout(9)
OLD_FILES+=usr/share/man/man9/timeout.9.gz
OLD_FILES+=usr/share/man/man9/untimeout.9.gz

View File

@ -309,12 +309,17 @@ int rpmatch(const char *);
void setprogname(const char *);
int sradixsort(const unsigned char **, int, const unsigned char *,
unsigned);
void sranddev(void);
void srandomdev(void);
long long
strtonum(const char *, long long, long long, const char **);
/* Deprecated interfaces, to be removed. */
static inline void
__attribute__((__deprecated__("sranddev to be removed in FreeBSD 13")))
sranddev(void)
{
}
__int64_t
strtoq(const char *, char **, int);
__uint64_t

View File

@ -52,7 +52,7 @@ MLINKS+=insque.3 remque.3
MLINKS+=lsearch.3 lfind.3
MLINKS+=ptsname.3 grantpt.3 ptsname.3 unlockpt.3
MLINKS+=qsort.3 heapsort.3 qsort.3 mergesort.3 qsort.3 qsort_r.3
MLINKS+=rand.3 rand_r.3 rand.3 srand.3 rand.3 sranddev.3
MLINKS+=rand.3 rand_r.3 rand.3 srand.3
MLINKS+=random.3 initstate.3 random.3 setstate.3 random.3 srandom.3 \
random.3 srandomdev.3
MLINKS+=radixsort.3 sradixsort.3

View File

@ -56,7 +56,6 @@ FBSD_1.0 {
rand_r;
rand;
srand;
sranddev;
srandom;
srandomdev;
initstate;

View File

@ -32,13 +32,12 @@
.\" @(#)rand.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
.Dd April 22, 2019
.Dd December 14, 2019
.Dt RAND 3
.Os
.Sh NAME
.Nm rand ,
.Nm srand ,
.Nm sranddev ,
.Nm rand_r
.Nd bad random number generator
.Sh LIBRARY
@ -47,8 +46,6 @@
.In stdlib.h
.Ft void
.Fn srand "unsigned seed"
.Ft void
.Fn sranddev void
.Ft int
.Fn rand void
.Ft int
@ -90,10 +87,6 @@ value is provided, the functions are automatically
seeded with a value of 1.
.Pp
The
.Fn sranddev
function initializes a seed using pseudo-random numbers obtained from the kernel.
.Pp
The
.Fn rand_r
function
provides the same functionality as
@ -122,4 +115,5 @@ conform to
.Pp
The
.Fn rand_r
function is as proposed in the POSIX.4a Draft #6 document.
function is marked as obsolescent in POSIX and may be removed in a future
revision of the standard.

View File

@ -40,7 +40,9 @@ __FBSDID("$FreeBSD$");
#include "namespace.h"
#include <sys/param.h>
#include <sys/sysctl.h>
#include <stdbool.h>
#include <stdlib.h>
#include <syslog.h>
#include "un-namespace.h"
#ifdef TEST
@ -102,25 +104,18 @@ srand(unsigned seed)
}
/*
* sranddev:
*
* Many programs choose the seed value in a totally predictable manner.
* This often causes problems. We seed the generator using pseudo-random
* data from the kernel.
*/
void __sranddev_fbsd12(void);
void
sranddev(void)
__sranddev_fbsd12(void)
{
int mib[2];
size_t len;
static bool warned = false;
len = sizeof(next);
mib[0] = CTL_KERN;
mib[1] = KERN_ARND;
sysctl(mib, 2, (void *)&next, &len, NULL, 0);
if (!warned) {
syslog(LOG_DEBUG, "Deprecated function sranddev() called");
warned = true;
}
}
__sym_compat(sranddev, __sranddev_fbsd12, FBSD_1.0);
#ifdef TEST

View File

@ -102,7 +102,7 @@
#define HAVE_SRAND 1
/* Define to 1 if you have the `sranddev' function. */
#define HAVE_SRANDDEV 1
/* #undef HAVE_SRANDDEV */
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1