From owner-svn-src-stable-8@FreeBSD.ORG Thu Feb 28 21:32:48 2013 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id BEC242B7; Thu, 28 Feb 2013 21:32:48 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id ABFE331E; Thu, 28 Feb 2013 21:32:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r1SLWm5B057727; Thu, 28 Feb 2013 21:32:48 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r1SLWlXQ057721; Thu, 28 Feb 2013 21:32:47 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201302282132.r1SLWlXQ057721@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Thu, 28 Feb 2013 21:32:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r247500 - in stable/8/lib/libc: gen stdlib X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2013 21:32:48 -0000 Author: des Date: Thu Feb 28 21:32:47 2013 New Revision: 247500 URL: http://svnweb.freebsd.org/changeset/base/247500 Log: MFH (r240107,240111,240361): warn against using weak PRNGs Modified: stable/8/lib/libc/gen/rand48.3 stable/8/lib/libc/stdlib/rand.3 stable/8/lib/libc/stdlib/random.3 Directory Properties: stable/8/lib/libc/ (props changed) Modified: stable/8/lib/libc/gen/rand48.3 ============================================================================== --- stable/8/lib/libc/gen/rand48.3 Thu Feb 28 21:24:19 2013 (r247499) +++ stable/8/lib/libc/gen/rand48.3 Thu Feb 28 21:32:47 2013 (r247500) @@ -12,7 +12,7 @@ .\" @(#)rand48.3 V1.0 MB 8 Oct 1993 .\" $FreeBSD$ .\" -.Dd February 2, 2010 +.Dd September 4, 2012 .Dt RAND48 3 .Os .Sh NAME @@ -49,6 +49,14 @@ .Ft void .Fn lcong48 "unsigned short p[7]" .Sh DESCRIPTION +.Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp The .Fn rand48 family of functions generates pseudo-random numbers using a linear @@ -174,10 +182,8 @@ It is thus not possible to use values gr Note that all three methods of seeding the random number generator always also set the multiplicand and addend for any of the six generator calls. -.Pp -For a more powerful random number generator, see -.Xr random 3 . .Sh SEE ALSO +.Xr arc4random 3 , .Xr rand 3 , .Xr random 3 .Sh AUTHORS Modified: stable/8/lib/libc/stdlib/rand.3 ============================================================================== --- stable/8/lib/libc/stdlib/rand.3 Thu Feb 28 21:24:19 2013 (r247499) +++ stable/8/lib/libc/stdlib/rand.3 Thu Feb 28 21:32:47 2013 (r247500) @@ -32,7 +32,7 @@ .\" @(#)rand.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd October 6, 2010 +.Dd September 4, 2012 .Dt RAND 3 .Os .Sh NAME @@ -55,9 +55,15 @@ .Fn rand_r "unsigned *ctx" .Sh DESCRIPTION .Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp These interfaces are obsoleted by .Xr random 3 . -.Ef .Pp The .Fn rand @@ -88,9 +94,6 @@ The function initializes a seed using the .Xr random 4 random number device which returns good random numbers. -However, the -.Fn rand -function still remains unsuitable for cryptographic use. .Pp The .Fn rand_r @@ -105,8 +108,6 @@ For better generator quality, use .Xr random 3 or .Xr lrand48 3 . -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 . .Sh SEE ALSO .Xr arc4random 3 , .Xr lrand48 3 , Modified: stable/8/lib/libc/stdlib/random.3 ============================================================================== --- stable/8/lib/libc/stdlib/random.3 Thu Feb 28 21:24:19 2013 (r247499) +++ stable/8/lib/libc/stdlib/random.3 Thu Feb 28 21:32:47 2013 (r247500) @@ -28,7 +28,7 @@ .\" @(#)random.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd June 4, 1993 +.Dd September 4, 2012 .Dt RANDOM 3 .Os .Sh NAME @@ -53,6 +53,14 @@ .Ft char * .Fn setstate "char *state" .Sh DESCRIPTION +.Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp The .Fn random function @@ -98,10 +106,8 @@ as the seed. .Pp The .Fn srandomdev -routine initializes a state array using the -.Xr random 4 -random number device which returns good random numbers, -suitable for cryptographic use. +routine initializes a state array using data from +.Xr random 4 . Note that this particular seeding procedure can generate states which are impossible to reproduce by calling @@ -175,7 +181,6 @@ messages are printed on the standard err .Xr arc4random 3 , .Xr lrand48 3 , .Xr rand 3 , -.Xr srand 3 , .Xr random 4 .Sh HISTORY These @@ -191,6 +196,3 @@ The historical implementation used to ha random sequence did not vary much with the seed. The current implementation employs a better pseudo-random number generator for the initial state calculation. -.Pp -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 .