svn commit: r247500 - in stable/8/lib/libc: gen stdlib

Dag-Erling Smørgrav des at FreeBSD.org
Thu Feb 28 21:32:48 UTC 2013 

Author: des
Date: Thu Feb 28 21:32:47 2013
New Revision: 247500
URL: http://svnweb.freebsd.org/changeset/base/247500

Log:
  MFH (r240107,240111,240361): warn against using weak PRNGs

Modified:
  stable/8/lib/libc/gen/rand48.3
  stable/8/lib/libc/stdlib/rand.3
  stable/8/lib/libc/stdlib/random.3
Directory Properties:
  stable/8/lib/libc/   (props changed)

Modified: stable/8/lib/libc/gen/rand48.3
==============================================================================
--- stable/8/lib/libc/gen/rand48.3	Thu Feb 28 21:24:19 2013	(r247499)
+++ stable/8/lib/libc/gen/rand48.3	Thu Feb 28 21:32:47 2013	(r247500)
@@ -12,7 +12,7 @@
 .\"     @(#)rand48.3 V1.0 MB 8 Oct 1993
 .\" $FreeBSD$
 .\"
-.Dd February 2, 2010
+.Dd September 4, 2012
 .Dt RAND48 3
 .Os
 .Sh NAME
@@ -49,6 +49,14 @@
 .Ft void
 .Fn lcong48 "unsigned short p[7]"
 .Sh DESCRIPTION
+.Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 The
 .Fn rand48
 family of functions generates pseudo-random numbers using a linear
@@ -174,10 +182,8 @@ It is thus not possible to use values gr
 Note that all three methods of seeding the random number generator
 always also set the multiplicand and addend for any of the six
 generator calls.
-.Pp
-For a more powerful random number generator, see
-.Xr random 3 .
 .Sh SEE ALSO
+.Xr arc4random 3 ,
 .Xr rand 3 ,
 .Xr random 3
 .Sh AUTHORS

Modified: stable/8/lib/libc/stdlib/rand.3
==============================================================================
--- stable/8/lib/libc/stdlib/rand.3	Thu Feb 28 21:24:19 2013	(r247499)
+++ stable/8/lib/libc/stdlib/rand.3	Thu Feb 28 21:32:47 2013	(r247500)
@@ -32,7 +32,7 @@
 .\"     @(#)rand.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd October 6, 2010
+.Dd September 4, 2012
 .Dt RAND 3
 .Os
 .Sh NAME
@@ -55,9 +55,15 @@
 .Fn rand_r "unsigned *ctx"
 .Sh DESCRIPTION
 .Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 These interfaces are obsoleted by
 .Xr random 3 .
-.Ef
 .Pp
 The
 .Fn rand
@@ -88,9 +94,6 @@ The
 function initializes a seed using the
 .Xr random 4
 random number device which returns good random numbers.
-However, the
-.Fn rand
-function still remains unsuitable for cryptographic use.
 .Pp
 The
 .Fn rand_r
@@ -105,8 +108,6 @@ For better generator quality, use
 .Xr random 3
 or
 .Xr lrand48 3 .
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .
 .Sh SEE ALSO
 .Xr arc4random 3 ,
 .Xr lrand48 3 ,

Modified: stable/8/lib/libc/stdlib/random.3
==============================================================================
--- stable/8/lib/libc/stdlib/random.3	Thu Feb 28 21:24:19 2013	(r247499)
+++ stable/8/lib/libc/stdlib/random.3	Thu Feb 28 21:32:47 2013	(r247500)
@@ -28,7 +28,7 @@
 .\"     @(#)random.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd June 4, 1993
+.Dd September 4, 2012
 .Dt RANDOM 3
 .Os
 .Sh NAME
@@ -53,6 +53,14 @@
 .Ft char *
 .Fn setstate "char *state"
 .Sh DESCRIPTION
+.Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 The
 .Fn random
 function
@@ -98,10 +106,8 @@ as the seed.
 .Pp
 The
 .Fn srandomdev
-routine initializes a state array using the
-.Xr random 4
-random number device which returns good random numbers,
-suitable for cryptographic use.
+routine initializes a state array using data from
+.Xr random 4 .
 Note that this particular seeding
 procedure can generate states which are impossible to reproduce by
 calling
@@ -175,7 +181,6 @@ messages are printed on the standard err
 .Xr arc4random 3 ,
 .Xr lrand48 3 ,
 .Xr rand 3 ,
-.Xr srand 3 ,
 .Xr random 4
 .Sh HISTORY
 These
@@ -191,6 +196,3 @@ The historical implementation used to ha
 random sequence did not vary much with the seed.
 The current implementation employs a better pseudo-random number
 generator for the initial state calculation.
-.Pp
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .

More information about the svn-src-stable mailing list