Date: Sat, 14 Dec 2019 10:20:00 -0800 From: Ryan Libby <rlibby@gmail.com> To: Conrad Meyer <cem@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r355747 - in head: . include lib/libc/stdlib lib/libxo Message-ID: <CAHgpiFyQ6%2B-cbjtwi6NsPkohbQd%2B6ies0%2B55g5KtYH9Pog_sTw@mail.gmail.com> In-Reply-To: <201912140828.xBE8SAXq027656@repo.freebsd.org> References: <201912140828.xBE8SAXq027656@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Dec 14, 2019 at 12:28 AM Conrad Meyer <cem@freebsd.org> wrote: > > Author: cem > Date: Sat Dec 14 08:28:10 2019 > New Revision: 355747 > URL: https://svnweb.freebsd.org/changeset/base/355747 > > Log: > Deprecate sranddev(3) API > > It serves no useful purpose and wasn't as popular as its equally meritless > cousin, srandomdev(3). > > Setting aside the problems with rand(3) in general, the problem with this > interface is that the seed isn't shared with the caller (other than by > attacking the output of the generator, which is trivial, but not a hallmark of > pleasant API design). The (arguable) utility of rand(3) or random(3) is as a > semi-fast simulation generator which produces consistent results from a given > seed. These are mutually at odd. Furthermore, sometimes people got the > mistaken impression that a high quality random seed meant a weak generator like > rand(3) or random(3) could be used for things like cryptographic key > generation. This is absolutely not so. > > The API was never part of a standard and was not widely used in tree. Existing > in-tree uses have all been removed. > > Possible replacement in out of tree codebases: > > char buf[3]; > time_t t; > > time(t); > strftime(buf, sizeof(buf), "%S", gmtime(&t)); > srand(atoi(buf)); > > Relnotes: yes > > Modified: > head/ObsoleteFiles.inc > head/include/stdlib.h > head/lib/libc/stdlib/Makefile.inc > head/lib/libc/stdlib/Symbol.map > head/lib/libc/stdlib/rand.3 > head/lib/libc/stdlib/rand.c > head/lib/libxo/xo_config.h > > Modified: head/ObsoleteFiles.inc > ============================================================================== > --- head/ObsoleteFiles.inc Sat Dec 14 05:21:56 2019 (r355746) > +++ head/ObsoleteFiles.inc Sat Dec 14 08:28:10 2019 (r355747) > @@ -36,6 +36,8 @@ > # xargs -n1 | sort | uniq -d; > # done > > +# 20191214: Removal of sranddev(3) > +OLD_FILES+=usr/share/man/man3/sranddev.3.gz > # 20191213: remove timeout(9) > OLD_FILES+=usr/share/man/man9/timeout.9.gz > OLD_FILES+=usr/share/man/man9/untimeout.9.gz > > Modified: head/include/stdlib.h > ============================================================================== > --- head/include/stdlib.h Sat Dec 14 05:21:56 2019 (r355746) > +++ head/include/stdlib.h Sat Dec 14 08:28:10 2019 (r355747) > @@ -309,12 +309,17 @@ int rpmatch(const char *); > void setprogname(const char *); > int sradixsort(const unsigned char **, int, const unsigned char *, > unsigned); > -void sranddev(void); > void srandomdev(void); > long long > strtonum(const char *, long long, long long, const char **); > > /* Deprecated interfaces, to be removed. */ > +static inline void > +__attribute__((__deprecated__("sranddev to be removed in FreeBSD 13"))) > +sranddev(void) > +{ > +} > + This broke some gcc builds in ci. It looks like older versions of gcc don't like having an argument to deprecated. > __int64_t > strtoq(const char *, char **, int); > __uint64_t > > Modified: head/lib/libc/stdlib/Makefile.inc > ============================================================================== > --- head/lib/libc/stdlib/Makefile.inc Sat Dec 14 05:21:56 2019 (r355746) > +++ head/lib/libc/stdlib/Makefile.inc Sat Dec 14 08:28:10 2019 (r355747) > @@ -52,7 +52,7 @@ MLINKS+=insque.3 remque.3 > MLINKS+=lsearch.3 lfind.3 > MLINKS+=ptsname.3 grantpt.3 ptsname.3 unlockpt.3 > MLINKS+=qsort.3 heapsort.3 qsort.3 mergesort.3 qsort.3 qsort_r.3 > -MLINKS+=rand.3 rand_r.3 rand.3 srand.3 rand.3 sranddev.3 > +MLINKS+=rand.3 rand_r.3 rand.3 srand.3 > MLINKS+=random.3 initstate.3 random.3 setstate.3 random.3 srandom.3 \ > random.3 srandomdev.3 > MLINKS+=radixsort.3 sradixsort.3 > > Modified: head/lib/libc/stdlib/Symbol.map > ============================================================================== > --- head/lib/libc/stdlib/Symbol.map Sat Dec 14 05:21:56 2019 (r355746) > +++ head/lib/libc/stdlib/Symbol.map Sat Dec 14 08:28:10 2019 (r355747) > @@ -56,7 +56,6 @@ FBSD_1.0 { > rand_r; > rand; > srand; > - sranddev; > srandom; > srandomdev; > initstate; > > Modified: head/lib/libc/stdlib/rand.3 > ============================================================================== > --- head/lib/libc/stdlib/rand.3 Sat Dec 14 05:21:56 2019 (r355746) > +++ head/lib/libc/stdlib/rand.3 Sat Dec 14 08:28:10 2019 (r355747) > @@ -32,13 +32,12 @@ > .\" @(#)rand.3 8.1 (Berkeley) 6/4/93 > .\" $FreeBSD$ > .\" > -.Dd April 22, 2019 > +.Dd December 14, 2019 > .Dt RAND 3 > .Os > .Sh NAME > .Nm rand , > .Nm srand , > -.Nm sranddev , > .Nm rand_r > .Nd bad random number generator > .Sh LIBRARY > @@ -47,8 +46,6 @@ > .In stdlib.h > .Ft void > .Fn srand "unsigned seed" > -.Ft void > -.Fn sranddev void > .Ft int > .Fn rand void > .Ft int > @@ -90,10 +87,6 @@ value is provided, the functions are automatically > seeded with a value of 1. > .Pp > The > -.Fn sranddev > -function initializes a seed using pseudo-random numbers obtained from the kernel. > -.Pp > -The > .Fn rand_r > function > provides the same functionality as > @@ -122,4 +115,5 @@ conform to > .Pp > The > .Fn rand_r > -function is as proposed in the POSIX.4a Draft #6 document. > +function is marked as obsolescent in POSIX and may be removed in a future > +revision of the standard. > > Modified: head/lib/libc/stdlib/rand.c > ============================================================================== > --- head/lib/libc/stdlib/rand.c Sat Dec 14 05:21:56 2019 (r355746) > +++ head/lib/libc/stdlib/rand.c Sat Dec 14 08:28:10 2019 (r355747) > @@ -40,7 +40,9 @@ __FBSDID("$FreeBSD$"); > #include "namespace.h" > #include <sys/param.h> > #include <sys/sysctl.h> > +#include <stdbool.h> > #include <stdlib.h> > +#include <syslog.h> > #include "un-namespace.h" > > #ifdef TEST > @@ -102,25 +104,18 @@ srand(unsigned seed) > } > > > -/* > - * sranddev: > - * > - * Many programs choose the seed value in a totally predictable manner. > - * This often causes problems. We seed the generator using pseudo-random > - * data from the kernel. > - */ > +void __sranddev_fbsd12(void); > void > -sranddev(void) > +__sranddev_fbsd12(void) > { > - int mib[2]; > - size_t len; > + static bool warned = false; > > - len = sizeof(next); > - > - mib[0] = CTL_KERN; > - mib[1] = KERN_ARND; > - sysctl(mib, 2, (void *)&next, &len, NULL, 0); > + if (!warned) { > + syslog(LOG_DEBUG, "Deprecated function sranddev() called"); > + warned = true; > + } > } > +__sym_compat(sranddev, __sranddev_fbsd12, FBSD_1.0); > > > #ifdef TEST > > Modified: head/lib/libxo/xo_config.h > ============================================================================== > --- head/lib/libxo/xo_config.h Sat Dec 14 05:21:56 2019 (r355746) > +++ head/lib/libxo/xo_config.h Sat Dec 14 08:28:10 2019 (r355747) > @@ -102,7 +102,7 @@ > #define HAVE_SRAND 1 > > /* Define to 1 if you have the `sranddev' function. */ > -#define HAVE_SRANDDEV 1 > +/* #undef HAVE_SRANDDEV */ > > /* Define to 1 if you have the <stdint.h> header file. */ > #define HAVE_STDINT_H 1 > _______________________________________________ > svn-src-all@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/svn-src-all > To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHgpiFyQ6%2B-cbjtwi6NsPkohbQd%2B6ies0%2B55g5KtYH9Pog_sTw>