BIND and Solaris rand()
Stacey Jonathan Marshall
Stacey.Marshall at Sun.COM
Tue Apr 7 09:38:45 UTC 2009
On 04/06/09 16:06, Chris Thompson wrote:
> It turns out that rand(3c) in even recent Solaris versions returns
> values in the range 0..32767 only. I suppose this is part of Sun's
> rather extreme paranoia about backwards compatibility with programs
> written before the flood.
rand(3C) - simple random-number generator returns successive
pseudo-random numbers in the range of 0 to RAND_MAX (defined as 32767).
>
> The specific thing that brought this to my attention was that, when
> using the -j option to dnssec-signzone, I couldn't get jitter of
> more than a few hours however large I set the option. isc_random_jitter
> in lib/isc/random.c has
>
> return (max - rand() % jitter);
>
> and now it is obvious why that was. There are probably other bad
> things happening elsewhere in BIND and its associated utilities.
>
> Sun provided the drand48(3c) routines as an alternative to rand(3c),
> even back in the SunOS 4.x days, and they have a better spec. I was
> about to write a version of lib/isc/random.c using lrand48() instead
> of rand(), but thought I would ask whether anyone has done the same
> thing already. Also, a suggestion to ISC that they use lrand48() on
> Solaris, in the same way as they use arc4random() if that is available.
>
BIND 8 was changed to use /dev/urandom on Solaris around the time when
arc4random() was added to it.
Perhaps a similar solution could be used here?
Stacey
More information about the bind-users
mailing list