On 04/06/09 16:06, Chris Thompson wrote:
It turns out that rand(3c) in even recent Solaris versions returns
values in the range 0..32767 only. I suppose this is part of Sun's
rather extreme paranoia about backwards compatibility with programs
written before the flood.
rand(3C) - simple random-number generator returns successive
pseudo-random numbers in the range of 0 to RAND_MAX (defined as 32767).
The specific thing that brought this to my attention was that, when
using the -j option to dnssec-signzone, I couldn't get jitter of
more than a few hours however large I set the option. isc_random_jitter
in lib/isc/random.c has
return (max - rand() % jitter);
and now it is obvious why that was. There are probably other bad
things happening elsewhere in BIND and its associated utilities.
Sun provided the drand48(3c) routines as an alternative to rand(3c),
even back in the SunOS 4.x days, and they have a better spec. I was
about to write a version of lib/isc/random.c using lrand48() instead
of rand(), but thought I would ask whether anyone has done the same
thing already. Also, a suggestion to ISC that they use lrand48() on
Solaris, in the same way as they use arc4random() if that is available.
BIND 8 was changed to use /dev/urandom on Solaris around the time when
arc4random() was added to it.
Perhaps a similar solution could be used here?
Stacey
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
