From f2dea38bc68e6d3364281ca0e50f98502743cce3 Mon Sep 17 00:00:00 2001
From: des <des@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Date: Tue, 11 Sep 2012 11:05:32 +0000
Subject: [PATCH] MFH (r240107, r240111): warn against using these for
 cryptographic purposes.

Approved by:	re (kib)


git-svn-id: svn://svn.freebsd.org/base/releng/9.1@240360 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
---
 lib/libc/stdlib/rand.3   | 15 ++++++++-------
 lib/libc/stdlib/random.3 | 19 +++++++++++--------
 2 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/lib/libc/stdlib/rand.3 b/lib/libc/stdlib/rand.3
index 3eb1a1d1..390a40bf 100644
--- a/lib/libc/stdlib/rand.3
+++ b/lib/libc/stdlib/rand.3
@@ -32,7 +32,7 @@
 .\"     @(#)rand.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd October 6, 2010
+.Dd September 4, 2012
 .Dt RAND 3
 .Os
 .Sh NAME
@@ -55,9 +55,15 @@
 .Fn rand_r "unsigned *ctx"
 .Sh DESCRIPTION
 .Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 These interfaces are obsoleted by
 .Xr random 3 .
-.Ef
 .Pp
 The
 .Fn rand
@@ -88,9 +94,6 @@ The
 function initializes a seed using the
 .Xr random 4
 random number device which returns good random numbers.
-However, the
-.Fn rand
-function still remains unsuitable for cryptographic use.
 .Pp
 The
 .Fn rand_r
@@ -105,8 +108,6 @@ For better generator quality, use
 .Xr random 3
 or
 .Xr lrand48 3 .
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .
 .Sh SEE ALSO
 .Xr arc4random 3 ,
 .Xr lrand48 3 ,
diff --git a/lib/libc/stdlib/random.3 b/lib/libc/stdlib/random.3
index c6502bf5..e0be8f1e 100644
--- a/lib/libc/stdlib/random.3
+++ b/lib/libc/stdlib/random.3
@@ -28,7 +28,7 @@
 .\"     @(#)random.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd June 4, 1993
+.Dd September 4, 2012
 .Dt RANDOM 3
 .Os
 .Sh NAME
@@ -53,6 +53,14 @@
 .Ft char *
 .Fn setstate "char *state"
 .Sh DESCRIPTION
+.Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 The
 .Fn random
 function
@@ -98,10 +106,8 @@ as the seed.
 .Pp
 The
 .Fn srandomdev
-routine initializes a state array using the
-.Xr random 4
-random number device which returns good random numbers,
-suitable for cryptographic use.
+routine initializes a state array using data from
+.Xr random 4 .
 Note that this particular seeding
 procedure can generate states which are impossible to reproduce by
 calling
@@ -191,6 +197,3 @@ The historical implementation used to have a very weak seeding; the
 random sequence did not vary much with the seed.
 The current implementation employs a better pseudo-random number
 generator for the initial state calculation.
-.Pp
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .
-- 
2.42.0