BIND and Solaris rand()
Chris Thompson
cet1 at cam.ac.uk
Mon Apr 6 15:06:32 UTC 2009
It turns out that rand(3c) in even recent Solaris versions returns
values in the range 0..32767 only. I suppose this is part of Sun's
rather extreme paranoia about backwards compatibility with programs
written before the flood.
The specific thing that brought this to my attention was that, when
using the -j option to dnssec-signzone, I couldn't get jitter of
more than a few hours however large I set the option. isc_random_jitter
in lib/isc/random.c has
return (max - rand() % jitter);
and now it is obvious why that was. There are probably other bad
things happening elsewhere in BIND and its associated utilities.
Sun provided the drand48(3c) routines as an alternative to rand(3c),
even back in the SunOS 4.x days, and they have a better spec. I was
about to write a version of lib/isc/random.c using lrand48() instead
of rand(), but thought I would ask whether anyone has done the same
thing already. Also, a suggestion to ISC that they use lrand48() on
Solaris, in the same way as they use arc4random() if that is available.
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list