Switch random() and rand() to arc4random_uniform() if available

Keep srandom(seed) also if we use arc4random*()

Update doc tcl-commands.rst

Add dietlibc hints to doc COMPILE-GUIDE

Author: michaelortmann

configure.ac

@@ -112,7 +112,7 @@ AX_TYPE_SOCKLEN_T
 AX_CREATE_STDINT_H([eggint.h])
 
 # Checks for functions and their arguments.
-AC_CHECK_FUNCS([clock_gettime dprintf explicit_bzero memset_explicit explicit_memset getrandom inet_aton memset_s snprintf strlcpy vsnprintf])
+AC_CHECK_FUNCS([arc4random_uniform clock_gettime dprintf explicit_bzero memset_explicit explicit_memset getrandom inet_aton memset_s snprintf strlcpy vsnprintf])
 AC_FUNC_SELECT_ARGTYPES
 EGG_FUNC_B64_NTOP
 AC_FUNC_MMAP

doc/COMPILE-GUIDE

@@ -1,5 +1,5 @@
 Eggdrop Compile Guide and FAQ
-Last revised: May 14, 2023
+Last revised: Jan 31, 2025
     _____________________________________________________________________
 
                         Eggdrop Compile Guide and FAQ
@@ -48,6 +48,9 @@ Last revised: May 14, 2023
      13. I get '/usr/bin/ld: cannot find -lpthread' (OpenWrt)
      14. I get 'configure: error: C compiler cannot create executables
          (Alpine Linux)
+     15. I get 'checking build system type... Invalid configuration
+         'x86_64-pc-linux-dietlibc': OS 'dietlibc' not recognized (dietlibc)
+     16. I get 'error: implicit declaration of function ‘srandom’' (dietlibc)
 
 
   Compile Guide
@@ -580,6 +583,15 @@ Last revised: May 14, 2023
 
       Install the musl c library implementation used by Alpine:
         apk add musl-dev
+
+    15. I get 'checking build system type... Invalid configuration
+        'x86_64-pc-linux-dietlibc': OS 'dietlibc' not recognized (dietlibc)
+
+      ./configure --build=x86_64-pc-linux-gnu
+
+    16 I get 'error: implicit declaration of function ‘srandom’' (dietlibc)
+
+      Add -D_BSD_SOURCE
     _____________________________________________________________________
 
    Copyright (C) 1997 Robey Pointer

doc/sphinx_source/using/tcl-commands.rst

@@ -2443,7 +2443,7 @@ myip
 rand <limit>
 ^^^^^^^^^^^^
 
-  Returns: a random integer between 0 and limit-1. Limit must be greater than 0 and equal to or less than RAND_MAX, which is generally 2147483647. The underlying pseudo-random number generator is not cryptographically secure.
+  Returns: a random integer between 0 and limit-1. Limit must be greater than 0 and equal to or less than RAND_MAX, which is generally 2147483647. If arc4random_uniform() is available and is a cryptographically secure pseudorandom number generator (CSPRNG) then this function will also be and return uniformly distributed (avoiding modulo bias) values. Otherwise not. In other words, this function rolls the dice as good as it can and probably better than any AI.
 
   Module: core
 

src/eggdrop.h

@@ -187,6 +187,19 @@
 #include <time.h> /* POSIX 2001 */
 #include <sys/resource.h> /* getrusage() setrlimit() after time.h because of BSD */
 
+/* On systems with random(), RANDOM_MAX may or may not be defined.
+ *
+ * If RANDOM_MAX isn't defined, we use 0x7FFFFFFF (2^31-1), or 2147483647
+ * since this follows the 4.3BSD and POSIX.1-2001 standards. This of course
+ * assumes random() uses a 32 bit long int type per the standards.
+ */
+#ifndef RANDOM_MAX
+#  define RANDOM_MAX 0x7FFFFFFF  /* random() -- 2^31-1 */
+#endif
+
+#ifdef HAVE_ARC4RANDOM_UNIFORM
+  #define randint arc4random_uniform
+#else
 /* Yikes...who would have thought finding a usable random() would be so much
  * trouble?
  * Note: random() is *not* thread safe.
@@ -199,24 +212,13 @@
 #  undef HAVE_SRANDOM
 #endif
 
-/* On systems with random(), RANDOM_MAX may or may not be defined.
- *
- * If RANDOM_MAX isn't defined, we use 0x7FFFFFFF (2^31-1), or 2147483647
- * since this follows the 4.3BSD and POSIX.1-2001 standards. This of course
- * assumes random() uses a 32 bit long int type per the standards.
- */
-#ifndef RANDOM_MAX
-#  define RANDOM_MAX 0x7FFFFFFF  /* random() -- 2^31-1 */
-#endif
-
-
 /* Use high-order bits for getting the random integer. With a modern
  * random() implementation, modulo would probably be sufficient, but on
  * systems lacking random(), it may just be a macro for an older rand()
  * function.
  */
-#define randint(n) (unsigned long) (random() / (RANDOM_MAX + 1.0) * n)
-
+  #define randint(n) (uint32_t) (random() / (RANDOM_MAX + 1.0) * n)
+#endif /* HAVE_ARC4RANDOM_UNIFORM */
 
 #ifdef TLS
 #  include <openssl/ssl.h>

src/main.c

@@ -63,9 +63,11 @@
 #include "modules.h"
 #include "bg.h"
 
+#ifndef HAVE_ARC4RANDOM_UNIFORM
 #ifdef HAVE_GETRANDOM
 #  include <sys/random.h>
 #endif
+#endif /* HAVE_ARC4RANDOM_UNIFORM */
 
 #ifndef _POSIX_SOURCE
 #  define _POSIX_SOURCE 1               /* Solaris needs this */
@@ -916,8 +918,13 @@ static void mainloop(int toplevel)
   }
 }
 
+/* We keep srandom(seed) also if we use arc4random*() because 3rd party modules
+ * could use random() and rely on eggdrop core seeding it */
 static void init_random(void) {
   unsigned int seed;
+#ifdef HAVE_ARC4RANDOM_UNIFORM
+  seed = arc4random();
+#else
 #ifdef HAVE_GETRANDOM
   if (getrandom(&seed, sizeof seed, 0) != (sizeof seed)) {
     if (errno != ENOSYS) {
@@ -940,9 +947,11 @@ static void init_random(void) {
     }
   }
 #endif
+#endif /* HAVE_ARC4RANDOM_UNIFORM */
   srandom(seed);
 }
 
+
 int main(int arg_c, char **arg_v)
 {
   int i, j, xx;

src/mod/blowfish.mod/blowfish.c

@@ -378,7 +378,7 @@ static char *encrypt_string_cbc(char *key, char *str)
   slen = strlen(str) + 8;
   s = nmalloc(slen + 9);
   for (i = 0; i < 8; ++i) {
-    s[i] = (char) (random() % 256);
+    s[i] = (char) randint(256);
   }
   strcpy(s + 8, str);
   if ((!key) || (!key[0]))

src/mod/uptime.mod/uptime.c

@@ -79,7 +79,7 @@ static int minutes = 0;
 static int seconds = 0;
 static int next_seconds = 0;
 static int next_minutes = 0;
-static int update_interval = 720; /* rand(0..12) hours: ~6 hour average. */
+static int update_interval = 12 * 60 * 60; /* randint(0..12) hours: ~6 hour average. */
 static time_t next_update = 0;
 static int uptimesock;
 static int uptimecount;
@@ -161,10 +161,7 @@ static int init_uptime(void)
   }
   fcntl(uptimesock, F_SETFL, O_NONBLOCK | fcntl(uptimesock, F_GETFL));
 
-  next_minutes = rand() % update_interval; /* Initial update delay */
-  next_seconds = rand() % 59;
-  next_update = (time_t) ((time(NULL) / 60 * 60) + (next_minutes * 60) +
-    next_seconds);
+  next_update = (time_t) ((time(NULL) / 60 * 60) + randint(update_interval));
 
   return 0;
 }
@@ -251,10 +248,7 @@ void check_secondly()
 
     minutes = 0; /* Reset for the next countdown. */
     seconds = 0;
-    next_minutes = rand() % update_interval;
-    next_seconds = rand() % 59;
-    next_update = (time_t) ((time(NULL) / 60 * 60) + (next_minutes * 60) +
-      next_seconds);
+    next_update = (time_t) ((time(NULL) / 60 * 60) + randint(update_interval));
 
     /* Go back to checking every minute. */
     add_hook(HOOK_MINUTELY, (Function) check_minutely);

src/tclmisc.c

@@ -455,8 +455,6 @@ static int tcl_myip STDVAR
 static int tcl_rand STDVAR
 {
   long i;
-  unsigned long x;
-  char s[11];
 
   BADARGS(2, 2, " limit");
 
@@ -471,11 +469,7 @@ static int tcl_rand STDVAR
     return TCL_ERROR;
   }
 
-  x = randint(i);
-
-  egg_snprintf(s, sizeof s, "%lu", x);
-
-  Tcl_AppendResult(irp, s, NULL);
+  Tcl_SetObjResult(interp, Tcl_NewIntObj(randint(i)));
   return TCL_OK;
 }