Retract #21096, mostly: I had misexplained the situation

to Scott A. Crosby.  Seeing the seed value while not good
for the ultimate paranoia viewpoint is not that bad, as long
as the users are fully aware of the dangers of disclosing
the hash seed.	So hash_seed() is okay.

Being able to see the hash values (as in Java) would
be another option, but dubious: it's not that per-key
hash values themselves are bad to allow scripts to see,
but rather that hash values are just as sensitive (from
the DoSing viewpoint) as the hash seed itself (and there
usually more hash values than the one hash seed....)

p4raw-id: //depot/perl@21112

diff --git a/lib/Hash/Util.pm b/lib/Hash/Util.pm
index 7c528a2..8e8c952 100644 (file)
--- a/lib/Hash/Util.pm
+++ b/lib/Hash/Util.pm
@@ -7,7 +7,7 @@ use Carp;
 require Exporter;
 our @ISA        = qw(Exporter);
 our @EXPORT_OK  = qw(lock_keys unlock_keys lock_value unlock_value
-                     lock_hash unlock_hash hashes_random
+                     lock_hash unlock_hash hash_seed
                     );
 our $VERSION    = 0.05;
 
@@ -20,7 +20,7 @@ Hash::Util - A selection of general-utility hash subroutines
   use Hash::Util qw(lock_keys   unlock_keys
                     lock_value  unlock_value
                     lock_hash   unlock_hash
-                    hashes_random);
+                    hash_seed);
 
   %hash = (foo => 42, bar => 23);
   lock_keys(%hash);
@@ -33,7 +33,7 @@ Hash::Util - A selection of general-utility hash subroutines
   lock_hash  (%hash);
   unlock_hash(%hash);
 
-  my $hashes_random = hashes_random();
+  my $hashes_are_randomised = hash_seed() != 0;
 
 =head1 DESCRIPTION
 
@@ -179,18 +179,18 @@ sub unlock_hash (\%) {
 }
 
 
-=item B<hashes_random>
+=item B<hash_seed>
 
-    my $hashes_random = hashes_random();
+    my $hash_seed = hash_seed();
 
-hashes_random() returns true if Perl hashes are randomised as in Perl
-5.8.1 and later, false if Perl hashes have a predictable order as in
-Perl 5.8.0 and earlier.
+hash_seed() returns the seed number used to randomise hash ordering.
+Zero means the "traditional" random hash ordering, non-zero means the
+new even more random hash ordering introduced in Perl 5.8.1.
 
 =cut
 
-sub hashes_random () {
-    Internals::hashes_random();
+sub hash_seed () {
+    Internals::hash_seed();
 }
 
 =back

diff --git a/lib/Hash/Util.t b/lib/Hash/Util.t
index b1a32a1..48cbc7c 100644 (file)
--- a/lib/Hash/Util.t
+++ b/lib/Hash/Util.t
@@ -6,7 +6,7 @@ BEGIN {
         chdir 't';
     }
 }
-use Test::More tests => 155;
+use Test::More tests => 157;
 use strict;
 
 my @Exported_Funcs;
@@ -14,6 +14,7 @@ BEGIN {
     @Exported_Funcs = qw(lock_keys   unlock_keys
                          lock_value  unlock_value
                          lock_hash   unlock_hash
+                         hash_seed
                         );
     use_ok 'Hash::Util', @Exported_Funcs;
 }
@@ -273,3 +274,5 @@ like( $@, qr/^Attempt to access disallowed key 'I_DONT_EXIST' in a restricted ha
   }
 }
 
+my $hash_seed = hash_seed();
+ok($hash_seed >= 0, "hash_seed $hash_seed");

diff --git a/pod/perlrun.pod b/pod/perlrun.pod
index 299cbf9..7f32e94 100644 (file)
--- a/pod/perlrun.pod
+++ b/pod/perlrun.pod
@@ -1150,7 +1150,7 @@ seed is sensitive information>: by knowing it one can craft a
 denial-of-service attack against Perl code, even remotely, see
 L<perlsec/"Algorithmic Complexity Attacks"> for more information.
 B<Do not disclose the hash seed> to people who don't need to know it.
-See also hashes_random() of L<Hash::Util>.
+See also hash_seed() of L<Hash::Util>.
 
 =item PERL_ROOT (specific to the VMS port)
 

diff --git a/universal.c b/universal.c
index dc9e253..15c408d 100644 (file)
--- a/universal.c
+++ b/universal.c
@@ -187,7 +187,7 @@ XS(XS_Internals_SvREFCNT);
 XS(XS_Internals_hv_clear_placehold);
 XS(XS_PerlIO_get_layers);
 XS(XS_Regexp_DESTROY);
-XS(XS_Internals_hashes_random);
+XS(XS_Internals_hash_seed);
 
 void
 Perl_boot_core_UNIVERSAL(pTHX)
@@ -231,7 +231,7 @@ Perl_boot_core_UNIVERSAL(pTHX)
     newXSproto("PerlIO::get_layers",
                XS_PerlIO_get_layers, file, "*;@");
     newXS("Regexp::DESTROY", XS_Regexp_DESTROY, file);
-    newXSproto("Internals::hashes_random",XS_Internals_hashes_random, file, "");
+    newXSproto("Internals::hash_seed",XS_Internals_hash_seed, file, "");
 }
 
 
@@ -908,9 +908,9 @@ XS(XS_PerlIO_get_layers)
     XSRETURN(0);
 }
 
-XS(XS_Internals_hashes_random)
+XS(XS_Internals_hash_seed)
 {
     dXSARGS;
-    XSRETURN_IV(PL_hash_seed ? 1 : 0);
+    XSRETURN_UV(PL_hash_seed);
 }