Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 29 Mar 2014 09:51:28 GMT
From:      Jamie Landeg-Jones <jamie@dyslexicfish.net>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   docs/188043: man page for md5/sha1/sha256/sha412/rmd-160 cleanup
Message-ID:  <201403290951.s2T9pS9u028622@catnip.dyslexicfish.net>
Resent-Message-ID: <201403291010.s2TAA0B0089016@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         188043
>Category:       docs
>Synopsis:       man page for md5/sha1/sha256/sha412/rmd-160 cleanup
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 29 10:10:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Jamie Landeg-Jones
>Release:        FreeBSD 10.0-STABLE amd64
>Organization:
Dyslexic Fish
>Environment:
System: FreeBSD catnip.dyslexicfish.net 10.0-STABLE FreeBSD 10.0-STABLE #0: Wed Jan 22 09:10:20 GMT 2014 root@catflap.dyslexicfish.net:/usr/obj/usr/src/sys/CATFLAP amd64


	
>Description:

man page shows for -c option: "Compare files to this md5 string."

This is misleading - the string needs to be in the same format as the digest command being used.

I suggest something like:

"Compare the files message digest to this string."

Also, suggest updating the date relating to known exploits.

>How-To-Repeat:

man sha1
man sha256
man sha512
man rmd-160
>Fix:

Apply attached patch suggestion

	

--- patch-md5.1 begins here ---
--- md5.1.orig	2014-02-17 01:41:53.000000000 +0000
+++ md5.1	2014-03-29 09:35:16.000000000 +0000
@@ -63,12 +63,12 @@
 This also means that
 .Tn MD5
 should not be used as part of a cryptographic signature scheme.
-At the current time (2009-01-06) there is no publicly known method to
+At the current time (2014-03-28) there is no publicly known method to
 .Dq reverse
 MD5, i.e., to find an input given a hash value.
 .Pp
 .Tn SHA-1
-currently (2009-01-06) has no known collisions, but an attack has been
+currently (2014-03-28) has no known collisions, but an attack has been
 found which is faster than a brute-force search, placing the security of
 .Tn SHA-1
 in doubt.
@@ -83,7 +83,7 @@
 after the options are processed.
 .Bl -tag -width indent
 .It Fl c Ar string
-Compare files to this md5 string.
+Compare the files message digest to this string.
 (Note that this option is not yet useful if multiple files are specified.)
 .It Fl s Ar string
 Print a checksum of the given
--- patch-md5.1 ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403290951.s2T9pS9u028622>