Hi, Graham Leggett schrieb: > To put this into perspective, checking an md5 (or sha1) checksum is > simply a case of doing the following three steps: > > - Run md5sum, or openssl, or perl, or whatever you want, and get the md5 > hash string of the binary you downloaded printed out to your terminal. > > - Using your OS' built in "cut and paste" functionality, cut the > generated md5 checksum. > > - Load the reference hash file from www.apache.org in your browser, and > paste your generated md5 hash into your browser's "find" functionality. > Did the find succeed? If so, the binary matches, and you're done. > > This procedure is really simple, and works almost anywhere. if the reference hash file from www.apache.org is build with gpg then this method fails (and I consider gpg really unusable for this purpose); here are some bad samples which show that gpg breaks lines if the filename is longer: http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.4-win32-x86.zip.sha1 http://www.apache.org/dist/httpd/binaries/win32/mod_ftp-0.9.6-beta-win32-x86.zip.md5 http://www.apache.org/dist/httpd/binaries/win32/mod_ftp-0.9.6-beta-win32-x86.zip.sha1 this looks really horrible to me (and I'm curious if some sed hackers can come up with a hack which can deal with that too).
> If we really want to fix this problem for users of md5sum, we should > rather be teaching md5sum how to read all the various combinations of > inputs out there. I am sure the people who maintain md5sum would be > grateful for the contribution. done - my patch was accepted, and upcoming coreutils releases will be able to accept the openssl format too (thanks Jim Meyering!); the output of *BSD / MacOSX md5 / sha1 is already supported, and beside that the *BSD / MacOSX tools also know of a -r switch which makes their output compatible with coreutils 'standard format'. In addition my OpenSSL patch was accepted too so that future OpenSSL releases will also support a -r switch (thanks Steve!). >> someone is interested in that, or in the script (I post mainly for the >> few users who might hang out here - I know devs prefer to hack their own >> shell scripts, and dont call tools without at least one pipe :) :) ), >> then go here: >> http://www.gknw.net/phpbb/viewtopic.php?t=570 this was also improved some more (f.e. added link to a really nice Java GUI which should run on all Java-aware platforms). Gün.
