docs/166497: crypt(3) man page incorrectly documents modular crypt numbers for SHA256, SHA512
Mike Kelly
pioto at pioto.org
Thu Mar 29 17:40:14 UTC 2012
>Number: 166497
>Category: docs
>Synopsis: crypt(3) man page incorrectly documents modular crypt numbers for SHA256, SHA512
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Mar 29 17:40:13 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Mike Kelly
>Release: 9.0-RELEASE
>Organization:
>Environment:
FreeBSD nas.home.pioto.org 9.0-RELEASE FreeBSD 9.0-RELEASE #5: Tue Jan 17 00:17:39 EST 2012 root at nas.home.pioto.org:/usr/obj/usr/src/sys/NAS i386
>Description:
The man page, as currently written, seems to imply that FreeBSD uses $4$ for SHA-256, and $5$ for SHA-512. The section in question currently renders as:
Currently supported algorithms are:
1. MD5
2. Blowfish
3. NT-Hash
4. SHA-256
5. SHA-512
That would be different from what Linux uses, and would be a point of potential confusion. That isn't the case, however; the code confirms that things match up with Linux:
lib/libcrypt/crypt-sha256.c:48:static const char sha256_salt_prefix[] = "$5$";
lib/libcrypt/crypt-sha512.c:48:static const char sha512_salt_prefix[] = "$6$";
So, rather than using what seems to be an auto-numbering formatting in the man page, things should be enumerated explicitly. Or, maybe, some placeholder like "RESERVED" or "UNUSED" should be put into the fourth spot in the list.
>How-To-Repeat:
$ man 3 crypt
>Fix:
diff --git a/lib/libcrypt/crypt.3 b/lib/libcrypt/crypt.3
index d3f89e2..724d482 100644
--- a/lib/libcrypt/crypt.3
+++ b/lib/libcrypt/crypt.3
@@ -189,6 +189,8 @@ Blowfish
.It
NT-Hash
.It
+(Reserved for future use)
+.It
SHA-256
.It
SHA-512
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-doc
mailing list