Bug#164889: md5sum <FILE produces spurious ` -' in output

To: debian-ctte@lists.debian.org
Cc: Anthony Towns <aj@azure.humbug.org.au>, Eduard Bloch <edi@gmx.de>, 164889@bugs.debian.org
Subject: Bug#164889: md5sum <FILE produces spurious ` -' in output
From: Ian Jackson <ian@davenant.greenend.org.uk>
Date: Sun, 3 Nov 2002 19:07:36 +0000
Message-id: <[🔎] 15813.29688.963222.333153@davenant.relativity.greenend.org.uk>

I would like to refer bugs #164591 and #164889 (these are merged, and
I'm the submitter of the latter) to the committee.  Below you'll find
my summary of the issue.  (In the summary, `you' refers to the package
maintainer.)

I sent Adam (via the BTS) this summary on the 25th of October, and
asked Adam to comment on it, and chased that up with another mail on
the 30th of October, but he has not responded to the summary.  Indeed,
he has made nearly no substantive response to my points and been, in
my view, very unhelpful.  See the BTS logs for details.

I would like the committee to overrule the maintainer.  In just a
moment I'm going to reopen the bug and reassign it to the committee.

 * The question is, what should  md5sum < filename  do ?
   Using /dev/null as an example, the two behaviours are:

   Bare:         -davenant:~> md5sum </dev/null 
  		 d41d8cd98f00b204e9800998ecf8427e
		 -davenant:~>

   Annotated:    -anarres:~> md5sum </dev/null 
		 d41d8cd98f00b204e9800998ecf8427e  -
		 -anarres:~> 

 * Historical context:

   Debian has used an md5sum in the dpkg package.  This md5sum came
   originally from PGP2.x (circa 1992/1993), and was originally
   written by Colin Plumb.  It produced the bare checksum.

   Some time in the last few years, GNU textutils gained a version of
   md5sum.  This md5sum has slightly different behaviours - it
   interprets unexpected input slightly differently for md5sum -c, and
   it also produces the annotated output in the case at issue.

   As I recall (but I could be wrong) the dpkg md5sum was, when
   textutils gained its own md5sum, briefly retired in favour of the
   textutils one.  However, the dpkg one was quickly restored, mainly
   because of the behavioural differences, including the annotation
   when taking input from stdin.

   Most recently, a version of dpkg has been uploaded whose md5sum has
   been modified to produce the annotated output.

 * You claim that the annotated behaviour is superior.

   You are concerned with compatibility with the textutils md5sum, and
   contend that this is more important than the benefits I cite below.

 * I claim that the annotated behaviour is inferior, for two reasons:

   Firstly, it is less convenient.  When md5sum is used in scripts and
   the like, it is significantly eaiser to use if it doesn't annotate
   the output, but just produces the bare checksum (in hex, with a
   trailing newline, of course).  While the advantage for any
   individual caller is small, the extra complexity and risk of bugs
   is avoidable, and of course there are many callers of md5sum so the
   pain is multiplied.

   Secondly, it is not compatible with existing programs.  Programs
   have been using and relying on the historical behaviour for some
   time, and breaking them is a bad idea.

   I contend that the textutils md5sum should be changed to match the
   PGP2 md5sum (although that's not really a question for Debian).

Thanks,
Ian.

Reply to:

Follow-Ups:
- Re: Bug#164889: md5sum <FILE produces spurious ` -' in output
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

Prev by Date: Re: Bug#161931: kernel-image-2.4.19-k7: VESA driver for console
Next by Date: Processed: refer this one
Previous by thread: Microsoft's plans to kill open source: TCPA
Next by thread: Re: Bug#164889: md5sum <FILE produces spurious ` -' in output
Index(es):
- Date
- Thread