You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by he...@apache.org on 2019/06/26 06:49:52 UTC

svn commit: r1862102 - in /spamassassin: branches/3.4/sa-update.raw trunk/sa-update.raw

Author: hege
Date: Wed Jun 26 06:49:51 2019
New Revision: 1862102

URL: http://svn.apache.org/viewvc?rev=1862102&view=rev
Log:
Handle SHA signatures a bit more carefully

Modified:
    spamassassin/branches/3.4/sa-update.raw
    spamassassin/trunk/sa-update.raw

Modified: spamassassin/branches/3.4/sa-update.raw
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.4/sa-update.raw?rev=1862102&r1=1862101&r2=1862102&view=diff
==============================================================================
--- spamassassin/branches/3.4/sa-update.raw (original)
+++ spamassassin/branches/3.4/sa-update.raw Wed Jun 26 06:49:51 2019
@@ -853,8 +853,8 @@ foreach my $channel (@channels) {
   if ( $SHA512 ) {
     # Validate the SHA512 signature
     { local($1);
-      $SHA512 =~ /^([a-fA-F0-9]{128})/;
-      $SHA512 = $1 || 'INVALID';
+      $SHA512 =~ /^([a-fA-F0-9]{128})\b/;
+      $SHA512 = lc($1) || 'INVALID';
     }
     my $digest = sha512_hex($content);
     dbg("sha512: verification wanted: $SHA512");
@@ -868,8 +868,8 @@ foreach my $channel (@channels) {
   if ( $SHA256 ) {
     # Validate the SHA256 signature
     { local($1);
-      $SHA256 =~ /^([a-fA-F0-9]{64})/;
-      $SHA256 = $1 || 'INVALID';
+      $SHA256 =~ /^([a-fA-F0-9]{64})\b/;
+      $SHA256 = lc($1) || 'INVALID';
     }
     my $digest = sha256_hex($content);
     dbg("sha256: verification wanted: $SHA256");

Modified: spamassassin/trunk/sa-update.raw
URL: http://svn.apache.org/viewvc/spamassassin/trunk/sa-update.raw?rev=1862102&r1=1862101&r2=1862102&view=diff
==============================================================================
--- spamassassin/trunk/sa-update.raw (original)
+++ spamassassin/trunk/sa-update.raw Wed Jun 26 06:49:51 2019
@@ -853,8 +853,8 @@ foreach my $channel (@channels) {
   if ( $SHA512 ) {
     # Validate the SHA512 signature
     { local($1);
-      $SHA512 =~ /^([a-fA-F0-9]{128})/;
-      $SHA512 = $1 || 'INVALID';
+      $SHA512 =~ /^([a-fA-F0-9]{128})\b/;
+      $SHA512 = lc($1) || 'INVALID';
     }
     my $digest = sha512_hex($content);
     dbg("sha512: verification wanted: $SHA512");
@@ -868,8 +868,8 @@ foreach my $channel (@channels) {
   if ( $SHA256 ) {
     # Validate the SHA256 signature
     { local($1);
-      $SHA256 =~ /^([a-fA-F0-9]{64})/;
-      $SHA256 = $1 || 'INVALID';
+      $SHA256 =~ /^([a-fA-F0-9]{64})\b/;
+      $SHA256 = lc($1) || 'INVALID';
     }
     my $digest = sha256_hex($content);
     dbg("sha256: verification wanted: $SHA256");