You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by he...@apache.org on 2019/06/26 06:49:52 UTC
svn commit: r1862102 - in /spamassassin: branches/3.4/sa-update.raw
trunk/sa-update.raw
Author: hege
Date: Wed Jun 26 06:49:51 2019
New Revision: 1862102
URL: http://svn.apache.org/viewvc?rev=1862102&view=rev
Log:
Handle SHA signatures a bit more carefully
Modified:
spamassassin/branches/3.4/sa-update.raw
spamassassin/trunk/sa-update.raw
Modified: spamassassin/branches/3.4/sa-update.raw
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.4/sa-update.raw?rev=1862102&r1=1862101&r2=1862102&view=diff
==============================================================================
--- spamassassin/branches/3.4/sa-update.raw (original)
+++ spamassassin/branches/3.4/sa-update.raw Wed Jun 26 06:49:51 2019
@@ -853,8 +853,8 @@ foreach my $channel (@channels) {
if ( $SHA512 ) {
# Validate the SHA512 signature
{ local($1);
- $SHA512 =~ /^([a-fA-F0-9]{128})/;
- $SHA512 = $1 || 'INVALID';
+ $SHA512 =~ /^([a-fA-F0-9]{128})\b/;
+ $SHA512 = lc($1) || 'INVALID';
}
my $digest = sha512_hex($content);
dbg("sha512: verification wanted: $SHA512");
@@ -868,8 +868,8 @@ foreach my $channel (@channels) {
if ( $SHA256 ) {
# Validate the SHA256 signature
{ local($1);
- $SHA256 =~ /^([a-fA-F0-9]{64})/;
- $SHA256 = $1 || 'INVALID';
+ $SHA256 =~ /^([a-fA-F0-9]{64})\b/;
+ $SHA256 = lc($1) || 'INVALID';
}
my $digest = sha256_hex($content);
dbg("sha256: verification wanted: $SHA256");
Modified: spamassassin/trunk/sa-update.raw
URL: http://svn.apache.org/viewvc/spamassassin/trunk/sa-update.raw?rev=1862102&r1=1862101&r2=1862102&view=diff
==============================================================================
--- spamassassin/trunk/sa-update.raw (original)
+++ spamassassin/trunk/sa-update.raw Wed Jun 26 06:49:51 2019
@@ -853,8 +853,8 @@ foreach my $channel (@channels) {
if ( $SHA512 ) {
# Validate the SHA512 signature
{ local($1);
- $SHA512 =~ /^([a-fA-F0-9]{128})/;
- $SHA512 = $1 || 'INVALID';
+ $SHA512 =~ /^([a-fA-F0-9]{128})\b/;
+ $SHA512 = lc($1) || 'INVALID';
}
my $digest = sha512_hex($content);
dbg("sha512: verification wanted: $SHA512");
@@ -868,8 +868,8 @@ foreach my $channel (@channels) {
if ( $SHA256 ) {
# Validate the SHA256 signature
{ local($1);
- $SHA256 =~ /^([a-fA-F0-9]{64})/;
- $SHA256 = $1 || 'INVALID';
+ $SHA256 =~ /^([a-fA-F0-9]{64})\b/;
+ $SHA256 = lc($1) || 'INVALID';
}
my $digest = sha256_hex($content);
dbg("sha256: verification wanted: $SHA256");