[ http://jira.codehaus.org/browse/MNG-2744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_126929 ]
Benjamin Bentmann commented on MNG-2744: ---------------------------------------- I forgot to mention: During creation of the IT I noticed that the build will pass if only the b.pom.sha1 uses the upper-case checksum (i.e. b.jar can be successfully verified), Maven 2.0.8 merely prints a warning about the checksum verification although the checksum policies in the POM are set to "fail". Is this intended behavior or something to create another issue for? > checksum comparison should be case-insensitive > ---------------------------------------------- > > Key: MNG-2744 > URL: http://jira.codehaus.org/browse/MNG-2744 > Project: Maven 2 > Issue Type: Bug > Components: Artifacts and Repositories > Affects Versions: 2.0.4 > Reporter: Ian Springer > Fix For: 2.0.9 > > Attachments: case-insensitive-checksums-2.0.x.patch, > case-insensitive-checksums-2.1.x.patch, > case-insensitive-checksums-2.1.x.patch, mng-2744-it.patch > > > Validation of MD5 and SHA1 checksums should be case-insensitive (since the > individual characters represent hexadecimal digits). For example: > [WARNING] *** CHECKSUM FAILED - Checksum failed on download: local = > '9657ed010cea89caa1e35ae326dfccf28ea007f5'; remote > = '9657ED010CEA89CAA1E35AE326DFCCF28EA007F5' - RETRYING -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira