[
http://jira.codehaus.org/browse/MNG-2744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_126929
]
Benjamin Bentmann commented on MNG-2744:
----------------------------------------
I forgot to mention: During creation of the IT I noticed that the build will
pass if only the b.pom.sha1 uses the upper-case checksum (i.e. b.jar can be
successfully verified), Maven 2.0.8 merely prints a warning about the checksum
verification although the checksum policies in the POM are set to "fail". Is
this intended behavior or something to create another issue for?
> checksum comparison should be case-insensitive
> ----------------------------------------------
>
> Key: MNG-2744
> URL: http://jira.codehaus.org/browse/MNG-2744
> Project: Maven 2
> Issue Type: Bug
> Components: Artifacts and Repositories
> Affects Versions: 2.0.4
> Reporter: Ian Springer
> Fix For: 2.0.9
>
> Attachments: case-insensitive-checksums-2.0.x.patch,
> case-insensitive-checksums-2.1.x.patch,
> case-insensitive-checksums-2.1.x.patch, mng-2744-it.patch
>
>
> Validation of MD5 and SHA1 checksums should be case-insensitive (since the
> individual characters represent hexadecimal digits). For example:
> [WARNING] *** CHECKSUM FAILED - Checksum failed on download: local =
> '9657ed010cea89caa1e35ae326dfccf28ea007f5'; remote
> = '9657ED010CEA89CAA1E35AE326DFCCF28EA007F5' - RETRYING
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
