From 02b333607971222849f39bcaeb8ee5a8e2a7074e Mon Sep 17 00:00:00 2001 From: Konstantin Ryabitsev Date: Tue, 14 Jun 2022 17:13:52 -0400 Subject: Lowercase identities for comparison When performing attestor identity comparisons, lowercase email addresses and domain names for case-insensitive matching. Signed-off-by: Konstantin Ryabitsev --- b4/__init__.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/b4/__init__.py b/b4/__init__.py index c8189b1..00419be 100644 --- a/b4/__init__.py +++ b/b4/__init__.py @@ -1779,7 +1779,7 @@ class LoreAttestor: else: mode = self.mode - return '%s/%s' % (mode, self.identity) + return '%s/%s' % (mode, self.identity.lower()) def check_time_drift(self, emldate, maxdays: int = 30) -> bool: if not self.passing or self.signtime is None: @@ -1800,13 +1800,13 @@ class LoreAttestor: return False if self.level == 'domain': - if emlfrom.endswith('@' + self.identity): + if emlfrom.lower().endswith('@' + self.identity.lower()): logger.debug('PASS : sig domain %s matches from identity %s', self.identity, emlfrom) return True self.errors.append('signing domain %s does not match From: %s' % (self.identity, emlfrom)) return False - if emlfrom == self.identity: + if emlfrom.lower() == self.identity.lower(): logger.debug('PASS : sig identity %s matches from identity %s', self.identity, emlfrom) return True self.errors.append('signing identity %s does not match From: %s' % (self.identity, emlfrom)) -- cgit v1.2.3