From 0a4d0898091e9a6ff584f14d310a13f61fb3d9a3 Mon Sep 17 00:00:00 2001
From: CoolStar <coolstarorganization@gmail.com>
Date: Thu, 10 May 2018 17:19:42 -0700
Subject: Treat SHA1 as Weak rather than untrusted. Add hardcoded exceptions
 for Modmyi/Zodttd/Bigboss to silence errors

---
 methods/gpgv.cc | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index f66e3356f..e9f3c9d07 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -68,7 +68,7 @@ struct Digest {
 static constexpr Digest Digests[] = {
    {Digest::State::Untrusted, "Invalid digest"},
    {Digest::State::Untrusted, "MD5"},
-   {Digest::State::Untrusted, "SHA1"},
+   {Digest::State::Weak, "SHA1"},
    {Digest::State::Untrusted, "RIPE-MD/160"},
    {Digest::State::Trusted, "Reserved digest"},
    {Digest::State::Trusted, "Reserved digest"},
@@ -233,6 +233,13 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
          auto const sig = tokens[0];
          // Reject weak digest algorithms
          Digest digest = FindDigest(tokens[7]);
+         if (sig == "CFC100B9AA5CDC6430F2E9B5AA011AC1718BABDF" || //ZodTTD
+            sig == "EB22AD483B83E9A7460D86F387F92E166197E890" || //ModMyi
+            sig == "A9C96A37115894A23B894107694D17D38764B4F4"){ //BigBoss
+            if (tokens[7] == "2"){
+               digest = {Digest::State::Trusted, "SHA1"};
+            }
+         }
          switch (digest.getState()) {
          case Digest::State::Weak:
             // Treat them like an expired key: For that a message about expiry
-- 
cgit v1.2.3