diff hgext/sqlitestore.py @ 44062:2d49482d0dd4

hgext: replace references to hashlib.sha1 with hashutil.sha1 When in a non-pure build of Mercurial, this will provide protections against SHA1 collision attacks. Differential Revision: https://phab.mercurial-scm.org/D7851
author Augie Fackler <augie@google.com>
date Mon, 13 Jan 2020 14:12:31 -0500
parents adde839cc54f
children 77b8588dd84e
line wrap: on
line diff
--- a/hgext/sqlitestore.py	Mon Jan 13 17:16:54 2020 -0500
+++ b/hgext/sqlitestore.py	Mon Jan 13 14:12:31 2020 -0500
@@ -45,7 +45,6 @@
 
 from __future__ import absolute_import
 
-import hashlib
 import sqlite3
 import struct
 import threading
@@ -75,7 +74,10 @@
     repository,
     util as interfaceutil,
 )
-from mercurial.utils import storageutil
+from mercurial.utils import (
+    hashutil,
+    storageutil,
+)
 
 try:
     from mercurial import zstd
@@ -807,7 +809,7 @@
                 self._db, pathid, node, {}, {-1: None}, zstddctx=self._dctx
             )
 
-            deltahash = hashlib.sha1(fulltext).digest()
+            deltahash = hashutil.sha1(fulltext).digest()
 
             if self._compengine == b'zstd':
                 deltablob = self._cctx.compress(fulltext)
@@ -837,7 +839,7 @@
 
         # Now create the tombstone delta and replace the delta on the censored
         # node.
-        deltahash = hashlib.sha1(tombstone).digest()
+        deltahash = hashutil.sha1(tombstone).digest()
         tombstonedeltaid = insertdelta(
             self._db, COMPRESSION_NONE, deltahash, tombstone
         )
@@ -1004,7 +1006,7 @@
         # us to de-duplicate. The table is configured to ignore conflicts
         # and it is faster to just insert and silently noop than to look
         # first.
-        deltahash = hashlib.sha1(delta).digest()
+        deltahash = hashutil.sha1(delta).digest()
 
         if self._compengine == b'zstd':
             deltablob = self._cctx.compress(delta)