Mercurial > hg-stable
diff hgext/sqlitestore.py @ 44062:2d49482d0dd4
hgext: replace references to hashlib.sha1 with hashutil.sha1
When in a non-pure build of Mercurial, this will provide protections
against SHA1 collision attacks.
Differential Revision: https://phab.mercurial-scm.org/D7851
author | Augie Fackler <augie@google.com> |
---|---|
date | Mon, 13 Jan 2020 14:12:31 -0500 |
parents | adde839cc54f |
children | 77b8588dd84e |
line wrap: on
line diff
--- a/hgext/sqlitestore.py Mon Jan 13 17:16:54 2020 -0500 +++ b/hgext/sqlitestore.py Mon Jan 13 14:12:31 2020 -0500 @@ -45,7 +45,6 @@ from __future__ import absolute_import -import hashlib import sqlite3 import struct import threading @@ -75,7 +74,10 @@ repository, util as interfaceutil, ) -from mercurial.utils import storageutil +from mercurial.utils import ( + hashutil, + storageutil, +) try: from mercurial import zstd @@ -807,7 +809,7 @@ self._db, pathid, node, {}, {-1: None}, zstddctx=self._dctx ) - deltahash = hashlib.sha1(fulltext).digest() + deltahash = hashutil.sha1(fulltext).digest() if self._compengine == b'zstd': deltablob = self._cctx.compress(fulltext) @@ -837,7 +839,7 @@ # Now create the tombstone delta and replace the delta on the censored # node. - deltahash = hashlib.sha1(tombstone).digest() + deltahash = hashutil.sha1(tombstone).digest() tombstonedeltaid = insertdelta( self._db, COMPRESSION_NONE, deltahash, tombstone ) @@ -1004,7 +1006,7 @@ # us to de-duplicate. The table is configured to ignore conflicts # and it is faster to just insert and silently noop than to look # first. - deltahash = hashlib.sha1(delta).digest() + deltahash = hashutil.sha1(delta).digest() if self._compengine == b'zstd': deltablob = self._cctx.compress(delta)