Mercurial > hg-stable
changeset 44061:cbc5755df6bf
sslutil: migrate to hashutil.sha1 instead of hashlib.sha1
This is a straight-line replacement like the others, but I split it
out since it's used in a network context and I'm not sure this is
appropriate (we should probably drop support for sha1
fingerprints over TLS) and wanted this to be easily dropped.
Differential Revision: https://phab.mercurial-scm.org/D7850
| author | Augie Fackler <augie@google.com> |
|---|---|
| date | Mon, 13 Jan 2020 17:16:54 -0500 |
| parents | a61287a95dc3 |
| children | 2d49482d0dd4 |
| files | mercurial/sslutil.py |
| diffstat | 1 files changed, 2 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/sslutil.py Mon Jan 13 17:15:14 2020 -0500 +++ b/mercurial/sslutil.py Mon Jan 13 17:16:54 2020 -0500 @@ -24,6 +24,7 @@ util, ) from .utils import ( + hashutil, resourceutil, stringutil, ) @@ -949,7 +950,7 @@ # If a certificate fingerprint is pinned, use it and only it to # validate the remote cert. peerfingerprints = { - b'sha1': node.hex(hashlib.sha1(peercert).digest()), + b'sha1': node.hex(hashutil.sha1(peercert).digest()), b'sha256': node.hex(hashlib.sha256(peercert).digest()), b'sha512': node.hex(hashlib.sha512(peercert).digest()), }