# HG changeset patch
# User Augie Fackler <augie@google.com>
# Date 1578953814 18000
# Node ID cbc5755df6bfd1d394e6aede5369f2c7a02a725d
# Parent  a61287a95dc33a40f76e01eb27c792fb2c2b1bc0
sslutil: migrate to hashutil.sha1 instead of hashlib.sha1

This is a straight-line replacement like the others, but I split it
out since it's used in a network context and I'm not sure this is
appropriate (we should probably drop support for sha1
fingerprints over TLS) and wanted this to be easily dropped.

Differential Revision: https://phab.mercurial-scm.org/D7850

diff -r a61287a95dc3 -r cbc5755df6bf mercurial/sslutil.py
--- a/mercurial/sslutil.py	Mon Jan 13 17:15:14 2020 -0500
+++ b/mercurial/sslutil.py	Mon Jan 13 17:16:54 2020 -0500
@@ -24,6 +24,7 @@
     util,
 )
 from .utils import (
+    hashutil,
     resourceutil,
     stringutil,
 )
@@ -949,7 +950,7 @@
     # If a certificate fingerprint is pinned, use it and only it to
     # validate the remote cert.
     peerfingerprints = {
-        b'sha1': node.hex(hashlib.sha1(peercert).digest()),
+        b'sha1': node.hex(hashutil.sha1(peercert).digest()),
         b'sha256': node.hex(hashlib.sha256(peercert).digest()),
         b'sha512': node.hex(hashlib.sha512(peercert).digest()),
     }