Changeset - 3a12df6cbf30
Parent rev.
Child rev.
[Not reviewed]
default
0 2 0
Mads Kiilerich (mads) - 6 years ago 2020-06-11 21:15:07
mads@kiilerich.com
Grafted from: d479422fca87
lib: use sha1 instead of md5 in a couple of places

md5 is dead and should be avoided. In the places changed here, we want to keep
using hashes without trivial collisions, but do not expect strong crypto
security. sha1 seems like a trivial step up from md5 and without obvious
alternatives. It is more expensive than md5, but we can live with that in these
places.

The remaining few uses of md5() cannot be changed without breaking backwards
compatibility or external API.
2 files changed with 4 insertions and 4 deletions:
kallithea/lib/celerylib/__init__.py
2
2
kallithea/lib/markup_renderer.py
2
2
0 comments (0 inline, 0 general)
kallithea/lib/celerylib/__init__.py
Show inline comments
 
@@ -28,7 +28,7 @@ Original author and date, and relevant c
 

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import os

			




	
	
	
		
 
from hashlib import md5

			




	
	
	
		
 
from hashlib import sha1

			




	
	
	
		
 

			




	
	
	
		
 
from decorator import decorator

			




	
	
	
		
 
from tg import config

			




	
	
		
 
@@ -94,7 +94,7 @@ def __get_lockkey(func, *fargs, **fkwarg

			




	
	
	
		
 
    func_name = str(func.__name__) if hasattr(func, '__name__') else str(func)

			




	
	
	
		
 

			




	
	
	
		
 
    lockkey = 'task_%s.lock' % \

			




	
	
	
		
 
        md5(safe_bytes(func_name + '-' + '-'.join(str(x) for x in params))).hexdigest()

			




	
	
	
		
 
        sha1(safe_bytes(func_name + '-' + '-'.join(str(x) for x in params))).hexdigest()

			




	
	
	
		
 
    return lockkey

			




	
	
	
		
 

			




	
	
	
		
 

			




        

    


    
    

    

        

                

                    kallithea/lib/markup_renderer.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -74,13 +74,13 @@ class MarkupRenderer(object):

			




	
	
	
		
 

			




	
	
	
		
 
        :param text:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        from hashlib import md5

			




	
	
	
		
 
        from hashlib import sha1

			




	
	
	
		
 

			




	
	
	
		
 
        # Extract pre blocks.

			




	
	
	
		
 
        extractions = {}

			




	
	
	
		
 

			




	
	
	
		
 
        def pre_extraction_callback(matchobj):

			




	
	
	
		
 
            digest = md5(matchobj.group(0)).hexdigest()

			




	
	
	
		
 
            digest = sha1(matchobj.group(0)).hexdigest()

			




	
	
	
		
 
            extractions[digest] = matchobj.group(0)

			




	
	
	
		
 
            return "{gfm-extraction-%s}" % digest

			




	
	
	
		
 
        pattern = re.compile(r'<pre>.*?</pre>', re.MULTILINE | re.DOTALL)

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-32217
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support