samba-tool user: hashlib.sha1 is always present

We maybe thought we were checking that sha1 was in hashlib, but we were
only checking that hashlib is in the Python library (`hashlib.sha1()`
would not raise ImportError).

The documentation says hashlib always contains sha1 -- if that
changes, it is better we know by failing noisily with the import error
at the top of the file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15756

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/python/samba/netcmd/user/readpasswords/common.py b/python/samba/netcmd/user/readpasswords/common.py
index 0e68d042a55f06c6f34516b0c1c2f0955319d0b1..a6cfcb6c5d350ce6d78ea589dc5e17520cb93e66 100644 (file)
--- a/python/samba/netcmd/user/readpasswords/common.py
+++ b/python/samba/netcmd/user/readpasswords/common.py
@@ -26,6 +26,7 @@ import datetime
 import errno
 import io
 import os
+from hashlib import sha1
 
 import ldb
 from samba import credentials, nttime2float
@@ -141,17 +142,8 @@ def get_crypt_value(alg, utf8pw, rounds=0):
     return crypt_value
 
 
-try:
-    import hashlib
-    hashlib.sha1()
-    virtual_attributes["virtualSSHA"] = {
-    }
-except ImportError as e:
-    reason = "hashlib.sha1()"
-    reason += " required"
-    disabled_virtual_attributes["virtualSSHA"] = {
-        "reason": reason,
-    }
+
+virtual_attributes["virtualSSHA"] = {}
 
 for (alg, attr) in [("5", "virtualCryptSHA256"), ("6", "virtualCryptSHA512")]:
     try:
@@ -740,7 +732,7 @@ class GetPasswordCommand(Command):
                 if u8 is None:
                     continue
                 salt = os.urandom(4)
-                h = hashlib.sha1()
+                h = sha1()
                 h.update(u8)
                 h.update(salt)
                 bv = h.digest() + salt