From 4af4dd8135e8edbe2a16cfdfc7ded8c145c82e98 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Wed, 11 Dec 2024 15:56:20 +1300 Subject: [PATCH] samba-tool user: hashlib.sha1 is always present We maybe thought we were checking that sha1 was in hashlib, but we were only checking that hashlib is in the Python library (`hashlib.sha1()` would not raise ImportError). The documentation says hashlib always contains sha1 -- if that changes, it is better we know by failing noisily with the import error at the top of the file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15756 Signed-off-by: Douglas Bagnall Reviewed-by: Andreas Schneider --- python/samba/netcmd/user/readpasswords/common.py | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/python/samba/netcmd/user/readpasswords/common.py b/python/samba/netcmd/user/readpasswords/common.py index 0e68d042a55..a6cfcb6c5d3 100644 --- a/python/samba/netcmd/user/readpasswords/common.py +++ b/python/samba/netcmd/user/readpasswords/common.py @@ -26,6 +26,7 @@ import datetime import errno import io import os +from hashlib import sha1 import ldb from samba import credentials, nttime2float @@ -141,17 +142,8 @@ def get_crypt_value(alg, utf8pw, rounds=0): return crypt_value -try: - import hashlib - hashlib.sha1() - virtual_attributes["virtualSSHA"] = { - } -except ImportError as e: - reason = "hashlib.sha1()" - reason += " required" - disabled_virtual_attributes["virtualSSHA"] = { - "reason": reason, - } + +virtual_attributes["virtualSSHA"] = {} for (alg, attr) in [("5", "virtualCryptSHA256"), ("6", "virtualCryptSHA512")]: try: @@ -740,7 +732,7 @@ class GetPasswordCommand(Command): if u8 is None: continue salt = os.urandom(4) - h = hashlib.sha1() + h = sha1() h.update(u8) h.update(salt) bv = h.digest() + salt -- 2.47.3