salt-minion: T4364: issue warning - do not use sha1 hashing algorithm

2 files changed, 11 insertions, 1 deletions

diff --git a/python/vyos/base.py b/python/vyos/base.py
index fd22eaccd..78067d5b2 100644
--- a/python/vyos/base.py
+++ b/python/vyos/base.py
@@ -1,4 +1,4 @@
-# Copyright 2018-2021 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2018-2022 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -15,6 +15,12 @@
 
 from textwrap import fill
 
+class Warning():
+    def __init__(self, message):
+        # Reformat the message and trim it to 72 characters in length
+        message = fill(message, width=72)
+        print(f'\nWARNING: {message}')
+
 class DeprecationWarning():
     def __init__(self, message):
         # Reformat the message and trim it to 72 characters in length
diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py
index 1ecc09d34..00b889a11 100755
--- a/src/conf_mode/salt-minion.py
+++ b/src/conf_mode/salt-minion.py
@@ -20,6 +20,7 @@ from socket import gethostname
 from sys import exit
 from urllib3 import PoolManager
 
+from vyos.base import Warning
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configverify import verify_interface_exists
@@ -68,6 +69,9 @@ def verify(salt):
     if not salt:
         return None
 
+    if 'hash' in salt and salt['hash'] == 'sha1':
+        Warning('Do not use sha1 hashing algorithm, upgrade to sha256 or later!')
+
     if 'source_interface' in salt:
         verify_interface_exists(salt['source_interface'])