summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-04-16 19:06:20 +0200
committerChristian Poessinger <christian@poessinger.com>2022-04-16 19:06:20 +0200
commit83a2fc901136b9da68f50a5a2c9ae1f45dbf5e97 (patch)
tree8d13a20be6b62f73b228f2fe40cb1f041a7958d5
parent039e323d7e46f7d8244c42794f713a0bfecbe2d3 (diff)
downloadvyos-1x-83a2fc901136b9da68f50a5a2c9ae1f45dbf5e97.tar.gz
vyos-1x-83a2fc901136b9da68f50a5a2c9ae1f45dbf5e97.zip
salt-minion: T4364: issue warning - do not use sha1 hashing algorithm
-rw-r--r--python/vyos/base.py8
-rwxr-xr-xsrc/conf_mode/salt-minion.py4
2 files changed, 11 insertions, 1 deletions
diff --git a/python/vyos/base.py b/python/vyos/base.py
index fd22eaccd..78067d5b2 100644
--- a/python/vyos/base.py
+++ b/python/vyos/base.py
@@ -1,4 +1,4 @@
-# Copyright 2018-2021 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2018-2022 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -15,6 +15,12 @@
from textwrap import fill
+class Warning():
+ def __init__(self, message):
+ # Reformat the message and trim it to 72 characters in length
+ message = fill(message, width=72)
+ print(f'\nWARNING: {message}')
+
class DeprecationWarning():
def __init__(self, message):
# Reformat the message and trim it to 72 characters in length
diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py
index 1ecc09d34..00b889a11 100755
--- a/src/conf_mode/salt-minion.py
+++ b/src/conf_mode/salt-minion.py
@@ -20,6 +20,7 @@ from socket import gethostname
from sys import exit
from urllib3 import PoolManager
+from vyos.base import Warning
from vyos.config import Config
from vyos.configdict import dict_merge
from vyos.configverify import verify_interface_exists
@@ -68,6 +69,9 @@ def verify(salt):
if not salt:
return None
+ if 'hash' in salt and salt['hash'] == 'sha1':
+ Warning('Do not use sha1 hashing algorithm, upgrade to sha256 or later!')
+
if 'source_interface' in salt:
verify_interface_exists(salt['source_interface'])