From 83a2fc901136b9da68f50a5a2c9ae1f45dbf5e97 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 16 Apr 2022 19:06:20 +0200 Subject: salt-minion: T4364: issue warning - do not use sha1 hashing algorithm --- python/vyos/base.py | 8 +++++++- src/conf_mode/salt-minion.py | 4 ++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/python/vyos/base.py b/python/vyos/base.py index fd22eaccd..78067d5b2 100644 --- a/python/vyos/base.py +++ b/python/vyos/base.py @@ -1,4 +1,4 @@ -# Copyright 2018-2021 VyOS maintainers and contributors +# Copyright 2018-2022 VyOS maintainers and contributors # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -15,6 +15,12 @@ from textwrap import fill +class Warning(): + def __init__(self, message): + # Reformat the message and trim it to 72 characters in length + message = fill(message, width=72) + print(f'\nWARNING: {message}') + class DeprecationWarning(): def __init__(self, message): # Reformat the message and trim it to 72 characters in length diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py index 1ecc09d34..00b889a11 100755 --- a/src/conf_mode/salt-minion.py +++ b/src/conf_mode/salt-minion.py @@ -20,6 +20,7 @@ from socket import gethostname from sys import exit from urllib3 import PoolManager +from vyos.base import Warning from vyos.config import Config from vyos.configdict import dict_merge from vyos.configverify import verify_interface_exists @@ -68,6 +69,9 @@ def verify(salt): if not salt: return None + if 'hash' in salt and salt['hash'] == 'sha1': + Warning('Do not use sha1 hashing algorithm, upgrade to sha256 or later!') + if 'source_interface' in salt: verify_interface_exists(salt['source_interface']) -- cgit v1.2.3