Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #78045
| Date | 2014-09-18 22:49 +0200 |
|---|---|
| From | Christian Heimes <christian@python.org> |
| Subject | Re: hashlib suddenly broken |
| References | <mailman.14109.1411057681.18130.python-list@python.org> <541b1158$0$29967$c3e8da3$5496439d@news.astraweb.com> <CAPTjJmrRpkWfkOKVaDQXCJ4cB1KXxKc2F9DLAV2es=dEKfhkyQ@mail.gmail.com> <CACwCsY5kG9AyE9V8SAC09mg=WqX8JZhCoKy7bxkVc0QJBPWQGw@mail.gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.14125.1411073379.18130.python-list@python.org> (permalink) |
On 18.09.2014 21:23, Larry Martell wrote: > On Thu, Sep 18, 2014 at 11:18 AM, Chris Angelico <rosuav@gmail.com> wrote: >> On Fri, Sep 19, 2014 at 3:07 AM, Steven D'Aprano >> <steve+comp.lang.python@pearwood.info> wrote: >>> but I expect that's probably not where the problem lies. My *wild guess* is >>> that your system updated SSL, and removed some underlying SHA-1 library >>> needed by hashlib. SHA-1 is pretty old, and there is now a known attack on >>> it, so some over-zealous security update may have removed it. >> >> Or, more likely, the actual code for sha1 is imported from somewhere >> else, and *that* module is what's been shadowed. What happens if you >> change directory to something with absolutely no .py files in it, then >> start interactive Python and try importing hashlib? Maybe you have an >> openssl.py or something. > > I still get the same error. The Python's implementation of SHA-1 either comes from _hashlib (which wraps OpenSSL) or from _sha (which uses code from LibTomCrypt and doesn't require external dependencies. Python 2.7 doesn't have a _sha module if OpenSSL is available at compile time. Please try to import _hashlib and see what happens. On Linux: >>> import _hashlib >>> _hashlib.__file__ '/usr/lib/python2.7/lib-dynload/_hashlib.x86_64-linux-gnu.so' >>> _hashlib.openssl_sha1() <sha1 HASH object @ 0x7eff3e5a8300> >>> _hashlib.openssl_sha1().hexdigest() 'da39a3ee5e6b4b0d3255bfef95601890afd80709'
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 10:27 -0600
Re: hashlib suddenly broken John Gordon <gordon@panix.com> - 2014-09-18 16:47 +0000
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 13:18 -0600
Re: hashlib suddenly broken John Gordon <gordon@panix.com> - 2014-09-18 20:21 +0000
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 15:30 -0600
Re: hashlib suddenly broken Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-09-19 03:07 +1000
Re: hashlib suddenly broken Chris Angelico <rosuav@gmail.com> - 2014-09-19 03:18 +1000
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 13:22 -0600
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 13:23 -0600
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 13:46 -0600
Re: hashlib suddenly broken Ned Deily <nad@acm.org> - 2014-09-18 13:44 -0700
Re: hashlib suddenly broken Christian Heimes <christian@python.org> - 2014-09-18 22:49 +0200
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 15:38 -0600
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-18 15:39 -0600
Re: hashlib suddenly broken Christian Heimes <christian@python.org> - 2014-09-19 00:17 +0200
Re: hashlib suddenly broken Ned Deily <nad@acm.org> - 2014-09-18 15:19 -0700
Re: hashlib suddenly broken Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-09-19 15:00 +1000
Re: hashlib suddenly broken Larry Martell <larry.martell@gmail.com> - 2014-09-19 09:09 -0600
csiph-web