Use secure sha256 instead of sha1

Fix for bandit B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function. Change-Id: I00403d7bd3b40ae00420e6cddcf40f45488284a9 Partial-Bug: #1759250 (cherry picked from commit ab426a791a) (cherry picked from commit 62f4868e6e)
2019-08-13 18:10:49 +04:00 · 2019-08-13 18:10:49 +04:00 · 450039b7f9
parent 08a26a00f2
commit 450039b7f9
1 changed files with 2 additions and 2 deletions
--- a/neutronclient/common/utils.py
+++ b/neutronclient/common/utils.py
@ -183,9 +183,9 @@ def http_log_req(_logger, args, kwargs):
    for (key, value) in six.iteritems(kwargs['headers']):
        if key in SENSITIVE_HEADERS:
            v = value.encode('utf-8')
-            h = hashlib.sha1(v)
+            h = hashlib.sha256(v)
            d = h.hexdigest()
-            value = "{SHA1}%s" % d
+            value = "{SHA256}%s" % d
        header = ' -H "%s: %s"' % (key, value)
        string_parts.append(header)