Use secure sha256 instead of sha1

Fix for bandit B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function.

Change-Id: I00403d7bd3b40ae00420e6cddcf40f45488284a9
Partial-Bug: #1759250
This commit is contained in:
Oleg Bondarev 2019-08-13 18:10:49 +04:00
parent 1a8fdf355d
commit ab426a791a
1 changed files with 1 additions and 1 deletions

View File

@ -183,7 +183,7 @@ def http_log_req(_logger, args, kwargs):
for (key, value) in six.iteritems(kwargs['headers']):
if key in SENSITIVE_HEADERS:
v = value.encode('utf-8')
h = hashlib.sha1(v)
h = hashlib.sha256(v)
d = h.hexdigest()
value = "{SHA1}%s" % d
header = ' -H "%s: %s"' % (key, value)