On 18.09.2014 21:23, Larry Martell wrote: > On Thu, Sep 18, 2014 at 11:18 AM, Chris Angelico <ros...@gmail.com> wrote: >> On Fri, Sep 19, 2014 at 3:07 AM, Steven D'Aprano >> <steve+comp.lang.pyt...@pearwood.info> wrote: >>> but I expect that's probably not where the problem lies. My *wild guess* is >>> that your system updated SSL, and removed some underlying SHA-1 library >>> needed by hashlib. SHA-1 is pretty old, and there is now a known attack on >>> it, so some over-zealous security update may have removed it. >> >> Or, more likely, the actual code for sha1 is imported from somewhere >> else, and *that* module is what's been shadowed. What happens if you >> change directory to something with absolutely no .py files in it, then >> start interactive Python and try importing hashlib? Maybe you have an >> openssl.py or something. > > I still get the same error.
The Python's implementation of SHA-1 either comes from _hashlib (which wraps OpenSSL) or from _sha (which uses code from LibTomCrypt and doesn't require external dependencies. Python 2.7 doesn't have a _sha module if OpenSSL is available at compile time. Please try to import _hashlib and see what happens. On Linux: >>> import _hashlib >>> _hashlib.__file__ '/usr/lib/python2.7/lib-dynload/_hashlib.x86_64-linux-gnu.so' >>> _hashlib.openssl_sha1() <sha1 HASH object @ 0x7eff3e5a8300> >>> _hashlib.openssl_sha1().hexdigest() 'da39a3ee5e6b4b0d3255bfef95601890afd80709' -- https://mail.python.org/mailman/listinfo/python-list
