From 1de76afef25d814c84b37045b229326d02915d80 Mon Sep 17 00:00:00 2001 From: Chong Yidong Date: Mon, 9 Jan 2012 15:48:51 +0800 Subject: [PATCH] * lisp/custom.el (custom-safe-themes): Use SHA-256 for hashing. * doc/emacs/custom.texi (Custom Themes): Switched custom-safe-themes to use SHA-256. --- doc/emacs/ChangeLog | 5 +++++ doc/emacs/custom.texi | 2 +- lisp/custom.el | 4 ++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/doc/emacs/ChangeLog b/doc/emacs/ChangeLog index cd0d30615a2..ad49224e0d3 100644 --- a/doc/emacs/ChangeLog +++ b/doc/emacs/ChangeLog @@ -1,3 +1,8 @@ +2012-01-09 Chong Yidong + + * custom.texi (Custom Themes): Switched custom-safe-themes to use + SHA-256. + 2012-01-07 Chong Yidong * display.texi (Useless Whitespace): Add Whitespace mode. diff --git a/doc/emacs/custom.texi b/doc/emacs/custom.texi index 1d75be4dd8c..82a63996a64 100644 --- a/doc/emacs/custom.texi +++ b/doc/emacs/custom.texi @@ -598,7 +598,7 @@ the theme file and asks if you really want to load it. Because loading a Custom theme can execute arbitrary Lisp code, you should only say yes if you know that the theme is safe; in that case, Emacs offers to remember in the future that the theme is safe (this is done -by saving the theme file's SHA1 hash to the variable +by saving the theme file's SHA-256 hash to the variable @code{custom-safe-themes}; if you want to treat all themes as safe, change its value to @code{t}). Themes that come with Emacs (in the @file{etc/themes} directory) are exempt from this check, and are diff --git a/lisp/custom.el b/lisp/custom.el index d3752789e28..2ccfe094933 100644 --- a/lisp/custom.el +++ b/lisp/custom.el @@ -1105,7 +1105,7 @@ property `theme-feature' (which is usually a symbol created by (defcustom custom-safe-themes '(default) "Themes that are considered safe to load. -If the value is a list, each element should be either the `sha1' +If the value is a list, each element should be either the SHA-256 hash of a safe theme file, or the symbol `default', which stands for any theme in the built-in Emacs theme directory (a directory named \"themes\" in `data-directory'). @@ -1161,7 +1161,7 @@ Return t if THEME was successfully loaded, nil otherwise." (error "Unable to find theme file for `%s'" theme)) (with-temp-buffer (insert-file-contents fn) - (setq hash (sha1 (current-buffer))) + (setq hash (secure-hash 'sha256 (current-buffer))) ;; Check file safety with `custom-safe-themes', prompting the ;; user if necessary. (when (or no-confirm -- 2.39.2