diff options
| author | Chong Yidong <cyd@gnu.org> | 2012-01-09 15:48:51 +0800 |
|---|---|---|
| committer | Chong Yidong <cyd@gnu.org> | 2012-01-09 15:48:51 +0800 |
| commit | 1de76afef25d814c84b37045b229326d02915d80 (patch) | |
| tree | 2be69192b0b3b03bdff0c8e4cc878bf668820a1e | |
| parent | 6a43ef8e8508df7d732e639ec75f657f4363e27a (diff) | |
| download | emacs-1de76afef25d814c84b37045b229326d02915d80.tar.gz emacs-1de76afef25d814c84b37045b229326d02915d80.tar.bz2 emacs-1de76afef25d814c84b37045b229326d02915d80.zip | |
* lisp/custom.el (custom-safe-themes): Use SHA-256 for hashing.
* doc/emacs/custom.texi (Custom Themes): Switched custom-safe-themes
to use SHA-256.
| -rw-r--r-- | doc/emacs/ChangeLog | 5 | ||||
| -rw-r--r-- | doc/emacs/custom.texi | 2 | ||||
| -rw-r--r-- | lisp/custom.el | 4 |
3 files changed, 8 insertions, 3 deletions
diff --git a/doc/emacs/ChangeLog b/doc/emacs/ChangeLog index cd0d30615a2..ad49224e0d3 100644 --- a/doc/emacs/ChangeLog +++ b/doc/emacs/ChangeLog @@ -1,3 +1,8 @@ +2012-01-09 Chong Yidong <cyd@gnu.org> + + * custom.texi (Custom Themes): Switched custom-safe-themes to use + SHA-256. + 2012-01-07 Chong Yidong <cyd@gnu.org> * display.texi (Useless Whitespace): Add Whitespace mode. diff --git a/doc/emacs/custom.texi b/doc/emacs/custom.texi index 1d75be4dd8c..82a63996a64 100644 --- a/doc/emacs/custom.texi +++ b/doc/emacs/custom.texi @@ -598,7 +598,7 @@ the theme file and asks if you really want to load it. Because loading a Custom theme can execute arbitrary Lisp code, you should only say yes if you know that the theme is safe; in that case, Emacs offers to remember in the future that the theme is safe (this is done -by saving the theme file's SHA1 hash to the variable +by saving the theme file's SHA-256 hash to the variable @code{custom-safe-themes}; if you want to treat all themes as safe, change its value to @code{t}). Themes that come with Emacs (in the @file{etc/themes} directory) are exempt from this check, and are diff --git a/lisp/custom.el b/lisp/custom.el index d3752789e28..2ccfe094933 100644 --- a/lisp/custom.el +++ b/lisp/custom.el @@ -1105,7 +1105,7 @@ property `theme-feature' (which is usually a symbol created by (defcustom custom-safe-themes '(default) "Themes that are considered safe to load. -If the value is a list, each element should be either the `sha1' +If the value is a list, each element should be either the SHA-256 hash of a safe theme file, or the symbol `default', which stands for any theme in the built-in Emacs theme directory (a directory named \"themes\" in `data-directory'). @@ -1161,7 +1161,7 @@ Return t if THEME was successfully loaded, nil otherwise." (error "Unable to find theme file for `%s'" theme)) (with-temp-buffer (insert-file-contents fn) - (setq hash (sha1 (current-buffer))) + (setq hash (secure-hash 'sha256 (current-buffer))) ;; Check file safety with `custom-safe-themes', prompting the ;; user if necessary. (when (or no-confirm |