Task #3674
closed
Story #3637: As a user, I can run pulp in a FIPS-enabled environment
Pulp uses md5 which is not FIPS compatible
For now, this seems to work as a temporary fix.
diff --git a/server/pulp/server/util.py b/server/pulp/server/util.py
index f19c66f..9dfe629 100644
--- a/server/pulp/server/util.py
+++ b/server/pulp/server/util.py
@@ -20,7 +20,7 @@ _logger = logging.getLogger(__name__)
CHECKSUM_CHUNK_SIZE = 8 * 1024 * 1024
# Constants to pass in as the checksum type in verify_checksum
-TYPE_MD5 = hashlib.md5().name
+TYPE_MD5 = hashlib.md5(usedforsecurity=False).name
TYPE_SHA = 'sha'
TYPE_SHA1 = hashlib.sha1().name
TYPE_SHA256 = hashlib.sha256().name
The usedforsecurity flag isn't available on non-RHEL/CentOS builds though so we'll need to figure out a more permanent solution.
- Status changed from NEW to ASSIGNED
- Assignee set to daviddavis
- Status changed from ASSIGNED to POST
- Sprint changed from Sprint 37 to Sprint 38
- Status changed from POST to MODIFIED
- Status changed from MODIFIED to CLOSED - COMPLETE
Also available in: Atom
PDF
.