Project

Profile

Help

Task #3753

Pulp - Story #3637: As a user, I can run pulp in a FIPS-enabled environment

Confirm that pulp_puppet works in FIPS mode

Added by daviddavis over 3 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
2.16.2
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Associated revisions

Revision 9ce98ae2 View on GitHub
Added by dalley over 3 years ago

Use pulp-provided md5 util for fips compatibility

closes #3753 https://pulp.plan.io/issues/3753

Revision f1ae408b View on GitHub
Added by dalley over 3 years ago

Use pulp-provided md5 util for fips compatibility

closes #3753 https://pulp.plan.io/issues/3753

(cherry picked from commit 9ce98ae2851fab6a029a3ccc3a3dcb1a150cabb9)

History

#1 Updated by daviddavis over 3 years ago

Looks like our puppet plugin uses md5. I get this during sync:

Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384) Exception during metadata generation step for repository <forge>
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384) Traceback (most recent call last):
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384)   File "/home/vagrant/devel/pulp_puppet/pulp_puppet_plugins/pulp_puppet/plugins/distributors/publ
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384)     self._generate_dependency_data(modules)
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384)   File "/home/vagrant/devel/pulp_puppet/pulp_puppet_plugins/pulp_puppet/plugins/distributors/publ
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384)     file_hash = hashlib.md5()
Jun 12 16:37:13 pulp2.dev pulp[23171]: pulp_puppet.plugins.distributors.publish:ERROR: [fd5d206b] (23171-44384) ValueError: error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips

Link to code:

https://github.com/pulp/pulp_puppet/blob/3a07fd8fabf8d79e2c42ead5051fc09888177845/pulp_puppet_plugins/pulp_puppet/plugins/distributors/publish.py#L320

#2 Updated by dalley over 3 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to dalley

#3 Updated by dalley over 3 years ago

  • Status changed from ASSIGNED to POST

#4 Updated by dalley over 3 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#5 Updated by dkliban@redhat.com over 3 years ago

  • Platform Release set to 2.16.2

#6 Updated by ragbalak over 3 years ago

Ran pulp smash against FIPS enabled 2.16 beta for the puppet plugins and found that all tests to be passing.

#7 Updated by ipanova@redhat.com over 3 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

#8 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF