MSVSphere Packaging Team
1 year ago
parent
dfff9713ad
commit
0e2995b750
@ -1 +1 @@
|
|||||||
SOURCES/libstoragemgmt-1.9.5.tar.gz
|
SOURCES/libstoragemgmt-1.9.7.tar.gz
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
43714185f0cda2f18de370e62e1d959efea691a5 SOURCES/libstoragemgmt-1.9.5.tar.gz
|
d1d300522b73f1db12763100d0bc0abcd01af5e4 SOURCES/libstoragemgmt-1.9.7.tar.gz
|
||||||
|
|||||||
@ -0,0 +1,63 @@
|
|||||||
|
From bbb13a7970c4d82d2e7bace5e96056ef469eb7b3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tony Asleson <tasleson@redhat.com>
|
||||||
|
Date: Fri, 14 Apr 2023 10:43:27 -0500
|
||||||
|
Subject: [PATCH] Correction for fips error
|
||||||
|
|
||||||
|
When running on a fips enabled system we encounter the following
|
||||||
|
error:
|
||||||
|
|
||||||
|
PLUGIN_BUG(2): [digital envelope routines] unsupported Data: Traceback (most recent call last):
|
||||||
|
...
|
||||||
|
File "/usr/lib64/python3.9/site-packages/lsm/_common.py", line 348, in md5
|
||||||
|
h = hashlib.md5()
|
||||||
|
ValueError: [digital envelope routines] unsupported
|
||||||
|
|
||||||
|
Utilize the usedforsecurity=False parameter to md5 to indicate that our
|
||||||
|
use is not for security related purposes.
|
||||||
|
|
||||||
|
Signed-off-by: Tony Asleson <tasleson@redhat.com>
|
||||||
|
---
|
||||||
|
plugin/nfs_plugin/nfs.py | 8 +++++++-
|
||||||
|
python_binding/lsm/_common.py | 7 ++++++-
|
||||||
|
2 files changed, 13 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/plugin/nfs_plugin/nfs.py b/plugin/nfs_plugin/nfs.py
|
||||||
|
index 8a87652..11ce3c2 100644
|
||||||
|
--- a/plugin/nfs_plugin/nfs.py
|
||||||
|
+++ b/plugin/nfs_plugin/nfs.py
|
||||||
|
@@ -55,7 +55,13 @@ def _export_id(path, auth_type, anon_uid, anon_gid, options):
|
||||||
|
if auth_type is None:
|
||||||
|
auth_type = 'sec'
|
||||||
|
|
||||||
|
- hsh = hashlib.md5()
|
||||||
|
+ try:
|
||||||
|
+ # The use of md5 is not used for security, indicate
|
||||||
|
+ # this to hashlib so that we can run when fips is enabled
|
||||||
|
+ hsh = hashlib.md5(usedforsecurity=False)
|
||||||
|
+ except Exception:
|
||||||
|
+ hsh = hashlib.md5()
|
||||||
|
+
|
||||||
|
hsh.update(path.encode('utf-8'))
|
||||||
|
hsh.update(auth_type.encode('utf-8'))
|
||||||
|
if anon_uid is not None and anon_uid != NfsExport.ANON_UID_GID_NA:
|
||||||
|
diff --git a/python_binding/lsm/_common.py b/python_binding/lsm/_common.py
|
||||||
|
index 1220381..163f726 100644
|
||||||
|
--- a/python_binding/lsm/_common.py
|
||||||
|
+++ b/python_binding/lsm/_common.py
|
||||||
|
@@ -345,7 +345,12 @@ def uri_parameters(uri):
|
||||||
|
# @param t Item to generate signature on.
|
||||||
|
# @returns md5 hex digest.
|
||||||
|
def md5(t):
|
||||||
|
- h = hashlib.md5()
|
||||||
|
+ try:
|
||||||
|
+ # The use of md5 is not used for security, indicate
|
||||||
|
+ # this to hashlib so that we can run when fips is enabled
|
||||||
|
+ h = hashlib.md5(usedforsecurity=False)
|
||||||
|
+ except Exception:
|
||||||
|
+ h = hashlib.md5()
|
||||||
|
h.update(t.encode("utf-8"))
|
||||||
|
return h.hexdigest()
|
||||||
|
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
diff --git a/packaging/daemon/libstoragemgmt.conf b/packaging/daemon/libstoragemgmt.conf
|
|
||||||
index 1c118a9..cdb43c2 100644
|
|
||||||
--- a/packaging/daemon/libstoragemgmt.conf
|
|
||||||
+++ b/packaging/daemon/libstoragemgmt.conf
|
|
||||||
@@ -1,2 +1,2 @@
|
|
||||||
-D /var/run/lsm 0775 root libstoragemgmt -
|
|
||||||
-D /var/run/lsm/ipc 0775 root libstoragemgmt -
|
|
||||||
+D /run/lsm 0775 root libstoragemgmt -
|
|
||||||
+D /run/lsm/ipc 0775 root libstoragemgmt -
|
|
||||||
Loading…
Reference in new issue