Use FIPS-compatible SHA256 for comparing files

On systems in FIPS mode MD5 is not available, just use SHA256.

NOTE: I'm not sure if this changes makes ironic fully operational
      in FIPS mode, merely fixing an immediate issue.

Story: 2007306
Task: 38792

Change-Id: I9a9e0286c88ed5a1a05e405d251b46a4708dd556
This commit is contained in:
Dmitry Tantsur 2020-02-18 14:59:55 +01:00 committed by Julia Kreger
parent cc38f03cf5
commit 8982ef574f
2 changed files with 6 additions and 2 deletions

View File

@ -228,12 +228,12 @@ def _get_hash_object(hash_algo_name):
return getattr(hashlib, hash_algo_name)() return getattr(hashlib, hash_algo_name)()
def file_has_content(path, content, hash_algo='md5'): def file_has_content(path, content, hash_algo='sha256'):
"""Checks that content of the file is the same as provided reference. """Checks that content of the file is the same as provided reference.
:param path: path to file :param path: path to file
:param content: reference content to check against :param content: reference content to check against
:param hash_algo: hashing algo from hashlib to use, default is 'md5' :param hash_algo: hashing algo from hashlib to use, default is 'sha256'
:returns: True if the hash of reference content is the same as :returns: True if the hash of reference content is the same as
the hash of file's content, False otherwise the hash of file's content, False otherwise
""" """

View File

@ -0,0 +1,4 @@
fixes:
- |
Use SHA256 for comparing file contents instead of MD5. This improves FIPS
compatibility.