Version-Release number of selected component (if applicable): yum-3.2.22-39.el5 How reproducible: always Steps to Reproduce: 1. Enable FIPS 140-2 2. run "yum install htop" Actual results: digest.c(151): OpenSSL internal error, assertion failed: Digest update previous FIPS forbidden algorithm error ignored Expected results: Installation works Additional info: It's caused by the usage of md5 in the code in following file: File "/usr/lib/python2.4/site-packages/yum/repoMDObject.py", line 89, in __init__ There's: infile = AutoFileChecksums(infile, ['md5', 'sha1', 'sha256'], But 'md5' should be removed from that line (as it is newer yum versions).
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
On RHEL-5 rpm uses md5 to check packages, so doing the above is useless. You can't use yum/rpm on RHEL-5 without md5.
So just to clarify it, yum should not work on RHEL-5 when FIPS 140-2 mode [1] is enabled? [1] http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1320.pdf
Yum should output a helpful message to the user if it can't work in FIPS mode. They shouldn't have to guess why its not working.