Bug 996219 - python-beaker does not work in FIPS environment
python-beaker does not work in FIPS environment
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: python-beaker (Show other bugs)
7.0
All Linux
medium Severity high
: rc
: ---
Assigned To: Robert Kuska
qe-baseos-daemons
: Patch
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-12 13:13 EDT by Jan Pokorný
Modified: 2016-04-18 06:17 EDT (History)
19 users (show)

See Also:
Fixed In Version: python-beaker-1.5.4-8.el7
Doc Type: Bug Fix
Doc Text:
Cause: usage of insecure hashlib md5 function in beaker.session Consequence: FIPS does not allow md5 usage so python-beaker can fail when used with FIPS mode Fix: replace md5 with sha1 Result: python-beaker can be used while FIPS mode on
Story Points: ---
Clone Of: 983292
Environment:
Last Closed: 2014-06-13 07:27:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch - replace md5 with sha1 (1.46 KB, patch)
2013-08-14 02:44 EDT, Robert Kuska
no flags Details | Diff

  None (edit)
Description Jan Pokorný 2013-08-12 13:13:14 EDT
Luci, which was the primary reason behind original [bug 983292] in RHEL 6,
is not in RHEL 7, however issue with python-beaker sessions vs. FIPS can
occur here as well at some point.  Probably better to anticipate reaching
such point as upstream now contains the change (driven by the original bug)
dropping the use of md5 hash.

From [bug 983292]:

--- Additional comment from Jan Pokorný on 2013-08-06 18:32:40 CEST ---

New pull request (rebased on the current head, also turned to be CI passing
whereas the new changes passed as well) accepted: [2]

[2] https://github.com/bbangert/beaker/pull/49#ref-pullrequest-16598672
Comment 2 Robert Kuska 2013-08-14 02:44:32 EDT
Created attachment 786409 [details]
Proposed patch - replace md5 with sha1

I've added patch based on fix accepted by upstream mentioned in bug description.
Comment 8 Ludek Smid 2014-06-13 07:27:44 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.