From 23a6b88dd28f9c25b90cbb048210d2299802022a Mon Sep 17 00:00:00 2001 From: Sam Doran Date: Thu, 28 Feb 2019 07:32:00 -0500 Subject: [PATCH] Modify the correct variable when setting available hashing algorithms (#52994) * Revert "use list instead of tuple and remove md5 on ValueError (#51357)" c459f040da88004b2fb0faa646cdd6530e99e2fe. * Modify the correct variable when determining available hashing algorithms --- changelogs/fragments/51357-module_utils-basic.yml | 3 --- changelogs/fragments/md5-hash-algorithms-pop-fix.yaml | 2 ++ lib/ansible/module_utils/basic.py | 6 ++---- 3 files changed, 4 insertions(+), 7 deletions(-) delete mode 100644 changelogs/fragments/51357-module_utils-basic.yml create mode 100644 changelogs/fragments/md5-hash-algorithms-pop-fix.yaml diff --git a/changelogs/fragments/51357-module_utils-basic.yml b/changelogs/fragments/51357-module_utils-basic.yml deleted file mode 100644 index ed7db907919..00000000000 --- a/changelogs/fragments/51357-module_utils-basic.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - ansible.module_utils.basic - fix handling of md5 in algorithms tuple for FIPS compatibility (https://github.com/ansible/ansible/issues/51355) diff --git a/changelogs/fragments/md5-hash-algorithms-pop-fix.yaml b/changelogs/fragments/md5-hash-algorithms-pop-fix.yaml new file mode 100644 index 00000000000..df81ce1a925 --- /dev/null +++ b/changelogs/fragments/md5-hash-algorithms-pop-fix.yaml @@ -0,0 +1,2 @@ +bugfixes: + - basic - modify the correct variable when determining available hashing algorithms to avoid errors when md5 is not available (https://github.com/ansible/ansible/issues/51355) diff --git a/lib/ansible/module_utils/basic.py b/lib/ansible/module_utils/basic.py index 9901f77196e..bcd8edd5c0b 100644 --- a/lib/ansible/module_utils/basic.py +++ b/lib/ansible/module_utils/basic.py @@ -129,12 +129,10 @@ try: for attribute in ('available_algorithms', 'algorithms'): algorithms = getattr(hashlib, attribute, None) if algorithms: - # convert algorithms to list instead of immutable tuple so md5 can be removed if not available - algorithms = list(algorithms) break if algorithms is None: # python 2.5+ - algorithms = ['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'] + algorithms = ('md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512') for algorithm in algorithms: AVAILABLE_HASH_ALGORITHMS[algorithm] = getattr(hashlib, algorithm) @@ -142,7 +140,7 @@ try: try: hashlib.md5() except ValueError: - algorithms.remove('md5') + AVAILABLE_HASH_ALGORITHMS.pop('md5', None) except Exception: import sha AVAILABLE_HASH_ALGORITHMS = {'sha1': sha.sha}