Add comments/docstrings not to use md5 unless forced to by forces outside our control.

This commit is contained in:
Toshio Kuratomi 2014-11-10 12:00:49 -08:00
parent 3ccb0b8243
commit 6a85f3ebc7
2 changed files with 15 additions and 1 deletions

View file

@ -1238,7 +1238,16 @@ class AnsibleModule(object):
return digest.hexdigest()
def md5(self, filename):
''' Return MD5 hex digest of local file using digest_from_file(). '''
''' Return MD5 hex digest of local file using digest_from_file().
Do not use this function unless you have no other choice for:
1) Optional backwards compatibility
2) Compatibility with a third party protocol
This function will not work on systems complying with FIPS-140-2.
Most uses of this function can use the module.sha1 function instead.
'''
return self.digest_from_file(filename, _md5())
def sha1(self, filename):

View file

@ -864,6 +864,11 @@ checksum_s = secure_hash_s
# Backwards compat. Some modules include md5s in their return values
# Continue to support that for now. As of ansible-1.8, all of those modules
# should also return "checksum" (sha1 for now)
# Do not use m5 unless it is needed for:
# 1) Optional backwards compatibility
# 2) Compliance with a third party protocol
#
# MD5 will not work on systems which are FIPS-140-2 compliant.
def md5s(data):
return secure_hash_s(data, _md5)