[stable-2.7] Fix password lookup for FIPS
Fixes #47297
(cherry picked from commit 9906daa
)
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
This commit is contained in:
parent
1293076d7b
commit
8a240ed54d
2 changed files with 6 additions and 1 deletions
5
changelogs/fragments/fix-password-lookup-on-fips.yaml
Normal file
5
changelogs/fragments/fix-password-lookup-on-fips.yaml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
bugfixes:
|
||||||
|
- 'Fix the password lookup when run from a FIPS enabled system. FIPS forbids
|
||||||
|
the use of md5 but we can use sha1 instead.
|
||||||
|
https://github.com/ansible/ansible/issues/47297'
|
|
@ -265,7 +265,7 @@ def _get_lock(b_path):
|
||||||
"""Get the lock for writing password file."""
|
"""Get the lock for writing password file."""
|
||||||
first_process = False
|
first_process = False
|
||||||
b_pathdir = os.path.dirname(b_path)
|
b_pathdir = os.path.dirname(b_path)
|
||||||
lockfile_name = to_bytes("%s.ansible_lockfile" % hashlib.md5(b_path).hexdigest())
|
lockfile_name = to_bytes("%s.ansible_lockfile" % hashlib.sha1(b_path).hexdigest())
|
||||||
lockfile = os.path.join(b_pathdir, lockfile_name)
|
lockfile = os.path.join(b_pathdir, lockfile_name)
|
||||||
if not os.path.exists(lockfile) and b_path != to_bytes('/dev/null'):
|
if not os.path.exists(lockfile) and b_path != to_bytes('/dev/null'):
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in a new issue