Some changes to FIPS compat since SLES implements it differently

lib/ansible/module_utils/basic.py

@@ -95,7 +95,11 @@ except ImportError:
 try:
     from hashlib import md5 as _md5
 except ImportError:
+    try:
         from md5 import md5 as _md5
+    except ImportError:
+        # MD5 unavailable.  Possibly FIPS mode
+        _md5 = None
 
 try:
     from hashlib import sha256 as _sha256
@@ -1248,6 +1252,8 @@ class AnsibleModule(object):
 
         Most uses of this function can use the module.sha1 function instead.
         '''
+        if not _md5:
+            raise ValueError('MD5 not available.  Possibly running in FIPS mode')
         return self.digest_from_file(filename, _md5())
 
     def sha1(self, filename):

lib/ansible/utils/__init__.py

@@ -79,7 +79,11 @@ except ImportError:
 try:
     from hashlib import md5 as _md5
 except ImportError:
+    try:
         from md5 import md5 as _md5
+    except ImportError:
+        # Assume we're running in FIPS mode here
+        _md5 = None
 
 PASSLIB_AVAILABLE = False
 try:
@@ -870,9 +874,13 @@ checksum_s = secure_hash_s
 #
 # MD5 will not work on systems which are FIPS-140-2 compliant.
 def md5s(data):
+    if not _md5:
+        raise ValueError('MD5 not available.  Possibly running in FIPS mode')
     return secure_hash_s(data, _md5)
 
 def md5(filename):
+    if not _md5:
+        raise ValueError('MD5 not available.  Possibly running in FIPS mode')
     return secure_hash(filename, _md5)
 
 def default(value, function):