womax/python-glanceclient
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fail gracefully when MD5 is unavailable

Browse Source 
The glanceclient currently assumes that MD5 will always be available.
This is not the case, however, in a FIPS-compliant environment.  This
patch enables the glanceclient to fail gracefully in such a case.

Closes-bug: #1871675
Change-Id: Ibd89989e06cc5be7da71f5f21561d73b5abc4104
This commit is contained in:
Brian Rosmaita
2020-04-07 00:13:49 -04:00
parent cf5434a1b8
commit 56186d6d5a
6 changed files with 45 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
glanceclient/v2/images.py
+4 -2
View File
@@ -209,9 +209,11 @@ class Controller(object):
specified hash algorithm is not available AND allow_md5_fallback
is True, then continue to step #2
2. else if the image has a checksum property, MD5 is used to
validate against the 'checksum' value
validate against the 'checksum' value. (If MD5 is not available
to the client, the download fails.)
3. else if the download response has a 'content-md5' header, MD5
is used to validate against the header value
is used to validate against the header value. (If MD5 is not
available to the client, the download fails.)
4. if none of 1-3 obtain, the data is **not validated** (this is
compatible with legacy behavior)