diff options
| -rw-r--r-- | ironic/common/utils.py | 4 | ||||
| -rw-r--r-- | releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/ironic/common/utils.py b/ironic/common/utils.py index fc61fd02f..6dbb0e326 100644 --- a/ironic/common/utils.py +++ b/ironic/common/utils.py @@ -230,12 +230,12 @@ def _get_hash_object(hash_algo_name): return getattr(hashlib, hash_algo_name)() -def file_has_content(path, content, hash_algo='md5'): +def file_has_content(path, content, hash_algo='sha256'): """Checks that content of the file is the same as provided reference. :param path: path to file :param content: reference content to check against - :param hash_algo: hashing algo from hashlib to use, default is 'md5' + :param hash_algo: hashing algo from hashlib to use, default is 'sha256' :returns: True if the hash of reference content is the same as the hash of file's content, False otherwise """ diff --git a/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml b/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml new file mode 100644 index 000000000..1c96a1600 --- /dev/null +++ b/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml @@ -0,0 +1,4 @@ +fixes: + - | + Use SHA256 for comparing file contents instead of MD5. This improves FIPS + compatibility. |