Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Listen's use of Digest::MD5 breaks support on FIPS enabled machines #452

Closed
ruckc opened this issue Aug 12, 2018 · 11 comments · Fixed by #541
Closed

Listen's use of Digest::MD5 breaks support on FIPS enabled machines #452

ruckc opened this issue Aug 12, 2018 · 11 comments · Fixed by #541

Comments

@ruckc
Copy link

ruckc commented Aug 12, 2018

Please review usage of Digest::MD5 and migrate to a different hash algorithm that is not disabled in when FIPS is enabled.

$ rails server
=> Booting Puma
=> Rails 5.2.1 application starting in development
=> Run `rails server -h` for more startup options
md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
Aborted
@ioquatix
Copy link
Member

What is the best solution to this problem?

@ruckc
Copy link
Author

ruckc commented Dec 16, 2018

Replacing Digest::MD5 with a modern hashing algorithm such as Digest::SHA2 is the easy answer. Long term though, its ideal to support configurable algorithms for future proofing.

@souravb65
Copy link

Is there a plan in the near future to use Digest::SHA2 and make it FIPS enabled?

@ioquatix
Copy link
Member

ioquatix commented Jun 1, 2021

Sure, do you have time to submit a PR?

@souravb65
Copy link

Sure. I can give it a try. Looks like I don't have permission to create my feature branch. Can you please grant me permission?

@ioquatix
Copy link
Member

ioquatix commented Jun 3, 2021

Please create a fork and submit a PR. If you need more help, please let me know.

@ColinDKelley
Copy link
Collaborator

@souravb65 Here's a branch: #541 Tests are green!

@ColinDKelley
Copy link
Collaborator

Considering this fixed.

@souravb65
Copy link

Awesome @ColinDKelley making these changes. I did the changes but due to my machine issue was not able to test to push those.

@ColinDKelley
Copy link
Collaborator

No problem, @souravb65. Thanks for the nudge to get this fixed and closed.

@ioquatix
Copy link
Member

@ColinDKelley Thanks for your effort maintaining this gem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants