diff options
| author | Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com> | 2022-08-15 14:48:07 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-15 14:48:07 (GMT) |
| commit | 2fa03b1b0708d5d74630c351ec9abd2aac7550da (patch) | |
| tree | be1030d1375f8a441adde48da0d3355b7757fede /Lib/crypt.py | |
| parent | 8621e6d43a25651b39a4286c0ea62f7bf9c436ea (diff) | |
| download | cpython-2fa03b1b0708d5d74630c351ec9abd2aac7550da.zip cpython-2fa03b1b0708d5d74630c351ec9abd2aac7550da.tar.gz cpython-2fa03b1b0708d5d74630c351ec9abd2aac7550da.tar.bz2 | |
gh-95231: Disable md5 & crypt modules if FIPS is enabled (GH-94742)
If kernel fips is enabled, we get permission error upon doing
`import crypt`. So, if kernel fips is enabled, disable the
unallowed hashing methods.
Python 3.9.1 (default, May 10 2022, 11:36:26)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.9/crypt.py", line 117, in <module>
_add_method('MD5', '1', 8, 34)
File "/usr/lib/python3.9/crypt.py", line 94, in _add_method
result = crypt('', salt)
File "/usr/lib/python3.9/crypt.py", line 82, in crypt
return _crypt.crypt(word, salt)
PermissionError: [Errno 1] Operation not permitted
Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
Diffstat (limited to 'Lib/crypt.py')
| -rw-r--r-- | Lib/crypt.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Lib/crypt.py b/Lib/crypt.py index 46c3de8..de4a14a 100644 --- a/Lib/crypt.py +++ b/Lib/crypt.py @@ -98,7 +98,7 @@ def _add_method(name, *args, rounds=None): result = crypt('', salt) except OSError as e: # Not all libc libraries support all encryption methods. - if e.errno == errno.EINVAL: + if e.errno in {errno.EINVAL, errno.EPERM, errno.ENOSYS}: return False raise if result and len(result) == method.total_size: |