I am having the same problem. Anyone have a solution other than patch hashlib?
On Wednesday, May 31, 2017 at 9:36:20 AM UTC-4, Tim Graham wrote: > > django-developers discussion: > https://groups.google.com/d/msg/django-developers/dlUIPzQgnpM/Mtl7CQbPAQAJ > > On Tuesday, May 30, 2017 at 5:06:23 PM UTC-4, Tim Graham wrote: >> >> This usage generates a short, unique identifier for a database index >> name. The usage of md5 here isn't security sensitive. Changing it to some >> other hash could be backwards incompatible because Django would no longer >> know the names of indexes in existing projects. There are other usages of >> md5 in Django where a short, fast hash is needed. I'm not sure if >> prohibiting the usage of md5 in Django or adding a setting to allow >> selecting some other hash in all those places is worth the additional >> complexity but you could write to django-developers to get other opinions. >> >> On Tuesday, May 30, 2017 at 4:21:24 PM UTC-4, Brandon Williams wrote: >>> >>> I'm running into issues when trying to migrate my models in an >>> environment that is running FIPS restrictions regarding MD5. Here is the >>> stack trace: >>> >>> Operations to perform: >>>> Apply all migrations: admin, auth, contenttypes, dashboard, >>>> kombu_transport_django, sessions >>>> Running migrations: >>>> Applying contenttypes.0001_initial...Traceback (most recent call >>>> last): >>>> File "manage.py", line 10, in <module> >>>> execute_from_command_line(sys.argv) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/core/management/__init__.py", >>>> line 367, in execute_from_command_line >>>> utility.execute() >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/core/management/__init__.py", >>>> line 359, in execute >>>> self.fetch_command(subcommand).run_from_argv(self.argv) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/core/management/base.py", line >>>> 294, in run_from_argv >>>> self.execute(*args, **cmd_options) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/core/management/base.py", line >>>> 345, in execute >>>> output = self.handle(*args, **options) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/core/management/commands/migrate.py", >>>> >>>> line 204, in handle >>>> fake_initial=fake_initial, >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/migrations/executor.py", >>>> line >>>> 115, in migrate >>>> state = self._migrate_all_forwards(state, plan, full_plan, >>>> fake=fake, fake_initial=fake_initial) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/migrations/executor.py", >>>> line >>>> 145, in _migrate_all_forwards >>>> state = self.apply_migration(state, migration, fake=fake, >>>> fake_initial=fake_initial) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/migrations/executor.py", >>>> line >>>> 244, in apply_migration >>>> state = migration.apply(state, schema_editor) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/migrations/migration.py", >>>> line 129, in apply >>>> operation.database_forwards(self.app_label, schema_editor, >>>> old_state, project_state) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/migrations/operations/models.py", >>>> >>>> line 532, in database_forwards >>>> getattr(new_model._meta, self.option_name, set()), >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/backends/base/schema.py", >>>> line 333, in alter_unique_together >>>> self.execute(self._create_unique_sql(model, columns)) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/backends/base/schema.py", >>>> line 913, in _create_unique_sql >>>> "name": self.quote_name(self._create_index_name(model, columns, >>>> suffix="_uniq")), >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/backends/base/schema.py", >>>> line 819, in _create_index_name >>>> index_unique_name = '_%s' % self._digest(table_name, *column_names) >>>> File >>>> "/usr/lib64/python2.7/site-packages/django/db/backends/base/schema.py", >>>> line 123, in _digest >>>> h = hashlib.md5() >>>> ValueError: error:060800A3:digital envelope >>>> routines:EVP_DigestInit_ex:disabled for fips >>> >>> >>> >>> Is there a particular reason why MD5 is used here? Is there any harm in >>> changing it to sh512 or something similar? >>> >> -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/a1f34db4-c077-4330-b62b-44ca56a54663%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
