Support hosts in FIPS mode #194

ayohrling · 2018-10-31T13:31:48Z

Currently, gemstash does not run on systems that are configured in FIPS mode. There are a couple spots that utilize MD5 digests that need to be replaced for valid operation. Results in the following logs when running the server and timeouts for too many connection resets in fetching gems:

md5_dgst.c(82): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
[2018-10-31 13:30:47 +0000] - INFO - [16128] - Worker 0 (pid: 16242) booted, phase: 0
md5_dgst.c(82): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
[2018-10-31 13:30:52 +0000] - INFO - [16128] - Worker 0 (pid: 16254) booted, phase: 0
md5_dgst.c(82): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
[2018-10-31 13:30:57 +0000] - INFO - [16128] - Worker 0 (pid: 16266) booted, phase: 0
md5_dgst.c(82): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
[2018-10-31 13:31:02 +0000] - INFO - [16128] - Worker 0 (pid: 16276) booted, phase: 0

The text was updated successfully, but these errors were encountered:

ayohrling · 2018-12-10T15:56:20Z

Am hoping for some feedback here. I feel like this should be low-hanging fruit. PR is in, we have to work from builds off my fork to use gemstash until this is merged upstream.

ayohrling mentioned this issue Oct 31, 2018

GEMSTASH-194 Support for FIPS Mode #195

Open

bronzdoc added the Feature request label Dec 10, 2018

benklop linked a pull request Mar 18, 2021 that will close this issue

added fips flag #290

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support hosts in FIPS mode #194

Support hosts in FIPS mode #194

ayohrling commented Oct 31, 2018

ayohrling commented Dec 10, 2018

Support hosts in FIPS mode #194

Support hosts in FIPS mode #194

Comments

ayohrling commented Oct 31, 2018

ayohrling commented Dec 10, 2018