Message ID | 1665093202-28238-1-git-send-email-mark.hatle@kernel.crashing.org |
---|---|
State | New |
Headers | show |
Series | [bitbake-devel,kirkstone,langdale,master] utils/ply: Update md5 to better report errors with hashlib | expand |
> On 6 Oct 2022, at 22:53, Mark Hatle via lists.openembedded.org <mark.hatle=kernel.crashing.org@lists.openembedded.org> wrote: > > Additionally, some versions of hashlib don't appear to implement the > second FIPS related argument. Detect this and support both versions. FWIW Changed in version 3.9: All hashlib constructors take a keyword-only argument usedforsecurity with default value True. A false value allows the use of insecure and blocked hashing algorithms in restricted environments. False indicates that the hashing algorithm is not used in a security context, e.g. as a non-cryptographic one-way compression function. Ross
diff --git a/lib/bb/utils.py b/lib/bb/utils.py index e6e21e20fe..64a004d0d8 100644 --- a/lib/bb/utils.py +++ b/lib/bb/utils.py @@ -547,7 +547,12 @@ def md5_file(filename): Return the hex string representation of the MD5 checksum of filename. """ import hashlib - return _hasher(hashlib.new('MD5', usedforsecurity=False), filename) + try: + sig = hashlib.new('MD5', usedforsecurity=False) + except TypeError: + # Some configurations don't appear to support two arguments + sig = hashlib.new('MD5') + return _hasher(sig, filename) def sha256_file(filename): """ diff --git a/lib/ply/yacc.py b/lib/ply/yacc.py index 767c4e4674..381b50cf0b 100644 --- a/lib/ply/yacc.py +++ b/lib/ply/yacc.py @@ -2798,7 +2798,14 @@ class ParserReflect(object): def signature(self): try: import hashlib + except ImportError: + raise RuntimeError("Unable to import hashlib") + try: sig = hashlib.new('MD5', usedforsecurity=False) + except TypeError: + # Some configurations don't appear to support two arguments + sig = hashlib.new('MD5') + try: if self.start: sig.update(self.start.encode('latin-1')) if self.prec: