From c1504e053fdfa882eb4474302760f22b4477ebbd Mon Sep 17 00:00:00 2001
From: Drew Welch <dwelch@redhat.com>
Date: Wed, 9 Mar 2022 15:48:33 -0600
Subject: [PATCH] Fix: add support for fips-enabled systems using Python3.6 or
 greater.

FIPS restricts usage of md5 and requires the flag 'usedforsecurity' to be set False in order to avoid error:

ValueError: [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS

Change-Id: I99a4ad0bf78bbeb898fb9dcfc79c03a14d596235
---
 jenkins_jobs/xml_config.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/jenkins_jobs/xml_config.py b/jenkins_jobs/xml_config.py
index 73ffd67a5..ef5af761d 100644
--- a/jenkins_jobs/xml_config.py
+++ b/jenkins_jobs/xml_config.py
@@ -17,6 +17,7 @@
 
 import hashlib
 import pkg_resources
+import sys
 from xml.dom import minidom
 import xml.etree.ElementTree as XML
 
@@ -53,7 +54,13 @@ class XmlJob(object):
         self.name = name
 
     def md5(self):
-        return hashlib.md5(self.output()).hexdigest()
+        if sys.version_info[:2] >= (3, 6):
+            # allows md5 use on fips-enabled systems
+            hash_func = hashlib.new("md5", usedforsecurity=False)
+            hash_func.update(self.output())
+            return hash_func.hexdigest()
+        else:
+            return hashlib.md5(self.output()).hexdigest()
 
     def output(self):
         out = minidom.parseString(XML.tostring(self.xml, encoding="UTF-8"))