Commit ece27edb authored by Mike Greiling's avatar Mike Greiling

Merge branch '322883-leipert-fips-workaround' into 'master'

Change hashing algorithm in webpack

See merge request gitlab-org/gitlab!78581
parents 2f3c23e8 8d42ec95
/**
* Webpack 4 uses md4 internally because it is fast.
* Some loaders also use md5 directly.
* It is not available systems with FIPS enabled node.
*
* This is a hack to monkey patch the crypto function to use
* another algorithm if md4 or md5 is expected.
*
* https://github.com/webpack/webpack/issues/13572#issuecomment-923736472
*
* This hack can be removed once we upgrade to webpack v5 as
* it includes native support for configuring hash options:
* https://github.com/webpack/webpack/pull/14306
*/
const crypto = require('crypto');
const cryptoHashOriginal = crypto.createHash;
crypto.createHash = (algorithm) =>
cryptoHashOriginal(['md4', 'md5'].includes(algorithm) ? 'sha256' : algorithm);
module.exports = crypto;
const crypto = require('crypto');
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const crypto = require('./patched_crypto');
const CACHE_PATHS = [ const CACHE_PATHS = [
'./config/webpack.config.js', './config/webpack.config.js',
...@@ -11,7 +11,7 @@ const CACHE_PATHS = [ ...@@ -11,7 +11,7 @@ const CACHE_PATHS = [
const resolvePath = (file) => path.resolve(__dirname, '../..', file); const resolvePath = (file) => path.resolve(__dirname, '../..', file);
const readFile = (file) => fs.readFileSync(file); const readFile = (file) => fs.readFileSync(file);
const fileHash = (buffer) => crypto.createHash('md5').update(buffer).digest('hex'); const fileHash = (buffer) => crypto.createHash('sha256').update(buffer).digest('hex');
module.exports = () => { module.exports = () => {
const fileBuffers = CACHE_PATHS.map(resolvePath).map(readFile); const fileBuffers = CACHE_PATHS.map(resolvePath).map(readFile);
......
const crypto = require('crypto'); // eslint-disable-next-line import/order
const crypto = require('./helpers/patched_crypto');
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment