Add 'usedforsecurity=False' parameter to md5 call

efussi · efussi · commit 51badbcdbb3a · 2022-07-07T21:25:03.000Z
This allows to execute in a restricted environment, like a FIPS-enabled Kubernetes cluster. See https://docs.python.org/3/library/hashlib.html#hash-algorithms: > False indicates that the hashing algorithm is [used] as a > non-cryptographic one-way compression function.
diff --git a/kubernetes/base/dynamic/discovery.py b/kubernetes/base/dynamic/discovery.py
@@ -45,7 +45,7 @@ def __init__(self, client, cache_file):
         default_cache_id = self.client.configuration.host
         if six.PY3:
             default_cache_id = default_cache_id.encode('utf-8')
-        default_cachefile_name = 'osrcp-{0}.json'.format(hashlib.md5(default_cache_id).hexdigest())
+        default_cachefile_name = 'osrcp-{0}.json'.format(hashlib.md5(default_cache_id, usedforsecurity=False).hexdigest())
         self.__cache_file = cache_file or os.path.join(tempfile.gettempdir(), default_cachefile_name)
         self.__init_cache()
 
