Fail gracefully when MD5 is unavailable

The glanceclient currently assumes that MD5 will always be available.
This is not the case, however, in a FIPS-compliant environment.  This
patch enables the glanceclient to fail gracefully in such a case.

Closes-bug: #1871675
Change-Id: Ibd89989e06cc5be7da71f5f21561d73b5abc4104

3 files changed, 30 insertions, 3 deletions

diff --git a/glanceclient/common/utils.py b/glanceclient/common/utils.py
index bc0c0eb..0fde763 100644
--- a/glanceclient/common/utils.py
+++ b/glanceclient/common/utils.py
@@ -436,7 +436,14 @@ def integrity_iter(iter, checksum):
 
     :raises: IOError
     """
-    md5sum = hashlib.md5()
+    try:
+        md5sum = hashlib.new('md5')
+    except ValueError:
+        raise IOError(errno.EPIPE,
+                      'Corrupt image download. Expected checksum is %s '
+                      'but md5 algorithm is not available on the client' %
+                      checksum)
+
     for chunk in iter:
         yield chunk
         if isinstance(chunk, six.string_types):
diff --git a/glanceclient/tests/unit/v2/test_images.py b/glanceclient/tests/unit/v2/test_images.py
index fee7d49..55610d8 100644
--- a/glanceclient/tests/unit/v2/test_images.py
+++ b/glanceclient/tests/unit/v2/test_images.py
@@ -18,6 +18,8 @@ import hashlib
 import testtools
 from unittest import mock
 
+import ddt
+
 from glanceclient import exc
 from glanceclient.tests.unit.v2 import base
 from glanceclient.tests import utils
@@ -704,6 +706,7 @@ schema_fixtures = {
 }
 
 
+@ddt.ddt
 class TestController(testtools.TestCase):
     def setUp(self):
         super(TestController, self).setUp()
@@ -1092,6 +1095,21 @@ class TestController(testtools.TestCase):
             body = ''.join([b for b in body])
             self.assertEqual('CCC', body)
 
+    @ddt.data('headeronly', 'chkonly', 'multihash')
+    def test_data_with_checksum_but_no_md5_algo(self, prefix):
+        with mock.patch('hashlib.new', mock.MagicMock(
+                side_effect=ValueError('unsupported hash type'))):
+            body = self.controller.data(prefix +
+                                        '-dd57-11e1-af0f-02163e68b1d8',
+                                        allow_md5_fallback=True)
+            try:
+                body = ''.join([b for b in body])
+                self.fail('missing md5 algo did not raise an error')
+            except IOError as e:
+                self.assertEqual(errno.EPIPE, e.errno)
+                msg = 'md5 algorithm is not available on the client'
+                self.assertIn(msg, str(e))
+
     def test_data_with_checksum_and_fallback(self):
         # make sure the allow_md5_fallback option does not cause any
         # incorrect behavior when fallback is not needed
diff --git a/glanceclient/v2/images.py b/glanceclient/v2/images.py
index c062cb8..b07eecc 100644
--- a/glanceclient/v2/images.py
+++ b/glanceclient/v2/images.py
@@ -209,9 +209,11 @@ class Controller(object):
            specified hash algorithm is not available AND allow_md5_fallback
            is True, then continue to step #2
         2. else if the image has a checksum property, MD5 is used to
-           validate against the 'checksum' value
+           validate against the 'checksum' value.  (If MD5 is not available
+           to the client, the download fails.)
         3. else if the download response has a 'content-md5' header, MD5
-           is used to validate against the header value
+           is used to validate against the header value.  (If MD5 is not
+           available to the client, the download fails.)
         4. if none of 1-3 obtain, the data is **not validated** (this is
            compatible with legacy behavior)