From: David Swan <david.swan@puppet.co.uk>
Date: Thu, 21 Mar 2019 16:26:40 +0000 (+0000)
Subject: (MODULES-7333) - Change hashing method from MD5 to SHA256
X-Git-Tag: 1.15.2~3^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=d41112ab3e99d01b86ed228d14a9d54790adcab8;p=puppet-modules%2Fpuppetlabs-firewall.git

(MODULES-7333) - Change hashing method from MD5 to SHA256
---

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index ce01c28..8b375c8 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -1,5 +1,5 @@
 require 'puppet/provider/firewall'
-require 'digest/md5'
+require 'digest'
 
 Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewall do
   include Puppet::Util::Firewall
@@ -647,7 +647,7 @@ Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewa
     # by appending a high level
     if !hash[:name]
       num = 9000 + counter
-      hash[:name] = "#{num} #{Digest::MD5.hexdigest(line)}"
+      hash[:name] = "#{num} #{Digest::SHA256.hexdigest(line)}"
     elsif not %r{^\d+[[:graph:][:space:]]+$} =~ hash[:name] # rubocop:disable Style/Not : Making this change breaks the code
       num = 9000 + counter
       hash[:name] = "#{num} #{%r{([[:graph:][:space:]]+)}.match(hash[:name])[1]}"
diff --git a/spec/unit/puppet/provider/iptables_spec.rb b/spec/unit/puppet/provider/iptables_spec.rb
index 4bebd37..e344773 100644
--- a/spec/unit/puppet/provider/iptables_spec.rb
+++ b/spec/unit/puppet/provider/iptables_spec.rb
@@ -269,7 +269,7 @@ describe 'iptables provider' do
     let(:instance) { provider.new(resource) }
 
     it 'rule name contains a MD5 sum of the line' do
-      expect(resource[:name]).to eq("9000 #{Digest::MD5.hexdigest(resource[:line])}")
+      expect(resource[:name]).to eq("9000 #{Digest::SHA256.hexdigest(resource[:line])}")
     end
 
     resource_types = [:chain, :source, :destination, :proto, :dport, :sport, :action]
@@ -290,7 +290,7 @@ describe 'iptables provider' do
     let(:instance) { provider.new(resource) }
 
     it 'rule name contains a MD5 sum of the line' do
-      expect(resource[:name]).to eq("9000 #{Digest::MD5.hexdigest(resource[:line])}")
+      expect(resource[:name]).to eq("9000 #{Digest::SHA256.hexdigest(resource[:line])}")
     end
 
     resource_types = [:chain, :proto, :dport, :state, :action]