Listen's use of Digest::MD5 breaks support on FIPS enabled machines

[ruckc]

Please review usage of Digest::MD5 and migrate to a different hash algorithm that is not disabled in when FIPS is enabled.

$ rails server
=> Booting Puma
=> Rails 5.2.1 application starting in development
=> Run `rails server -h` for more startup options
md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!
Aborted

[ioquatix]

What is the best solution to this problem?

[ruckc]

Replacing Digest::MD5 with a modern hashing algorithm such as Digest::SHA2 is the easy answer. Long term though, its ideal to support configurable algorithms for future proofing.

[souravb65]

Is there a plan in the near future to use Digest::SHA2 and make it FIPS enabled?

[ioquatix]

Sure, do you have time to submit a PR?

[souravb65]

Sure. I can give it a try. Looks like I don't have permission to create my feature branch. Can you please grant me permission?

[ioquatix]

Please create a fork and submit a PR. If you need more help, please let me know.

[ColinDKelley]

@souravb65 Here's a branch: https://github.com/guard/listen/pull/541 Tests are green!

[ColinDKelley]

Considering this fixed.

[souravb65]

Awesome @ColinDKelley making these changes. I did the changes but due to my machine issue was not able to test to push those.

[ColinDKelley]

No problem, @souravb65. Thanks for the nudge to get this fixed and closed.

[ioquatix]

@ColinDKelley Thanks for your effort maintaining this gem.