Skip to content

MLE-24397 - fix issue on Linux FIPS reported by consultant/customer a…#963

Merged
stevebio merged 1 commit intomarklogic:developfrom
stevebio:task/fipsMd5Fix
Sep 19, 2025
Merged

MLE-24397 - fix issue on Linux FIPS reported by consultant/customer a…#963
stevebio merged 1 commit intomarklogic:developfrom
stevebio:task/fipsMd5Fix

Conversation

@stevebio
Copy link
Collaborator

@stevebio stevebio commented Sep 19, 2025

…round exception caused by default load of FIPS-forbidden MD5 digest algorithm. Incorporate the source from the abandoned www-authenticate project and fix in place.

Copilot AI review requested due to automatic review settings September 19, 2025 20:14
Copilot AI reviewed Sep 19, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes a FIPS compliance issue where MD5 digest algorithms were being loaded by default, causing exceptions in FIPS-enabled Linux environments. The solution incorporates code from the abandoned www-authenticate project directly into the codebase and ensures MD5 is only loaded when actually needed.

  • Removes external dependency on www-authenticate package
  • Incorporates www-authenticate source code into the project with lazy MD5 loading
  • Adds comprehensive FIPS testing to verify MD5 is not loaded during module initialization

Reviewed Changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
package.json Removes www-authenticate dependency
lib/requester.js Updates import to use local www-authenticate implementation
lib/www-authenticate/www-authenticate.js Main authentication module with digest auth support
lib/www-authenticate/user-credentials.js User credential handling with MD5 digest support
lib/www-authenticate/parsers.js WWW-Authenticate header parsing logic
lib/www-authenticate/md5.js MD5 hash function wrapper
test-basic/digestauth-fips-nomd5load.js FIPS compliance test ensuring MD5 isn't loaded by default

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@stevebio
MLE-24397 - fix reported issue on Linux FIPS around exception caused …
8c9e5ff 
…by default load of FIPS-forbidden MD5 digest algorithm. Incorporate the source from the abandoned www-authenticate project and fix in place.
@stevebio stevebio requested a review from Copilot September 19, 2025 20:46
Copilot AI reviewed Sep 19, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 7 out of 8 changed files in this pull request and generated 2 comments.

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@stevebio stevebio merged commit 739c156 into marklogic:develop Sep 19, 2025
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@anu3990 anu3990 anu3990 approved these changes

@BillFarber BillFarber Awaiting requested review from BillFarber BillFarber is a code owner

@rjrudin rjrudin Awaiting requested review from rjrudin rjrudin is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stevebio @anu3990