-
Stan Hu authored
On a FIPS kernel with a non-FIPS GitLab build, Maven package uploads previously would fail with 422 Unprocessible Entity errors. This occurred because Workhorse was generating an MD5 sum for the accelerated upload, but the Rails API rejects any use of MD5 in FIPS mode. Workhorse was generating an MD5 sum because its on check for FIPS involves more conditions: 1. The binary has been compiled with the `fips` build tag. 2. The platform is amd64 running on a Linux runtime. 3. The kernel has FIPS enabled (e.g. `/proc/sys/crypto/fips_enabled` is 1). 4. A system OpenSSL can be dynamically loaded via ldopen(). On a standard GitLab installation, 1 is not true, so Workhorse believed it was working in a standard environment. However, GitLab Rails only checks whether the OpenSSL library is FIPS-enabled. To resolve this discrepancy, we now: 1. Pass `UploadHashFunctions` to indicate which hashes should be used in the Workhorse `/authorize` response. 2. Workhorse wi...