User: Add handling for OpenSSL 1.1.0 or older

Nowadays, the CLI expects OpenSSL to be equipped with the SHA-512/256 hashing function, so let's handle exceptions with older OpenSSL builds, which are still present on distros such as CentOS 7.
OpenSIPS · Oct 17, 2023 · e3ec055 · e3ec055
1 parent af872f0
commit e3ec055
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/opensipscli/modules/user.py b/opensipscli/modules/user.py
@@ -116,7 +116,18 @@ def user_get_ha1_sha256(self, user, domain, password):
 
     def user_get_ha1_sha512t256(self, user, domain, password):
         string = "{}:{}:{}".format(user, domain, password)
-        o = hashlib.new("sha512-256")
+        try:
+            o = hashlib.new("sha512-256")
+        except ValueError:
+            # SHA-512/256 is only available w/ OpenSSL 1.1.1 (Sep 2018) or
+            # newer, so let's just leave the field blank if we get an exception
+            logger.error(("The SHA-512/256 hashing algorithm is "
+                            "apparently not available!?"))
+            logger.error("Adding user, but with a blank '{}' column!".format(
+                    USER_HA1_SHA512T256_COL))
+            logger.error("Tip: installing OpenSSL 1.1.1+ should fix this")
+            return ""
+
         o.update(string.encode('utf-8'))
         return o.hexdigest()