Fix #1469 Use a different checksum calculation method to run in FIPS env

Python 3.10 and later versions rely on OpenSSL 1.1.1 or newer, which includes FIPS-compliance checks. MD5 is not an approved algorithm in FIPS mode, so attempting to instantiate self.blob.download_to_file(self._file) will fail when the system is running in FIPS mode. The change configures the `download_to_file` function to use an alternative algorithm provided by gcloud storage SDK - 'crc32c' - for checksum calculation.
jschneier · Nov 15, 2024 · a55af2e · a55af2e
1 parent f029e50
commit a55af2e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/storages/backends/gcloud.py b/storages/backends/gcloud.py
@@ -62,7 +62,7 @@ def _get_file(self):
             )
             if "r" in self._mode:
                 self._is_dirty = False
-                self.blob.download_to_file(self._file)
+                self.blob.download_to_file(self._file, checksum="crc32c")
                 self._file.seek(0)
             if self._storage.gzip and self.blob.content_encoding == "gzip":
                 self._file = self._decompress_file(mode=self._mode, file=self._file)