Do not fail on systems running in FIPSmode.

Initialize using gcrypt's GCRYCTL_NO_FIPS_MODE, available since gcrypt version 1.10.0, otherwise apt aborts on FIPS enabled systems.
author: A. Maitland Bottoms <bottoms@debian.org> 2023-05-29 08:28:20 -0400
committer: A. Maitland Bottoms <bottoms@debian.org> 2023-05-29 08:28:20 -0400
commit: 668451def296afeb0c358a7d80ff39dc546defab (patch)
tree: 3c853a08c02469b25f4e7e3193571da78d6605af
parent: f557a5e15bb4715557566d7e88e7367c17e94ebf (diff)
2 files changed, 4 insertions, 1 deletions
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index 313b1d37d..80b9bbf3f 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -330,6 +330,9 @@ public:
 	    exit(2);
 	 }
 
+	 // It is OK for apt to use MD5.
+	 gcry_control(GCRYCTL_NO_FIPS_MODE, 0);
+
 	 gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
       }
    }
diff --git a/debian/control b/debian/control
index 5768d7301..c831e45bb 100644
--- a/debian/control
+++ b/debian/control
@@ -17,7 +17,7 @@ Build-Depends: cmake (>= 3.4),
                libbz2-dev,
                libdb-dev,
                libgnutls28-dev (>= 3.4.6),
-               libgcrypt20-dev,
+               libgcrypt20-dev (>=1.10.0),
                liblz4-dev (>= 0.0~r126),
                liblzma-dev,
                libseccomp-dev (>= 2.4.2) [amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x hppa powerpc powerpcspe ppc64 x32],
author	A. Maitland Bottoms <bottoms@debian.org>	2023-05-29 08:28:20 -0400
committer	A. Maitland Bottoms <bottoms@debian.org>	2023-05-29 08:28:20 -0400
commit	668451def296afeb0c358a7d80ff39dc546defab (patch)
tree	3c853a08c02469b25f4e7e3193571da78d6605af
parent	f557a5e15bb4715557566d7e88e7367c17e94ebf (diff)