Merge pull request #3033 from barakmich/strip_pass

etcdhttp: Always strip password hash when returning users
2024-09-27 06:25:44 +00:00 · 2015-06-22 18:39:50 -07:00 · 2015-06-22 18:39:50 -07:00 · ad7124599d
commit ad7124599d
parent 7f7e2cc79d d5a0e3ac6a
1 changed files with 1 additions and 3 deletions
--- a/etcdserver/etcdhttp/client_auth.go
+++ b/etcdserver/etcdhttp/client_auth.go
@ -323,9 +323,7 @@ func (sh *authHandler) forUser(w http.ResponseWriter, r *http.Request, user stri
 			writeError(w, err)
 			return
 		}
-		if u.Password == "" {
-			newuser.Password = ""
-		}
+		newuser.Password = ""

 		if created {
 			w.WriteHeader(http.StatusCreated)