From d5a0e3ac6a5b70149ba5acc2dc509204e429338c Mon Sep 17 00:00:00 2001
From: Barak Michener <me@barakmich.com>
Date: Mon, 22 Jun 2015 18:39:16 -0400
Subject: [PATCH] etcdhttp: Always strip password hash when returning users

---
 etcdserver/etcdhttp/client_auth.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/etcdserver/etcdhttp/client_auth.go b/etcdserver/etcdhttp/client_auth.go
index 6356a8544..f4a8b0796 100644
--- a/etcdserver/etcdhttp/client_auth.go
+++ b/etcdserver/etcdhttp/client_auth.go
@@ -323,9 +323,7 @@ func (sh *authHandler) forUser(w http.ResponseWriter, r *http.Request, user stri
 			writeError(w, err)
 			return
 		}
-		if u.Password == "" {
-			newuser.Password = ""
-		}
+		newuser.Password = ""
 
 		if created {
 			w.WriteHeader(http.StatusCreated)