Can we get rid of the hash(password) dance?

John Meinel john at arbash-meinel.com
Thu Jul 17 10:01:20 UTC 2014


...


> From what I can tell poking around the code base, the only place that
>> still uses the hash(password) is actually in the Dummy provider.
>>
>>
> Right, and when I remove that code all the tests pass with some session
> copying in place!
>
> https://github.com/voidspace/juju/compare/master...copy-sessions
>
>
>  I feel like we're at a point where we can safely remove that from the
>> Dummy provider, and also remove the fallback code in our 'connect to the
>> database' code. (If we leave it in, then I think after
>>
> Do you mean the "oldPassword" logic in cmd/jujud/agent.go (I had to add
> code there to re-open the state when we change the password.)
>

What I mean is removing the "if IsUnauthorized(err) { altpassword =
hash(password); login(alt password); SetPassword(password) }"
Because *if* the current access is actually hash(password) we still (?)
need to set it to the real password. (and then reconnect).

I'd be ok removing the fallback, as I don't think there will be any real
sites out there that need it in production. Those that might have would
have already run the fallback code.

John
=:->


> All the best,
>
> Michael
>
>
>  changing the password just reconnecting to the database is fine, because
>> it should happen infrequently.
>>
>> Thoughts?
>>
>> John
>> =:->
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju-dev/attachments/20140717/79c0695c/attachment.html>


More information about the Juju-dev mailing list