Hello fellow CloudStackers, Today I was working on CLOUDSTACK-5235, which is a security issue, and I noticed a variable ‘md5Hashed’ in the javascript that does not seem to be useful at all. This variable was used to control if we hash or not the password of users in the user side (browser). However, we no longer hash the password on the user side. All of the password processing is executed in the server side according to the priority of hashing mechanism defined by the administrator.
I am addressing this cleanup with this PR https://github.com/apache/cloudstack/pull/2555. If you have any objections regarding this variable and its relate code removal, please do so. Otherwise, we will proceed to remove it. -- Rafael Weingärtner
