Hello folks, I have not heard anything back here. I will still wait a few more days. If I do not see anybody against it, I will assume lazy consensus and proceed removing these variables.
On Mon, Apr 9, 2018 at 2:31 PM, Rafael Weingärtner < rafaelweingart...@gmail.com> wrote: > Hello fellow CloudStackers, > > Today I was working on CLOUDSTACK-5235, which is a security issue, and I > noticed a variable ‘md5Hashed’ in the javascript that does not seem to be > useful at all. This variable was used to control if we hash or not the > password of users in the user side (browser). However, we no longer hash > the password on the user side. All of the password processing is executed > in the server side according to the priority of hashing mechanism defined > by the administrator. > > I am addressing this cleanup with this PR https://github.com/apache/ > cloudstack/pull/2555. > > If you have any objections regarding this variable and its relate code > removal, please do so. Otherwise, we will proceed to remove it. > > -- > Rafael Weingärtner > -- Rafael Weingärtner
