Github user KlausTrainer commented on a diff in the pull request:
https://github.com/apache/couchdb/pull/152#discussion_r9885241
--- Diff: share/www/script/couch_test_runner.js ---
@@ -462,7 +462,11 @@ CouchDB.prepareUserDoc = function(user_doc,
new_password) {
if (new_password) {
// handle the password crypto
user_doc.salt = CouchDB.newUuids(1)[0];
- user_doc.password_sha = hex_sha1(new_password + user_doc.salt);
+ user_doc.password_scheme = "pbkdf2";
--- End diff --
I did some research on the question why password hashing is done on the
client in the tests, and found no good reason for that. I therefore removed it
(see https://github.com/apache/couchdb/pull/154), but would like to keep that
change separate from this issue here.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. To do so, please top-post your response.
If your project does not have this feature enabled and wishes so, or if the
feature is enabled but not working, please contact infrastructure at
[email protected] or file a JIRA ticket with INFRA.
---
