fix cluster setup: use same admin pq salt on all nodes

apache · May 20, 2017 · 54623ce · 54623ce
1 parent e8d1e32
commit 54623ce
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 12 deletions.
diff --git a/src/setup.erl b/src/setup.erl
@@ -85,11 +85,13 @@ get_remote_request_options(Options) ->
 enable_cluster_http(Options) ->
     % POST to nodeB/_setup
     RequestOptions = get_remote_request_options(Options),
+    AdminUsername = couch_util:get_value(username, Options),
+    AdminPasswordHash = config:get("admins", binary_to_list(AdminUsername)),
 
     Body = ?JSON_ENCODE({[
         {<<"action">>, <<"enable_cluster">>},
-        {<<"username">>, couch_util:get_value(username, Options)},
-        {<<"password">>, couch_util:get_value(password, Options)},
+        {<<"username">>, AdminUsername},
+        {<<"password_hash">>, ?l2b(AdminPasswordHash)},
         {<<"bind_address">>, couch_util:get_value(bind_address, Options)},
         {<<"port">>, couch_util:get_value(port, Options)}
     ]}),
@@ -119,7 +121,10 @@ enable_cluster_int(Options, no) ->
     CurrentAdmins = config:get("admins"),
     NewCredentials = {
         proplists:get_value(username, Options),
-        proplists:get_value(password, Options)
+        case proplists:get_value(password_hash, Options) of
+          undefined -> proplists:get_value(password, Options);
+          Pw -> Pw
+        end
     },
 
     % if bind_address == 127.0.0.1 and no bind_address in req -> error
@@ -132,7 +137,7 @@ enable_cluster_int(Options, no) ->
         {undefined, undefined} ->
             ok;
         {Username, Password} ->
-            maybe_set_admin(Username, Password)
+            set_admin(Username, Password)
     end,
 
     case NewBindAddress of
@@ -154,14 +159,8 @@ enable_cluster_int(Options, no) ->
     couch_log:notice("Enable Cluster: ~p~n", [Options]).
     %cluster_state:set(enabled).
 
-maybe_set_admin(Username, Password) ->
-    case couch_auth_cache:get_admin(Username) of
-        nil ->
-            HashedPassword = couch_passwords:hash_admin_password(Password),
-            config:set("admins", binary_to_list(Username), binary_to_list(HashedPassword));
-        _Else ->
-            ok
-    end.
+set_admin(Username, Password) ->
+  config:set("admins", binary_to_list(Username), binary_to_list(Password)).
 
 
 finish_cluster() ->

diff --git a/src/setup_httpd.erl b/src/setup_httpd.erl
@@ -57,6 +57,7 @@ handle_action("enable_cluster", Setup) ->
     Options = get_options([
         {username, <<"username">>},
         {password, <<"password">>},
+        {password_hash, <<"password_hash">>},
         {bind_address, <<"bind_address">>},
         {port, <<"port">>},
         {remote_node, <<"remote_node">>},