2 files changed, 32 insertions, 3 deletions

diff --git a/src/mailman/app/membership.py b/src/mailman/app/membership.py
index fcbedc2f5..aaf7f05df 100644
--- a/src/mailman/app/membership.py
+++ b/src/mailman/app/membership.py
@@ -39,6 +39,7 @@ from mailman.interfaces.member import (
     NotAMemberError)
 from mailman.interfaces.usermanager import IUserManager
 from mailman.utilities.i18n import make
+from mailman.utilities.passwords import encrypt_password
 
 
 
@@ -94,9 +95,9 @@ def add_member(mlist, email, realname, password, delivery_mode, language):
             user = user_manager.create_user()
             user.real_name = (realname if realname else address.real_name)
             user.link(address)
-        # Since created the user, then the member, and set preferences on the
-        # appropriate object.
-        user.password = password
+        # Encrypt the password using the currently selected scheme.  The
+        # scheme is recorded in the hashed password string.
+        user.password = encrypt_password(password)
         user.preferences.preferred_language = language
         member = address.subscribe(mlist, MemberRole.member)
         member.preferences.delivery_mode = delivery_mode
diff --git a/src/mailman/app/tests/test_membership.py b/src/mailman/app/tests/test_membership.py
index b0e1bae5d..2b69c7f39 100644
--- a/src/mailman/app/tests/test_membership.py
+++ b/src/mailman/app/tests/test_membership.py
@@ -31,6 +31,7 @@ from zope.component import getUtility
 
 from mailman.app.lifecycle import create_list
 from mailman.app.membership import add_member
+from mailman.config import config
 from mailman.core.constants import system_preferences
 from mailman.interfaces.bans import IBanManager
 from mailman.interfaces.member import DeliveryMode, MembershipIsBannedError
@@ -125,7 +126,34 @@ class AddMemberTest(unittest.TestCase):
 
 
 
+class AddMemberPasswordTest(unittest.TestCase):
+    layer = ConfigLayer
+
+    def setUp(self):
+        self._mlist = create_list('test@example.com')
+        # The default ssha scheme introduces a random salt, which is
+        # inappropriate for unit tests.
+        config.push('password scheme', """
+        [passwords]
+        password_scheme: sha
+        """)
+
+    def tearDown(self):
+        config.pop('password scheme')
+        reset_the_world()
+
+    def test_add_member_password(self):
+        # Test that the password stored with the new user is encrypted.
+        member = add_member(self._mlist, 'anne@example.com',
+                            'Anne Person', 'abc', DeliveryMode.regular,
+                            system_preferences.preferred_language)
+        self.assertEqual(
+            member.user.password, '{SHA}qZk-NkcGgWq6PiVxeFDCbJzQ2J0=')
+
+
+
 def test_suite():
     suite = unittest.TestSuite()
     suite.addTest(unittest.makeSuite(AddMemberTest))
+    suite.addTest(unittest.makeSuite(AddMemberPasswordTest))
     return suite