sim1222-mirror/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-08-31 04:52:52 +09:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Use SecurityProtocol to replace UseSSL in LDAP config

Browse Source 
Initially proposed by #2376 and fixes #3068 as well.
This commit is contained in:
Unknwon
2016-07-08 07:25:09 +08:00
parent 326c982660
commit 401bf944ef
15 changed files with 228 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
models/login.go
View File

@ -23,6 +23,11 @@ import (
"github.com/gogits/gogs/modules/log"
)
var (
ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")
ErrAuthenticationUserUsed = errors.New("Authentication has been used by some users")
)
type LoginType int
// Note: new type must be added at the end of list to maintain compatibility.
@ -35,11 +40,6 @@ const (
LOGIN_DLDAP // 5
)
var (
ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")
ErrAuthenticationUserUsed = errors.New("Authentication has been used by some users")
)
var LoginNames = map[LoginType]string{
LOGIN_LDAP: "LDAP (via BindDN)",
LOGIN_DLDAP: "LDAP (simple auth)", // Via direct bind
@ -47,6 +47,12 @@ var LoginNames = map[LoginType]string{
LOGIN_PAM: "PAM",
}
var SecurityProtocolNames = map[ldap.SecurityProtocol]string{
ldap.SECURITY_PROTOCOL_UNENCRYPTED: "Unencrypted",
ldap.SECURITY_PROTOCOL_LDAPS: "LDAPS",
ldap.SECURITY_PROTOCOL_START_TLS: "StartTLS",
}
// Ensure structs implemented interface.
var (
_ core.Conversion = &LDAPConfig{}
@ -66,6 +72,10 @@ func (cfg *LDAPConfig) ToDB() ([]byte, error) {
return json.Marshal(cfg)
}
func (cfg *LDAPConfig) SecurityProtocolName() string {
return SecurityProtocolNames[cfg.SecurityProtocol]
}
type SMTPConfig struct {
Auth string
Host string
@ -173,10 +183,16 @@ func (source *LoginSource) IsPAM() bool {
return source.Type == LOGIN_PAM
}
func (source *LoginSource) HasTLS() bool {
return ((source.IsLDAP() || source.IsDLDAP()) &&
source.LDAP().SecurityProtocol > ldap.SECURITY_PROTOCOL_UNENCRYPTED) ||
source.IsSMTP()
}
func (source *LoginSource) UseTLS() bool {
switch source.Type {
case LOGIN_LDAP, LOGIN_DLDAP:
return source.LDAP().UseSSL
return source.LDAP().SecurityProtocol != ldap.SECURITY_PROTOCOL_UNENCRYPTED
case LOGIN_SMTP:
return source.SMTP().TLS
}