diff options
author | zeripath <art27@cantab.net> | 2021-05-20 09:29:57 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-05-20 09:29:57 +0100 |
commit | 17be64549845a53f3954f0f2190c085affe7a13f (patch) | |
tree | fb9b1afc48cd1b7541ebe71bf8d4dbbffa6375be /modules/auth | |
parent | 124b256c53a80e56df7465d2039c8d2a5f6fae2d (diff) | |
download | gitea-17be64549845a53f3954f0f2190c085affe7a13f.tar.gz gitea-17be64549845a53f3954f0f2190c085affe7a13f.zip |
Encrypt LDAP bind password in db with SECRET_KEY (#15547)
* Encrypt LDAP bind password in db with SECRET_KEY
The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.
Fix #15460
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove ui warning regarding unencrypted password
Co-authored-by: silverwind <me@silverwind.io>
Diffstat (limited to 'modules/auth')
-rw-r--r-- | modules/auth/ldap/ldap.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go index 6c557de018..91ad33a60f 100644 --- a/modules/auth/ldap/ldap.go +++ b/modules/auth/ldap/ldap.go @@ -35,6 +35,7 @@ type Source struct { SecurityProtocol SecurityProtocol SkipVerify bool BindDN string // DN to bind with + BindPasswordEncrypt string // Encrypted Bind BN password BindPassword string // Bind DN password UserBase string // Base search path for users UserDN string // Template for the DN of the user for simple auth |