diff options
Diffstat (limited to 'models/login.go')
| -rw-r--r-- | models/login.go | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/models/login.go b/models/login.go index 6ed4fefbdf..22edc25b55 100644 --- a/models/login.go +++ b/models/login.go @@ -23,6 +23,11 @@ import ( "github.com/gogits/gogs/modules/log" ) +var ( + ErrAuthenticationAlreadyExist = errors.New("Authentication already exist") + ErrAuthenticationUserUsed = errors.New("Authentication has been used by some users") +) + type LoginType int // Note: new type must be added at the end of list to maintain compatibility. @@ -35,11 +40,6 @@ const ( LOGIN_DLDAP // 5 ) -var ( - ErrAuthenticationAlreadyExist = errors.New("Authentication already exist") - ErrAuthenticationUserUsed = errors.New("Authentication has been used by some users") -) - var LoginNames = map[LoginType]string{ LOGIN_LDAP: "LDAP (via BindDN)", LOGIN_DLDAP: "LDAP (simple auth)", // Via direct bind @@ -47,6 +47,12 @@ var LoginNames = map[LoginType]string{ LOGIN_PAM: "PAM", } +var SecurityProtocolNames = map[ldap.SecurityProtocol]string{ + ldap.SECURITY_PROTOCOL_UNENCRYPTED: "Unencrypted", + ldap.SECURITY_PROTOCOL_LDAPS: "LDAPS", + ldap.SECURITY_PROTOCOL_START_TLS: "StartTLS", +} + // Ensure structs implemented interface. var ( _ core.Conversion = &LDAPConfig{} @@ -66,6 +72,10 @@ func (cfg *LDAPConfig) ToDB() ([]byte, error) { return json.Marshal(cfg) } +func (cfg *LDAPConfig) SecurityProtocolName() string { + return SecurityProtocolNames[cfg.SecurityProtocol] +} + type SMTPConfig struct { Auth string Host string @@ -173,10 +183,16 @@ func (source *LoginSource) IsPAM() bool { return source.Type == LOGIN_PAM } +func (source *LoginSource) HasTLS() bool { + return ((source.IsLDAP() || source.IsDLDAP()) && + source.LDAP().SecurityProtocol > ldap.SECURITY_PROTOCOL_UNENCRYPTED) || + source.IsSMTP() +} + func (source *LoginSource) UseTLS() bool { switch source.Type { case LOGIN_LDAP, LOGIN_DLDAP: - return source.LDAP().UseSSL + return source.LDAP().SecurityProtocol != ldap.SECURITY_PROTOCOL_UNENCRYPTED case LOGIN_SMTP: return source.SMTP().TLS } |