From 17be64549845a53f3954f0f2190c085affe7a13f Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Thu, 20 May 2021 09:29:57 +0100
Subject: Encrypt LDAP bind password in db with SECRET_KEY (#15547)

* Encrypt LDAP bind password in db with SECRET_KEY

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove ui warning regarding unencrypted password

Co-authored-by: silverwind <me@silverwind.io>
---
 modules/auth/ldap/ldap.go | 1 +
 1 file changed, 1 insertion(+)

(limited to 'modules/auth/ldap')

diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go
index 6c557de018..91ad33a60f 100644
--- a/modules/auth/ldap/ldap.go
+++ b/modules/auth/ldap/ldap.go
@@ -35,6 +35,7 @@ type Source struct {
 	SecurityProtocol      SecurityProtocol
 	SkipVerify            bool
 	BindDN                string // DN to bind with
+	BindPasswordEncrypt   string // Encrypted Bind BN password
 	BindPassword          string // Bind DN password
 	UserBase              string // Base search path for users
 	UserDN                string // Template for the DN of the user for simple auth
-- 
cgit v1.2.3