diff options
author | Unknwon <u@gogs.io> | 2016-07-08 01:25:09 +0200 |
---|---|---|
committer | Unknwon <u@gogs.io> | 2016-07-08 01:25:09 +0200 |
commit | 401bf944ef4b09e7d4ca85d7272dbd32e7e950a0 (patch) | |
tree | 7e9af9199616f4704d4e1e9e0bfcf97d537693e4 /routers | |
parent | Upgrade frontend assets (diff) | |
download | forgejo-401bf944ef4b09e7d4ca85d7272dbd32e7e950a0.tar.xz forgejo-401bf944ef4b09e7d4ca85d7272dbd32e7e950a0.zip |
Use SecurityProtocol to replace UseSSL in LDAP config
Initially proposed by #2376 and fixes #3068 as well.
Diffstat (limited to 'routers')
-rw-r--r-- | routers/admin/auths.go | 51 |
1 files changed, 35 insertions, 16 deletions
diff --git a/routers/admin/auths.go b/routers/admin/auths.go index 4a26532bf4..ff811d5574 100644 --- a/routers/admin/auths.go +++ b/routers/admin/auths.go @@ -41,17 +41,24 @@ func Authentications(ctx *context.Context) { ctx.HTML(200, AUTHS) } -type AuthSource struct { +type dropdownItem struct { Name string - Type models.LoginType + Type interface{} } -var authSources = []AuthSource{ - {models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP}, - {models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP}, - {models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP}, - {models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM}, -} +var ( + authSources = []dropdownItem{ + {models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP}, + {models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP}, + {models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP}, + {models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM}, + } + securityProtocols = []dropdownItem{ + {models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED], ldap.SECURITY_PROTOCOL_UNENCRYPTED}, + {models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_LDAPS], ldap.SECURITY_PROTOCOL_LDAPS}, + {models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_START_TLS], ldap.SECURITY_PROTOCOL_START_TLS}, + } +) func NewAuthSource(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("admin.auths.new") @@ -59,10 +66,12 @@ func NewAuthSource(ctx *context.Context) { ctx.Data["PageIsAdminAuthentications"] = true ctx.Data["type"] = models.LOGIN_LDAP - ctx.Data["CurTypeName"] = models.LoginNames[models.LOGIN_LDAP] + ctx.Data["CurrentTypeName"] = models.LoginNames[models.LOGIN_LDAP] + ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED] ctx.Data["smtp_auth"] = "PLAIN" ctx.Data["is_active"] = true ctx.Data["AuthSources"] = authSources + ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SMTPAuths"] = models.SMTPAuths ctx.HTML(200, AUTH_NEW) } @@ -73,7 +82,7 @@ func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig { Name: form.Name, Host: form.Host, Port: form.Port, - UseSSL: form.TLS, + SecurityProtocol: ldap.SecurityProtocol(form.SecurityProtocol), SkipVerify: form.SkipVerify, BindDN: form.BindDN, UserDN: form.UserDN, @@ -107,21 +116,21 @@ func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) { ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminAuthentications"] = true - ctx.Data["CurTypeName"] = models.LoginNames[models.LoginType(form.Type)] + ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(form.Type)] + ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(form.SecurityProtocol)] ctx.Data["AuthSources"] = authSources + ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SMTPAuths"] = models.SMTPAuths - if ctx.HasError() { - ctx.HTML(200, AUTH_NEW) - return - } - + hasTLS := false var config core.Conversion switch models.LoginType(form.Type) { case models.LOGIN_LDAP, models.LOGIN_DLDAP: config = parseLDAPConfig(form) + hasTLS = ldap.SecurityProtocol(form.SecurityProtocol) > ldap.SECURITY_PROTOCOL_UNENCRYPTED case models.LOGIN_SMTP: config = parseSMTPConfig(form) + hasTLS = true case models.LOGIN_PAM: config = &models.PAMConfig{ ServiceName: form.PAMServiceName, @@ -130,6 +139,12 @@ func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) { ctx.Error(400) return } + ctx.Data["HasTLS"] = hasTLS + + if ctx.HasError() { + ctx.HTML(200, AUTH_NEW) + return + } if err := models.CreateSource(&models.LoginSource{ Type: models.LoginType(form.Type), @@ -152,6 +167,7 @@ func EditAuthSource(ctx *context.Context) { ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminAuthentications"] = true + ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SMTPAuths"] = models.SMTPAuths source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid")) @@ -160,6 +176,8 @@ func EditAuthSource(ctx *context.Context) { return } ctx.Data["Source"] = source + ctx.Data["HasTLS"] = source.HasTLS() + ctx.HTML(200, AUTH_EDIT) } @@ -176,6 +194,7 @@ func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) { return } ctx.Data["Source"] = source + ctx.Data["HasTLS"] = source.HasTLS() if ctx.HasError() { ctx.HTML(200, AUTH_EDIT) |