lunny/gitea
Archived
1
1
Fork 1
Code Issues 1.7k Pull Requests 154 Projects Releases 128 Wiki Activity

Encrypt LDAP bind password in db with SECRET_KEY #15547

Merged
lunny merged 9 commits from fix-15460-encrypt-ldap-bind-password-in-db into main 2021-05-20 08:29:57 +00:00
Conversation 0 Commits 9 Files Changed 6 +19 -6
zeripath commented 2021-04-19 21:42:09 +00:00
Contributor
Copy Link

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

⚠️ WARNING ⚠️

Changing the SECRET_KEY in the app.ini will now cause these passwords to become unreadable.

Signed-off-by: Andrew Thornton art27@cantab.net

The LDAP source bind password are currently stored in plaintext in the db This PR simply encrypts them with the setting.SECRET_KEY. Fix #15460 ## :warning: WARNING :warning: Changing the `SECRET_KEY` in the app.ini will now cause these passwords to become unreadable. Signed-off-by: Andrew Thornton <art27@cantab.net>
lunny approved these changes 2021-04-19 23:37:59 +00:00
noerw (Migrated from github.com) approved these changes 2021-05-16 11:00:58 +00:00
justusbunsi (Migrated from github.com) reviewed 2021-05-18 15:23:10 +00:00
docs/content/doc/features/authentication.en-us.md
justusbunsi (Migrated from github.com) commented 2021-05-18 15:23:10 +00:00
Owner

is stored ~in~ encrypted with the. Although it seems to work with/without the "in". ?

_is stored ~in~ encrypted with the_. Although it seems to work with/without the "in". ?
This repo is archived. You cannot comment on pull requests.
Reviewers
No reviewers
lunny
noerw
Labels
Clear labels   
backport/done

   
backport/v1.0

   
backport/v1.1

   
backport/v1.10

   
backport/v1.11

   
backport/v1.12

   
backport/v1.13

   
backport/v1.14

   
backport/v1.15

   
backport/v1.2

   
backport/v1.3

   
backport/v1.4

   
backport/v1.5

   
backport/v1.6

   
backport/v1.7

   
backport/v1.8

   
backport/v1.9

   
bounty

   
changelog

   
dependencies

Pull requests that update a dependency file

  
frontport/done

   
frontport/main

   
good first issue

Likely to be an easy fix

  
Hacktoberfest

   
hacktoberfest-accepted

   
in progress

   
kind/api

   
kind/breaking

   
kind/bug

   
kind/build

   
kind/deployment

   
kind/deprecated

   
kind/docs

   
kind/enhancement

   
kind/feature

   
kind/lint

   
kind/misc

   
kind/moderation

features for moderateing spam, abuse, ...

  
kind/package

   
kind/proposal

   
kind/question

   
kind/refactor

   
kind/regression

   
kind/security

   
kind/summary

   
kind/testing

   
kind/translation

   
kind/ui

   
kind/upstream-related

An issue that is caused by an upstream dependency

  
kind/usability

   
kind/ux

   
lgtm/done

   
lgtm/need 1

   
lgtm/need 2

   
performance/bigrepo

Performance Issues affecting Big Repositories

  
performance/cpu

   
performance/memory

Performance issues affecting memory use

  
performance/speed

performance issues with slow downs

  
priority/critical

   
priority/low

   
priority/maybe

   
priority/medium

   
proposal/rejected

   
reviewed/confirmed

Issue has been reviewed and confirmed to be present or accepted to be implemented

  
reviewed/duplicate

   
reviewed/fixed

A fix for this issue is already in the attached milestone

  
reviewed/invalid

   
reviewed/not-a-bug

The reported issue is the intended behavior

  
reviewed/wontfix

   
skip-changelog

   
stale

   
status/blocked

   
status/needs-feedback

   
status/wip

   
theme/2fa

   
theme/authentication

   
theme/avatar

   
theme/backup-restore

   
theme/docker

Docker themed issued

  
theme/federation

   
theme/issues

   
theme/kanban

   
theme/markdown

   
theme/migration

Migration issues

  
theme/mobile

   
theme/pr

   
theme/signing

   
theme/sqlite

   
theme/timetracker

   
theme/webhook

   
theme/wiki
No Label
backport/done
backport/v1.0
backport/v1.1
backport/v1.10
backport/v1.11
backport/v1.12
backport/v1.13
backport/v1.14
backport/v1.15
backport/v1.2
backport/v1.3
backport/v1.4
backport/v1.5
backport/v1.6
backport/v1.7
backport/v1.8
backport/v1.9
bounty
changelog
dependencies
frontport/done
frontport/main
good first issue
Hacktoberfest
hacktoberfest-accepted
in progress
kind/api
kind/breaking
kind/bug
kind/build
kind/deployment
kind/deprecated
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/misc
kind/moderation
kind/package
kind/proposal
kind/question
kind/refactor
kind/regression
kind/security
kind/summary
kind/testing
kind/translation
kind/ui
kind/upstream-related
kind/usability
kind/ux
lgtm/done
lgtm/need 1
lgtm/need 2
performance/bigrepo
performance/cpu
performance/memory
performance/speed
priority/critical
priority/low
priority/maybe
priority/medium
proposal/rejected
reviewed/confirmed
reviewed/duplicate
reviewed/fixed
reviewed/invalid
reviewed/not-a-bug
reviewed/wontfix
skip-changelog
stale
status/blocked
status/needs-feedback
status/wip
theme/2fa
theme/authentication
theme/avatar
theme/backup-restore
theme/docker
theme/federation
theme/issues
theme/kanban
theme/markdown
theme/migration
theme/mobile
theme/pr
theme/signing
theme/sqlite
theme/timetracker
theme/webhook
theme/wiki
Milestone
Clear milestone
No items
No Milestone
1.15.0
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: lunny/gitea#15547
No description provided.
Delete Branch "fix-15460-encrypt-ldap-bind-password-in-db"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?