From 0a2341efd208ba8a9ddd69f647b0df4286829604 Mon Sep 17 00:00:00 2001
From: Christopher Speller <crspeller@gmail.com>
Date: Thu, 7 Apr 2016 10:38:36 -0400
Subject: Adding TLS options to LDAP

---
 model/config.go | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'model/config.go')

diff --git a/model/config.go b/model/config.go
index 666b2770b..29bc536dc 100644
--- a/model/config.go
+++ b/model/config.go
@@ -162,12 +162,13 @@ type TeamSettings struct {
 
 type LdapSettings struct {
 	// Basic
-	Enable       *bool
-	LdapServer   *string
-	LdapPort     *int
-	BaseDN       *string
-	BindUsername *string
-	BindPassword *string
+	Enable             *bool
+	LdapServer         *string
+	LdapPort           *int
+	ConnectionSecurity *string
+	BaseDN             *string
+	BindUsername       *string
+	BindPassword       *string
 
 	// Filtering
 	UserFilter *string
@@ -180,7 +181,8 @@ type LdapSettings struct {
 	IdAttribute        *string
 
 	// Advanced
-	QueryTimeout *int
+	SkipCertificateVerification *bool
+	QueryTimeout                *int
 }
 
 type ComplianceSettings struct {
@@ -526,6 +528,10 @@ func (o *Config) IsValid() *AppError {
 		return NewLocAppError("Config.IsValid", "model.config.is_valid.rate_sec.app_error", nil, "")
 	}
 
+	if !(*o.LdapSettings.ConnectionSecurity == CONN_SECURITY_NONE || *o.LdapSettings.ConnectionSecurity == CONN_SECURITY_TLS || *o.LdapSettings.ConnectionSecurity == CONN_SECURITY_STARTTLS) {
+		return NewLocAppError("Config.IsValid", "model.config.is_valid.ldap_security.app_error", nil, "")
+	}
+
 	return nil
 }
 
-- 
cgit v1.2.3-1-g7c22