From 04fd42c63bf86b221fd31b47ddf3491138a2c888 Mon Sep 17 00:00:00 2001
From: Daniel Dizdarevic <daniel.dizdarevic@tik.uni-stuttgart.de>
Date: Mon, 8 May 2023 18:15:36 +0200
Subject: [PATCH] Catch invalid passwords in keepass

---
 src/ldaptool/search/config.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/ldaptool/search/config.py b/src/ldaptool/search/config.py
index 730b70b..50a0fc9 100644
--- a/src/ldaptool/search/config.py
+++ b/src/ldaptool/search/config.py
@@ -7,6 +7,7 @@ import os
 import os.path
 import shlex
 import subprocess
+import sys
 import typing
 
 import yaml
@@ -145,8 +146,14 @@ class Keepass(PasswordManager):
     def get_password(self, password_name: str) -> str:
         import pykeepass  # already made sure it is avaiable above
 
-        password = getpass.getpass(f"KeePass password for database {self.database}: ")
-        kp = pykeepass.PyKeePass(self.database, password=password)
+        while True:
+            try:
+                password = getpass.getpass(f"KeePass password for database {self.database}: ")
+                kp = pykeepass.PyKeePass(self.database, password=password)
+                break
+            except pykeepass.exceptions.CredentialsError:
+                print("Invalid password", file=sys.stderr)
+
         entry = kp.find_entries(username=password_name, first=True)
         if not entry:
             raise SystemExit(f"no KeePass entry for {password_name!r} found")