From fa128a9ceae529132d5f3db5f8ae31aa6d7e5e1c Mon Sep 17 00:00:00 2001
From: Daniel Dizdarevic <daniel.dizdarevic@tik.uni-stuttgart.de>
Date: Mon, 8 May 2023 18:15:36 +0200
Subject: [PATCH] Catch invalid passwords in keepass

---
 src/ldaptool/search/config.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/ldaptool/search/config.py b/src/ldaptool/search/config.py
index 6dd72f0..57fcd15 100644
--- a/src/ldaptool/search/config.py
+++ b/src/ldaptool/search/config.py
@@ -5,6 +5,7 @@ import dataclasses
 import getpass
 import os
 import os.path
+import sys
 import shlex
 import subprocess
 import typing
@@ -145,8 +146,14 @@ class Keepass(PasswordManager):
     def get_password(self, password_name: str) -> str:
         import pykeepass  # already made sure it is avaiable above
 
-        password = getpass.getpass(f"KeePass password for database {self.database}: ")
-        kp = pykeepass.PyKeePass(self.database, password=password)
+        while True:
+            try:
+                password = getpass.getpass(f"KeePass password for database {self.database}: ")
+                kp = pykeepass.PyKeePass(self.database, password=password)
+                break
+            except pykeepass.exceptions.CredentialsError:
+                print("Invalid password", file=sys.stderr)
+
         entry = kp.find_entries(username=password_name, first=True)
         if entry:
             return entry.password  # type: ignore