improve config loading: don't modify dicts to allow yaml repeated nodes

improve some error messages
Catch CTRL+C and CTRL+D in password prompts
2023-05-10 16:25:41 +02:00 · 2023-05-10 16:23:32 +02:00 · 2023-05-10 16:15:09 +02:00 · 2023-05-10 16:01:34 +02:00 · 2023-05-10 16:00:07 +02:00
2 changed files with 33 additions and 20 deletions
--- a/src/ldaptool/_main.py
+++ b/src/ldaptool/_main.py
@ -105,7 +105,7 @@ class _Context:
        try:
            self.config = search.Config.load()
        except Exception as e:
-            raise SystemExit(f"config error: {e}")
+            raise SystemExit(f"config error: {e!r}")
        try:
            self.arguments = arguments_p.from_args(args)
        except decode.InvalidStep as e:
--- a/src/ldaptool/search/config.py
+++ b/src/ldaptool/search/config.py
@ -7,6 +7,7 @@ import os
 import os.path
 import shlex
 import subprocess
 import sys
 import typing
 import yaml
@ -28,13 +29,13 @@ class Realm:
    @staticmethod
    def load(name: str, data: typing.Any) -> Realm:
-        assert isinstance(data, dict)
+        assert isinstance(data, dict), f"Realm section isn't a dictionary: {data!r}"
-        domain = data.pop("domain")
+        domain = data["domain"]
-        servers = data.pop("servers").split()
+        servers = data["servers"].split()
-        forest_root_domain = data.pop("forest_root_domain", domain)
+        forest_root_domain = data.get("forest_root_domain", domain)
-        account = data.pop("account", None)
+        account = data.get("account", None)
-        password_file = data.pop("password_file", None)
+        password_file = data.get("password_file", None)
-        password_folder = data.pop("password_folder", None)
+        password_folder = data.get("password_folder", None)
        return Realm(
            name=name,
            domain=domain,
@ -101,8 +102,8 @@ class Keyringer(PasswordManager):
    @staticmethod
    def load(data: typing.Any) -> Keyringer:
        assert isinstance(data, dict)
-        keyring = data.pop("keyring")
+        keyring = data["keyring"]
-        folder = data.pop("folder")
+        folder = data.get("folder", "")
        return Keyringer(keyring=keyring, folder=folder)
    def get_password(self, password_name: str) -> str:
@ -145,9 +146,17 @@ class Keepass(PasswordManager):
    def get_password(self, password_name: str) -> str:
        import pykeepass  # already made sure it is avaiable above
        while True:
            try:
                password = getpass.getpass(f"KeePass password for database {self.database}: ")
                kp = pykeepass.PyKeePass(self.database, password=password)
                break
            except pykeepass.exceptions.CredentialsError:
                print("Invalid password", file=sys.stderr)
        entry = kp.find_entries(username=password_name, first=True)
        if not entry:
            raise SystemExit(f"no KeePass entry for {password_name!r} found")
        return entry.password  # type: ignore
@ -190,8 +199,8 @@ class Config:
        with open(conf_path) as f:
            data = yaml.safe_load(f)
        assert isinstance(data, dict)
-        assert "realms" in data
+        assert "realms" in data, "Missing realms section in config"
-        realms_data = data.pop("realms")
+        realms_data = data["realms"]
        assert isinstance(realms_data, dict)
        realms = {}
        for name, realm_data in realms_data.items():
@ -201,15 +210,15 @@ class Config:
        if "keyringer" in data:
            if password_manager:
                raise ValueError("Can only set a single password manager")
-            password_manager = Keyringer.load(data.pop("keyringer"))
+            password_manager = Keyringer.load(data["keyringer"])
        if "keepass" in data:
            if password_manager:
                raise ValueError("Can only set a single password manager")
-            password_manager = Keepass.load(data.pop("keepass"))
+            password_manager = Keepass.load(data["keepass"])
        if "password-script" in data:
            if password_manager:
                raise ValueError("Can only set a single password manager")
-            password_manager = PasswordScript.load(data.pop("password-script"))
+            password_manager = PasswordScript.load(data["password-script"])
        return Config(realms=realms, password_manager=password_manager)
@ -220,7 +229,11 @@ class Config:
        """
        if realm.account is None:
            raise RuntimeError("Can't get password without acccount - should use kerberos instead")
        try:
            if self.password_manager:
                return self.password_manager.get_password(realm.password_name)
            return getpass.getpass(f"Enter password for {realm.password_name}: ")
        except (KeyboardInterrupt, EOFError):
            raise SystemExit("Password prompt / retrieval aborted")
Author	SHA1	Message	Date
Stefan Bühler	34fcd259ef	improve config loading: don't modify dicts to allow yaml repeated nodes	2023-05-10 16:25:41 +02:00
Stefan Bühler	f036713d71	improve some error messages	2023-05-10 16:23:32 +02:00
Daniel Dizdarevic	f1d57487be	Catch CTRL+C and CTRL+D in password prompts	2023-05-10 16:15:09 +02:00
Daniel Dizdarevic	04fd42c63b	Catch invalid passwords in keepass	2023-05-10 16:01:34 +02:00
Stefan Bühler	1a9829b93b	handle missing KeePass entry	2023-05-10 16:00:07 +02:00