Compare commits
5 Commits
21069e892e
...
34fcd259ef
Author | SHA1 | Date | |
---|---|---|---|
34fcd259ef | |||
f036713d71 | |||
f1d57487be | |||
04fd42c63b | |||
1a9829b93b |
@ -105,7 +105,7 @@ class _Context:
|
||||
try:
|
||||
self.config = search.Config.load()
|
||||
except Exception as e:
|
||||
raise SystemExit(f"config error: {e}")
|
||||
raise SystemExit(f"config error: {e!r}")
|
||||
try:
|
||||
self.arguments = arguments_p.from_args(args)
|
||||
except decode.InvalidStep as e:
|
||||
|
@ -7,6 +7,7 @@ import os
|
||||
import os.path
|
||||
import shlex
|
||||
import subprocess
|
||||
import sys
|
||||
import typing
|
||||
|
||||
import yaml
|
||||
@ -28,13 +29,13 @@ class Realm:
|
||||
|
||||
@staticmethod
|
||||
def load(name: str, data: typing.Any) -> Realm:
|
||||
assert isinstance(data, dict)
|
||||
domain = data.pop("domain")
|
||||
servers = data.pop("servers").split()
|
||||
forest_root_domain = data.pop("forest_root_domain", domain)
|
||||
account = data.pop("account", None)
|
||||
password_file = data.pop("password_file", None)
|
||||
password_folder = data.pop("password_folder", None)
|
||||
assert isinstance(data, dict), f"Realm section isn't a dictionary: {data!r}"
|
||||
domain = data["domain"]
|
||||
servers = data["servers"].split()
|
||||
forest_root_domain = data.get("forest_root_domain", domain)
|
||||
account = data.get("account", None)
|
||||
password_file = data.get("password_file", None)
|
||||
password_folder = data.get("password_folder", None)
|
||||
return Realm(
|
||||
name=name,
|
||||
domain=domain,
|
||||
@ -101,8 +102,8 @@ class Keyringer(PasswordManager):
|
||||
@staticmethod
|
||||
def load(data: typing.Any) -> Keyringer:
|
||||
assert isinstance(data, dict)
|
||||
keyring = data.pop("keyring")
|
||||
folder = data.pop("folder")
|
||||
keyring = data["keyring"]
|
||||
folder = data.get("folder", "")
|
||||
return Keyringer(keyring=keyring, folder=folder)
|
||||
|
||||
def get_password(self, password_name: str) -> str:
|
||||
@ -145,9 +146,17 @@ class Keepass(PasswordManager):
|
||||
def get_password(self, password_name: str) -> str:
|
||||
import pykeepass # already made sure it is avaiable above
|
||||
|
||||
password = getpass.getpass(f"KeePass password for database {self.database}: ")
|
||||
kp = pykeepass.PyKeePass(self.database, password=password)
|
||||
while True:
|
||||
try:
|
||||
password = getpass.getpass(f"KeePass password for database {self.database}: ")
|
||||
kp = pykeepass.PyKeePass(self.database, password=password)
|
||||
break
|
||||
except pykeepass.exceptions.CredentialsError:
|
||||
print("Invalid password", file=sys.stderr)
|
||||
|
||||
entry = kp.find_entries(username=password_name, first=True)
|
||||
if not entry:
|
||||
raise SystemExit(f"no KeePass entry for {password_name!r} found")
|
||||
return entry.password # type: ignore
|
||||
|
||||
|
||||
@ -190,8 +199,8 @@ class Config:
|
||||
with open(conf_path) as f:
|
||||
data = yaml.safe_load(f)
|
||||
assert isinstance(data, dict)
|
||||
assert "realms" in data
|
||||
realms_data = data.pop("realms")
|
||||
assert "realms" in data, "Missing realms section in config"
|
||||
realms_data = data["realms"]
|
||||
assert isinstance(realms_data, dict)
|
||||
realms = {}
|
||||
for name, realm_data in realms_data.items():
|
||||
@ -201,15 +210,15 @@ class Config:
|
||||
if "keyringer" in data:
|
||||
if password_manager:
|
||||
raise ValueError("Can only set a single password manager")
|
||||
password_manager = Keyringer.load(data.pop("keyringer"))
|
||||
password_manager = Keyringer.load(data["keyringer"])
|
||||
if "keepass" in data:
|
||||
if password_manager:
|
||||
raise ValueError("Can only set a single password manager")
|
||||
password_manager = Keepass.load(data.pop("keepass"))
|
||||
password_manager = Keepass.load(data["keepass"])
|
||||
if "password-script" in data:
|
||||
if password_manager:
|
||||
raise ValueError("Can only set a single password manager")
|
||||
password_manager = PasswordScript.load(data.pop("password-script"))
|
||||
password_manager = PasswordScript.load(data["password-script"])
|
||||
|
||||
return Config(realms=realms, password_manager=password_manager)
|
||||
|
||||
@ -220,7 +229,11 @@ class Config:
|
||||
"""
|
||||
if realm.account is None:
|
||||
raise RuntimeError("Can't get password without acccount - should use kerberos instead")
|
||||
if self.password_manager:
|
||||
return self.password_manager.get_password(realm.password_name)
|
||||
|
||||
return getpass.getpass(f"Enter password for {realm.password_name}: ")
|
||||
try:
|
||||
if self.password_manager:
|
||||
return self.password_manager.get_password(realm.password_name)
|
||||
|
||||
return getpass.getpass(f"Enter password for {realm.password_name}: ")
|
||||
except (KeyboardInterrupt, EOFError):
|
||||
raise SystemExit("Password prompt / retrieval aborted")
|
||||
|
Loading…
Reference in New Issue
Block a user