net/ldaptool
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: net:34fcd259ef9c7d77021701b2b16ea33c9ff44ff0
Branches Tags
net:main
net:debian
net:debian/0.6-1
net:ldaptool-0.6
net:debian/0.5-1
net:ldaptool-0.5
net:debian/0.4-1
net:ldaptool-0.4
net:debian/0.3-1
net:ldaptool-0.3
net:debian/0.2-1
net:ldaptool-0.2
net:debian/0.1-1
net:ldaptool-0.1
..
compare: net:21069e892e2d3b071dca63712f539dda1a79d9f1
Branches Tags
net:main
net:debian
net:debian/0.6-1
net:ldaptool-0.6
net:debian/0.5-1
net:ldaptool-0.5
net:debian/0.4-1
net:ldaptool-0.4
net:debian/0.3-1
net:ldaptool-0.3
net:debian/0.2-1
net:ldaptool-0.2
net:debian/0.1-1
net:ldaptool-0.1

No commits in common. "34fcd259ef9c7d77021701b2b16ea33c9ff44ff0" and "21069e892e2d3b071dca63712f539dda1a79d9f1" have entirely different histories.
34fcd259ef ... 21069e892e

2 changed files with 20 additions and 33 deletions
Show Stats Expand all files Collapse all files

2
src/ldaptool/_main.py
View File

@ -105,7 +105,7 @@ class _Context:
try: try:
self.config = search.Config.load() self.config = search.Config.load()
except Exception as e: except Exception as e:
raise SystemExit(f"config error: {e!r}") raise SystemExit(f"config error: {e}")
try: try:
self.arguments = arguments_p.from_args(args) self.arguments = arguments_p.from_args(args)
except decode.InvalidStep as e: except decode.InvalidStep as e:

51
src/ldaptool/search/config.py
View File

@ -7,7 +7,6 @@ import os
import os.path import os.path
import shlex import shlex
import subprocess import subprocess
import sys
import typing import typing
import yaml import yaml
@ -29,13 +28,13 @@ class Realm:
@staticmethod @staticmethod
def load(name: str, data: typing.Any) -> Realm: def load(name: str, data: typing.Any) -> Realm:
assert isinstance(data, dict), f"Realm section isn't a dictionary: {data!r}" assert isinstance(data, dict)
domain = data["domain"] domain = data.pop("domain")
servers = data["servers"].split() servers = data.pop("servers").split()
forest_root_domain = data.get("forest_root_domain", domain) forest_root_domain = data.pop("forest_root_domain", domain)
account = data.get("account", None) account = data.pop("account", None)
password_file = data.get("password_file", None) password_file = data.pop("password_file", None)
password_folder = data.get("password_folder", None) password_folder = data.pop("password_folder", None)
return Realm( return Realm(
name=name, name=name,
domain=domain, domain=domain,
@ -102,8 +101,8 @@ class Keyringer(PasswordManager):
@staticmethod @staticmethod
def load(data: typing.Any) -> Keyringer: def load(data: typing.Any) -> Keyringer:
assert isinstance(data, dict) assert isinstance(data, dict)
keyring = data["keyring"] keyring = data.pop("keyring")
folder = data.get("folder", "") folder = data.pop("folder")
return Keyringer(keyring=keyring, folder=folder) return Keyringer(keyring=keyring, folder=folder)
def get_password(self, password_name: str) -> str: def get_password(self, password_name: str) -> str:
@ -146,17 +145,9 @@ class Keepass(PasswordManager):
def get_password(self, password_name: str) -> str: def get_password(self, password_name: str) -> str:
import pykeepass # already made sure it is avaiable above import pykeepass # already made sure it is avaiable above
while True: password = getpass.getpass(f"KeePass password for database {self.database}: ")
try: kp = pykeepass.PyKeePass(self.database, password=password)
password = getpass.getpass(f"KeePass password for database {self.database}: ")
kp = pykeepass.PyKeePass(self.database, password=password)
break
except pykeepass.exceptions.CredentialsError:
print("Invalid password", file=sys.stderr)
entry = kp.find_entries(username=password_name, first=True) entry = kp.find_entries(username=password_name, first=True)
if not entry:
raise SystemExit(f"no KeePass entry for {password_name!r} found")
return entry.password # type: ignore return entry.password # type: ignore
@ -199,8 +190,8 @@ class Config:
with open(conf_path) as f: with open(conf_path) as f:
data = yaml.safe_load(f) data = yaml.safe_load(f)
assert isinstance(data, dict) assert isinstance(data, dict)
assert "realms" in data, "Missing realms section in config" assert "realms" in data
realms_data = data["realms"] realms_data = data.pop("realms")
assert isinstance(realms_data, dict) assert isinstance(realms_data, dict)
realms = {} realms = {}
for name, realm_data in realms_data.items(): for name, realm_data in realms_data.items():
@ -210,15 +201,15 @@ class Config:
if "keyringer" in data: if "keyringer" in data:
if password_manager: if password_manager:
raise ValueError("Can only set a single password manager") raise ValueError("Can only set a single password manager")
password_manager = Keyringer.load(data["keyringer"]) password_manager = Keyringer.load(data.pop("keyringer"))
if "keepass" in data: if "keepass" in data:
if password_manager: if password_manager:
raise ValueError("Can only set a single password manager") raise ValueError("Can only set a single password manager")
password_manager = Keepass.load(data["keepass"]) password_manager = Keepass.load(data.pop("keepass"))
if "password-script" in data: if "password-script" in data:
if password_manager: if password_manager:
raise ValueError("Can only set a single password manager") raise ValueError("Can only set a single password manager")
password_manager = PasswordScript.load(data["password-script"]) password_manager = PasswordScript.load(data.pop("password-script"))
return Config(realms=realms, password_manager=password_manager) return Config(realms=realms, password_manager=password_manager)
@ -229,11 +220,7 @@ class Config:
""" """
if realm.account is None: if realm.account is None:
raise RuntimeError("Can't get password without acccount - should use kerberos instead") raise RuntimeError("Can't get password without acccount - should use kerberos instead")
if self.password_manager:
return self.password_manager.get_password(realm.password_name)
try: return getpass.getpass(f"Enter password for {realm.password_name}: ")
if self.password_manager:
return self.password_manager.get_password(realm.password_name)
return getpass.getpass(f"Enter password for {realm.password_name}: ")
except (KeyboardInterrupt, EOFError):
raise SystemExit("Password prompt / retrieval aborted")