From c42bef6f02e36ac1e57e7812414beff438108f56 Mon Sep 17 00:00:00 2001 From: Daniel Dizdarevic Date: Mon, 8 May 2023 17:47:21 +0200 Subject: [PATCH 1/3] Catch exception if no password found --- src/ldaptool/search/config.py | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/ldaptool/search/config.py b/src/ldaptool/search/config.py index 438d980..6dd72f0 100644 --- a/src/ldaptool/search/config.py +++ b/src/ldaptool/search/config.py @@ -148,7 +148,9 @@ class Keepass(PasswordManager): password = getpass.getpass(f"KeePass password for database {self.database}: ") kp = pykeepass.PyKeePass(self.database, password=password) entry = kp.find_entries(username=password_name, first=True) - return entry.password # type: ignore + if entry: + return entry.password # type: ignore + @dataclasses.dataclass @@ -221,6 +223,11 @@ class Config: if realm.account is None: raise RuntimeError("Can't get password without acccount - should use kerberos instead") if self.password_manager: - return self.password_manager.get_password(realm.password_name) + password = self.password_manager.get_password(realm.password_name) + else: + password = getpass.getpass(f"Enter password for {realm.password_name}: ") - return getpass.getpass(f"Enter password for {realm.password_name}: ") + if password: + return password + else: + raise SystemExit(f"No password found for {realm.password_name}") -- 2.39.5 From fa128a9ceae529132d5f3db5f8ae31aa6d7e5e1c Mon Sep 17 00:00:00 2001 From: Daniel Dizdarevic Date: Mon, 8 May 2023 18:15:36 +0200 Subject: [PATCH 2/3] Catch invalid passwords in keepass --- src/ldaptool/search/config.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/ldaptool/search/config.py b/src/ldaptool/search/config.py index 6dd72f0..57fcd15 100644 --- a/src/ldaptool/search/config.py +++ b/src/ldaptool/search/config.py @@ -5,6 +5,7 @@ import dataclasses import getpass import os import os.path +import sys import shlex import subprocess import typing @@ -145,8 +146,14 @@ class Keepass(PasswordManager): def get_password(self, password_name: str) -> str: import pykeepass # already made sure it is avaiable above - password = getpass.getpass(f"KeePass password for database {self.database}: ") - kp = pykeepass.PyKeePass(self.database, password=password) + while True: + try: + password = getpass.getpass(f"KeePass password for database {self.database}: ") + kp = pykeepass.PyKeePass(self.database, password=password) + break + except pykeepass.exceptions.CredentialsError: + print("Invalid password", file=sys.stderr) + entry = kp.find_entries(username=password_name, first=True) if entry: return entry.password # type: ignore -- 2.39.5 From 206b94299b590ebcff02ef695b57a778debbab0e Mon Sep 17 00:00:00 2001 From: Daniel Dizdarevic Date: Mon, 8 May 2023 18:16:06 +0200 Subject: [PATCH 3/3] Catch CTRL+C and CTRL+D in password prompts --- src/ldaptool/search/config.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/ldaptool/search/config.py b/src/ldaptool/search/config.py index 57fcd15..16ba7ef 100644 --- a/src/ldaptool/search/config.py +++ b/src/ldaptool/search/config.py @@ -229,10 +229,14 @@ class Config: """ if realm.account is None: raise RuntimeError("Can't get password without acccount - should use kerberos instead") - if self.password_manager: - password = self.password_manager.get_password(realm.password_name) - else: - password = getpass.getpass(f"Enter password for {realm.password_name}: ") + + try: + if self.password_manager: + password = self.password_manager.get_password(realm.password_name) + else: + password = getpass.getpass(f"Enter password for {realm.password_name}: ") + except (KeyboardInterrupt, EOFError): + exit() if password: return password -- 2.39.5