[Freeipa-devel] [PATCH] 21 Fix directory manager password validation in ipa-nis-manage

Wed, 08 Jun 2011 06:22:09 -0700 

https://fedorahosted.org/freeipa/ticket/1283
https://fedorahosted.org/freeipa/ticket/1284

Honza

--
Jan Cholasta

>From 7567db4bedc08ce4d649f33d7d37af7970a32145 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 8 Jun 2011 14:39:50 +0200
Subject: [PATCH] Fix directory manager password validation in ipa-nis-manage.

ticket 1283, 1284
---
 install/tools/ipa-nis-manage      |   10 ++++++++--
 ipaserver/install/installutils.py |    6 +++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage
index 69db06a..5ce82a7 100755
--- a/install/tools/ipa-nis-manage
+++ b/install/tools/ipa-nis-manage
@@ -62,7 +62,10 @@ def get_dirman_password():
     """Prompt the user for the Directory Manager password and verify its
        correctness.
     """
-    password = installutils.read_password("Directory Manager", confirm=False, validate=False)
+    password = installutils.read_password("Directory Manager", confirm=False, validate=False, retry=False)
+
+    if not password:
+        sys.exit("No password supplied")
 
     return password
 
@@ -101,7 +104,10 @@ def main():
 
     dirman_password = ""
     if options.password:
-        pw = ipautil.template_file(options.password, [])
+        try:
+            pw = ipautil.template_file(options.password, [])
+        except IOError:
+            sys.exit("File \"%s\" not found or not readable" % options.password)
         dirman_password = pw.strip()
     else:
         dirman_password = get_dirman_password()
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index d99af37..3f883d0 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -287,15 +287,18 @@ def get_password(prompt):
     else:
         return sys.stdin.readline().rstrip()
 
-def read_password(user, confirm=True, validate=True):
+def read_password(user, confirm=True, validate=True, retry=True):
     correct = False
     pwd = ""
     while not correct:
+        if not retry:
+            correct = True
         pwd = get_password(user + " password: ")
         if not pwd:
             continue
         if validate and len(pwd) < 8:
             print "Password must be at least 8 characters long"
+            pwd = ""
             continue
         if not confirm:
             correct = True
@@ -304,6 +307,7 @@ def read_password(user, confirm=True, validate=True):
         if pwd != pwd_confirm:
             print "Password mismatch!"
             print ""
+            pwd = ""
         else:
             correct = True
     print ""
-- 
1.7.4.4


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to