On 9.6.2011 14:50, Martin Kosek wrote:
On Wed, 2011-06-08 at 15:21 +0200, Jan Cholasta wrote:
https://fedorahosted.org/freeipa/ticket/1283
https://fedorahosted.org/freeipa/ticket/1284

Honza

Patch works fine, but I'd like to improve code quality a bit. Please
don't call sys.exit() from get_dirman_password(). It doesn't make really
sense.

I suggest just returning None in that case and then exiting in the main
function. Or raising a proper exception and then exiting in the main
function. The get_dirman_password() function can then be later reused
easily.

Good point. Fixed.


Martin


Honza

--
Jan Cholasta
>From 16f29e8bd15a7a7708a3983495440eb13ff5ca61 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 8 Jun 2011 14:39:50 +0200
Subject: [PATCH] Fix directory manager password validation in ipa-nis-manage.

ticket 1283, 1284
---
 install/tools/ipa-nis-manage      |   10 ++++++++--
 ipaserver/install/installutils.py |    6 +++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage
index 69db06a..2c0936b 100755
--- a/install/tools/ipa-nis-manage
+++ b/install/tools/ipa-nis-manage
@@ -62,7 +62,7 @@ def get_dirman_password():
     """Prompt the user for the Directory Manager password and verify its
        correctness.
     """
-    password = installutils.read_password("Directory Manager", confirm=False, validate=False)
+    password = installutils.read_password("Directory Manager", confirm=False, validate=False, retry=False)
 
     return password
 
@@ -101,11 +101,17 @@ def main():
 
     dirman_password = ""
     if options.password:
-        pw = ipautil.template_file(options.password, [])
+        try:
+            pw = ipautil.template_file(options.password, [])
+        except IOError:
+            sys.exit("File \"%s\" not found or not readable" % options.password)
         dirman_password = pw.strip()
     else:
         dirman_password = get_dirman_password()
 
+    if not dirman_password:
+        sys.exit("No password supplied")
+
     api.bootstrap(context='cli', debug=options.debug)
     api.finalize()
 
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index d99af37..3f883d0 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -287,15 +287,18 @@ def get_password(prompt):
     else:
         return sys.stdin.readline().rstrip()
 
-def read_password(user, confirm=True, validate=True):
+def read_password(user, confirm=True, validate=True, retry=True):
     correct = False
     pwd = ""
     while not correct:
+        if not retry:
+            correct = True
         pwd = get_password(user + " password: ")
         if not pwd:
             continue
         if validate and len(pwd) < 8:
             print "Password must be at least 8 characters long"
+            pwd = ""
             continue
         if not confirm:
             correct = True
@@ -304,6 +307,7 @@ def read_password(user, confirm=True, validate=True):
         if pwd != pwd_confirm:
             print "Password mismatch!"
             print ""
+            pwd = ""
         else:
             correct = True
     print ""
-- 
1.7.4.4

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to