From f3983b0b7cbbadf33f72356e2421cd40d9e808ca Mon Sep 17 00:00:00 2001 From: "git@daemon.de" Date: Wed, 3 Jun 2015 09:31:03 +0200 Subject: [PATCH] bump version, add password retry 5 tries --- Changelog | 4 +++- NOTEDB.pm | 2 +- NOTEDB/pwsafe3.pm | 57 ++++++++++++++++++++++++++++++++--------------- 3 files changed, 43 insertions(+), 20 deletions(-) diff --git a/Changelog b/Changelog index 7186f5d..ad2d35b 100644 --- a/Changelog +++ b/Changelog @@ -1,4 +1,6 @@ -NEXT: fixed bug in mysql backend. +1.3.22: fixed bug in mysql backend. + added retry feature for NOTEDB::pwsafe3 backend save() password + entering. bails out after 5 retries. ================================================================================ 1.3.21: Changed note id generation in NOTEDB::pwsafe3::_uuid(), again. diff --git a/NOTEDB.pm b/NOTEDB.pm index 5ce9324..924faf8 100644 --- a/NOTEDB.pm +++ b/NOTEDB.pm @@ -10,7 +10,7 @@ package NOTEDB; use Exporter (); use vars qw(@ISA @EXPORT $crypt_supported); -$NOTEDB::VERSION = "1.43"; +$NOTEDB::VERSION = "1.44"; BEGIN { # make sure, it works, otherwise encryption diff --git a/NOTEDB/pwsafe3.pm b/NOTEDB/pwsafe3.pm index c299e39..f5f83f6 100644 --- a/NOTEDB/pwsafe3.pm +++ b/NOTEDB/pwsafe3.pm @@ -3,7 +3,7 @@ package NOTEDB::pwsafe3; -$NOTEDB::pwsafe3::VERSION = "1.07"; +$NOTEDB::pwsafe3::VERSION = "1.08"; use strict; use Data::Dumper; use Time::Local; @@ -281,30 +281,51 @@ sub _store { flock $fh, LOCK_EX; } - my $key = $this->_getpass(); - eval { - my $vault = new Crypt::PWSafe3(password => $key, file => $this->{dbname}); - if ($create) { - my $rec = new Crypt::PWSafe3::Record(); - $rec->uuid($record->{uuid}); - $vault->addrecord($rec); - $vault->modifyrecord($record->{uuid}, %{$record}); + my $key; + my $prompt = "pwsafe password: "; + + foreach my $try (1..5) { + if($try > 1) { + $prompt = "pwsafe password ($try retry): "; + } + $key = $this->_getpass($prompt); + eval { + my $vault = new Crypt::PWSafe3(password => $key, file => $this->{dbname}); + if ($create) { + my $rec = new Crypt::PWSafe3::Record(); + $rec->uuid($record->{uuid}); + $vault->addrecord($rec); + $vault->modifyrecord($record->{uuid}, %{$record}); + } + else { + $vault->modifyrecord($record->{uuid}, %{$record}); + } + $vault->save(); + }; + if ($@) { + if($@ =~ /wrong pass/i) { + $key = ''; + next; + } + else { + print "Exception caught:\n$@\n"; + exit 1; + } } else { - $vault->modifyrecord($record->{uuid}, %{$record}); + last; } - $vault->save(); - }; - if ($@) { - print "Exception caught:\n$@\n"; - exit 1; } - eval { flock $fh, LOCK_UN; $fh->close(); }; + if(!$key) { + print STDERR "Giving up after 5 failed password attempts.\n"; + exit 1; + } + # finally re-read the db, so that we always have the latest data $this->_retrieve($key); } @@ -483,14 +504,14 @@ sub _getpass { # Instead we ask for the password everytime we want # to fetch data from the actual file OR want to write # to it. To minimize reads, we use caching by default. - my($this) = @_; + my($this, $prompt) = @_; if ($this->{key}) { return $this->{key}; } else { my $key; - print STDERR "pwsafe password: "; + print STDERR $prompt ? $prompt : "pwsafe password: "; eval { local($|) = 1; local(*TTY);