-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Passphrase fixups #906
Passphrase fixups #906
Conversation
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
5c19422
to
c7f0bab
Compare
if err != nil { | ||
continue | ||
if err == nil { | ||
break | ||
} | ||
if giveup || attempts > 10 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Non-blocking: wondering if we should decrease this number to 3 or some such? That would give the user 5 tries. (currently it fails out after 12 tries - I was wondering whether that's too many)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree. 10 is feeling like too many. Also would be good to move the exact number to a const.
Thank you for fixing this! LGTM - took it for a spin and it correctly terminates, and in a script without stdin it immediately fails. |
if err != nil { | ||
return "", false, err | ||
} | ||
term.DisableEcho(0, state) | ||
defer term.RestoreTerminal(0, state) | ||
term.DisableEcho(os.Stdin.Fd(), state) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, this is a good reason for us to switch to crypto/terminal in the future. Better API for retrieving passwords from the terminal.
LGTM. We can modify the number of retries separately |
Fixes some logic in the keystore when counting number of passphrase attempts, especially when short passphrases are provided.
Also, ensures that
PromptRetriever()
has an actual terminal when requesting passphrases and will error out withErrNoInput
if that is not the case instead of trying to read input over and over.Closes #899
Closes #812