Prevent --force from being used with the TUI or unexpected commands

We may want to use --force with some of these later, so we shouldn't
allow it to be a no-op at present.
This commit is contained in:
Jack Grigg
2021-05-02 09:38:31 +12:00
parent 65082edf22
commit d36da3fe2d
2 changed files with 25 additions and 1 deletions
+10
View File
@@ -6,6 +6,8 @@ use crate::util::slot_to_ui;
pub enum Error { pub enum Error {
CustomManagementKey, CustomManagementKey,
InvalidFlagCommand(String, String),
InvalidFlagTui(String),
InvalidPinLength, InvalidPinLength,
InvalidPinPolicy(String), InvalidPinPolicy(String),
InvalidSlot(u8), InvalidSlot(u8),
@@ -42,6 +44,14 @@ impl fmt::Debug for Error {
Error::CustomManagementKey => { Error::CustomManagementKey => {
writeln!(f, "Custom unprotected management keys are not supported.")? writeln!(f, "Custom unprotected management keys are not supported.")?
} }
Error::InvalidFlagCommand(flag, command) => {
writeln!(f, "Flag '{}' cannot be used with '{}'.", flag, command)?
}
Error::InvalidFlagTui(flag) => writeln!(
f,
"Flag '{}' cannot be used with the interactive interface.",
flag
)?,
Error::InvalidPinLength => writeln!(f, "The PIN needs to be 1-8 characters.")?, Error::InvalidPinLength => writeln!(f, "The PIN needs to be 1-8 characters.")?,
Error::InvalidPinPolicy(s) => writeln!( Error::InvalidPinPolicy(s) => writeln!(
f, f,
+15 -1
View File
@@ -267,6 +267,12 @@ fn print_details(
} }
fn identity(flags: PluginFlags) -> Result<(), Error> { fn identity(flags: PluginFlags) -> Result<(), Error> {
if flags.force {
return Err(Error::InvalidFlagCommand(
"--force".into(),
"--identity".into(),
));
}
print_details("identities", flags, false, util::print_identity) print_details("identities", flags, false, util::print_identity)
} }
@@ -274,6 +280,12 @@ fn list(flags: PluginFlags, all: bool) -> Result<(), Error> {
if all && flags.slot.is_some() { if all && flags.slot.is_some() {
return Err(Error::UseListForSingleSlot); return Err(Error::UseListForSingleSlot);
} }
if flags.force {
return Err(Error::InvalidFlagCommand(
"--force".into(),
format!("--list{}", if all { "-all" } else { "" }),
));
}
print_details("recipients", flags, all, |_, recipient, metadata| { print_details("recipients", flags, all, |_, recipient, metadata| {
println!("{}", metadata); println!("{}", metadata);
@@ -318,6 +330,9 @@ fn main() -> Result<(), Error> {
} else if opts.list_all { } else if opts.list_all {
list(opts.try_into()?, true) list(opts.try_into()?, true)
} else { } else {
if opts.force {
return Err(Error::InvalidFlagTui("--force".into()));
}
let flags: PluginFlags = opts.try_into()?; let flags: PluginFlags = opts.try_into()?;
eprintln!("✨ Let's get your YubiKey set up for age! ✨"); eprintln!("✨ Let's get your YubiKey set up for age! ✨");
@@ -511,7 +526,6 @@ fn main() -> Result<(), Error> {
}) })
.with_pin_policy(Some(pin_policy)) .with_pin_policy(Some(pin_policy))
.with_touch_policy(Some(touch_policy)) .with_touch_policy(Some(touch_policy))
.force(flags.force)
.build(&mut yubikey)?, .build(&mut yubikey)?,
true, true,
) )