Skip to content

Commit

Permalink
Refactor DB2 verification for calling externally (Yelp#203)
Browse files Browse the repository at this point in the history
  • Loading branch information
justineyster committed Jun 24, 2020
1 parent 4d27d16 commit ef40340
Showing 1 changed file with 29 additions and 21 deletions.
50 changes: 29 additions & 21 deletions detect_secrets/plugins/db2.py
Original file line number Diff line number Diff line change
Expand Up @@ -80,31 +80,39 @@ def verify(self, token, content, potential_secret=None):
for database in database_matches: # pragma: no cover
for port in port_matches: # pragma: no cover
for hostname in hostname_matches: # pragma: no cover
try:
conn_str = 'database={database};hostname={hostname};port={port};' + \
'protocol=tcpip;uid={username};pwd={token}'
conn_str = conn_str.format(
database=database,
hostname=hostname,
port=port,
username=username,
token=token,
)
ibm_db_conn = ibm_db.connect(conn_str, '', '')
if ibm_db_conn:
potential_secret.other_factors['database'] = database
potential_secret.other_factors['hostname'] = hostname
potential_secret.other_factors['port'] = port
potential_secret.other_factors['username'] = username
return VerifiedResult.VERIFIED_TRUE
else:
return VerifiedResult.VERIFIED_FALSE
except Exception:
return VerifiedResult.UNVERIFIED
verify_result = verify_db2_credentials(
database, hostname, port, username, token,
)
if verify_result == VerifiedResult.VERIFIED_TRUE:
potential_secret.other_factors['database'] = database
potential_secret.other_factors['hostname'] = hostname
potential_secret.other_factors['port'] = port
potential_secret.other_factors['username'] = username
return verify_result

return VerifiedResult.VERIFIED_FALSE


def verify_db2_credentials(database, hostname, port, username, password): # pragma: no cover
try:
conn_str = 'database={database};hostname={hostname};port={port};' + \
'protocol=tcpip;uid={username};pwd={password}'
conn_str = conn_str.format(
database=database,
hostname=hostname,
port=port,
username=username,
password=password,
)
ibm_db_conn = ibm_db.connect(conn_str, '', '')
if ibm_db_conn:
return VerifiedResult.VERIFIED_TRUE
else:
return VerifiedResult.VERIFIED_FALSE
except Exception:
return VerifiedResult.UNVERIFIED


def get_other_factor(content, factor_keyword_regex, factor_regex):
begin = r'(?:(?<=\W)|(?<=^))'
opt_quote = r'(?:"|\'|)'
Expand Down

0 comments on commit ef40340

Please sign in to comment.