CLI: Add support for okon in offline HIBP checks

* Closes #5447 * Add option `--okon <okon-cli path>` to trigger the use of the okon cli tool to process a database's entries. When using this option the `-H, --hibp` option must point to a post-processed okon file instead of the standard HIBP text file. * Updated documentation
2025-07-22 06:28:52 -04:00 · 2020-09-27 09:00:59 -04:00 · 2020-09-27 09:00:59 -04:00 · 7426693f1d
commit 7426693f1d
parent e1c2537084
5 changed files with 92 additions and 13 deletions
--- a/src/cli/Analyze.cpp
+++ b/src/cli/Analyze.cpp
@ -34,11 +34,17 @@ const QCommandLineOption Analyze::HIBPDatabaseOption = QCommandLineOption(
                "https://haveibeenpwned.com/Passwords."),
    QObject::tr("FILENAME"));

+const QCommandLineOption Analyze::OkonOption =
+    QCommandLineOption("okon",
+                       QObject::tr("Path to okon-cli to search a formatted HIBP file"),
+                       QObject::tr("okon-cli"));
+
 Analyze::Analyze()
 {
    name = QString("analyze");
    description = QObject::tr("Analyze passwords for weaknesses and problems.");
    options.append(Analyze::HIBPDatabaseOption);
+    options.append(Analyze::OkonOption);
 }

 int Analyze::executeWithDatabase(QSharedPointer<Database> database, QSharedPointer<QCommandLineParser> parser)
@ -46,20 +52,36 @@ int Analyze::executeWithDatabase(QSharedPointer<Database> database, QSharedPoint
    auto& out = Utils::STDOUT;
    auto& err = Utils::STDERR;

-    QString hibpDatabase = parser->value(Analyze::HIBPDatabaseOption);
-    QFile hibpFile(hibpDatabase);
-    if (!hibpFile.open(QFile::ReadOnly)) {
-        err << QObject::tr("Failed to open HIBP file %1: %2").arg(hibpDatabase).arg(hibpFile.errorString()) << endl;
+    QList<QPair<const Entry*, int>> findings;
+    QString error;
+
+    auto hibpDatabase = parser->value(Analyze::HIBPDatabaseOption);
+    if (!QFile::exists(hibpDatabase) || hibpDatabase.isEmpty()) {
+        err << QObject::tr("Cannot find HIBP file: %1").arg(hibpDatabase);
        return EXIT_FAILURE;
    }

-    out << QObject::tr("Evaluating database entries against HIBP file, this will take a while...") << endl;
+    auto okon = parser->value(Analyze::OkonOption);
+    if (!okon.isEmpty()) {
+        out << QObject::tr("Evaluating database entries using okon...") << endl;

-    QList<QPair<const Entry*, int>> findings;
-    QString error;
-    if (!HibpOffline::report(database, hibpFile, findings, &error)) {
-        err << error << endl;
-        return EXIT_FAILURE;
+        if (!HibpOffline::okonReport(database, okon, hibpDatabase, findings, &error)) {
+            err << error << endl;
+            return EXIT_FAILURE;
+        }
+    } else {
+        QFile hibpFile(hibpDatabase);
+        if (!hibpFile.open(QFile::ReadOnly)) {
+            err << QObject::tr("Failed to open HIBP file %1: %2").arg(hibpDatabase).arg(hibpFile.errorString()) << endl;
+            return EXIT_FAILURE;
+        }
+
+        out << QObject::tr("Evaluating database entries against HIBP file, this will take a while...") << endl;
+
+        if (!HibpOffline::report(database, hibpFile, findings, &error)) {
+            err << error << endl;
+            return EXIT_FAILURE;
+        }
    }

    for (auto& finding : findings) {
@ -76,5 +98,9 @@ void Analyze::printHibpFinding(const Entry* entry, int count, QTextStream& out)
        path.prepend("/").prepend(g->name());
    }

-    out << QObject::tr("Password for '%1' has been leaked %2 time(s)!", "", count).arg(path).arg(count) << endl;
+    if (count > 0) {
+        out << QObject::tr("Password for '%1' has been leaked %2 time(s)!", "", count).arg(path).arg(count) << endl;
+    } else {
+        out << QObject::tr("Password for '%1' has been leaked!", "", count).arg(path) << endl;
+    }
 }