Fix infinite recursion issue for missing/invalid profile

Fixes #575 #545
99designs · May 2, 2020 · 1496990 · 1496990
1 parent 2386d86
commit 1496990
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -151,11 +151,10 @@ The [macOS release builds](https://github.com/99designs/aws-vault/releases) are
 
     $ codesign --verify --verbose $(which aws-vault)
 
-If you are developing or compiling the aws-vault binary yourself, you can [generate a self-signed certificate](https://support.apple.com/en-au/guide/keychain-access/kyca8916/mac) by accessing Keychain Access > Certificate Assistant > Create Certificate > Code Signing Certificate. You can then sign your binary with:
+If you are developing or compiling the aws-vault binary yourself, you can [generate a self-signed certificate](https://support.apple.com/en-au/guide/keychain-access/kyca8916/mac) by accessing Keychain Access > Certificate Assistant > Create Certificate -> Certificate Type: Code Signing. You can then sign your binary with:
 
     $ go build .
-    $ codesign --sign "Name of my certificate" ./aws-vault
-
+    $ codesign --sign <Name of certificate created above> ./aws-vault
 
 ## References and Inspiration
 

diff --git a/cli/login.go b/cli/login.go
@@ -98,7 +98,7 @@ func LoginCommand(input LoginCommandInput, configLoader *vault.ConfigLoader, key
 		creds, err = vault.NewFederationTokenCredentials(input.ProfileName, ckr, config)
 	}
 	if err != nil {
-		return err
+		return fmt.Errorf("profile %s: %w", input.ProfileName, err)
 	}
 
 	val, err := creds.Get()

diff --git a/vault/vault.go b/vault/vault.go
@@ -283,5 +283,9 @@ func MasterCredentialsFor(profileName string, keyring *CredentialKeyring, config
 		return profileName, nil
 	}
 
+	if profileName == config.SourceProfileName {
+		return "", fmt.Errorf("No master credentials found")
+	}
+
 	return MasterCredentialsFor(config.SourceProfileName, keyring, config)
 }