From 6fb2100b0a4f2268ce5a056d6076252f6ec385cc Mon Sep 17 00:00:00 2001
From: XIANJUN ZHU <xianjun@us.ibm.com>
Date: Thu, 9 Apr 2020 15:50:43 -0400
Subject: [PATCH] Use unverified by default, only report false for true neg
 (#289)

* Use unverified by default, only report false for true neg

* Still use 5s as timeout
---
 detect_secrets/plugins/db2.py | 7 ++++---
 tests/plugins/db2_test.py     | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/detect_secrets/plugins/db2.py b/detect_secrets/plugins/db2.py
index 39e74c6a1..e6b889468 100644
--- a/detect_secrets/plugins/db2.py
+++ b/detect_secrets/plugins/db2.py
@@ -172,10 +172,11 @@ def verify_db2_credentials(
         else:
             return VerifiedResult.VERIFIED_FALSE
     except Exception as e:
-        if 'Timeout' in str(e):
-            return VerifiedResult.UNVERIFIED
-        else:
+        if 'invalid' in str(e).lower():
+            # Only return for true negative
             return VerifiedResult.VERIFIED_FALSE
+        else:
+            return VerifiedResult.UNVERIFIED
 
 
 def find_other_factor(content, factor_keyword_regex, factor_regex):
diff --git a/tests/plugins/db2_test.py b/tests/plugins/db2_test.py
index 2b41bde2b..28de11e19 100644
--- a/tests/plugins/db2_test.py
+++ b/tests/plugins/db2_test.py
@@ -89,7 +89,7 @@ def test_verify_invalid_connect_throws_exception(self, mock_db2_connect):
                host={},
                port={}'''.format(DB2_USER, DB2_PASSWORD, DB2_DATABASE, DB2_HOSTNAME, DB2_PORT),
             potential_secret,
-        ) == VerifiedResult.VERIFIED_FALSE
+        ) == VerifiedResult.UNVERIFIED
 
         mock_db2_connect.assert_called_with(DB2_CONN_STRING, '', '')