@Override public String toString() { return getConfigLine(); }
private static KnownHostEntry parseHostEntry(String line) { KnownHostEntry entry = new KnownHostEntry(); entry.setConfigLine(line); String tmp = line; int i = 0; return null; entry.setMarker(tmp.substring(1, i)); tmp = tmp.substring(i + 1).trim(); return null; entry.setHashedEntry(hash); entry.setPatterns(null); } else { Collection<HostPatternValue> patterns = parsePatterns( return null; entry.setHashedEntry(null); entry.setPatterns(patterns); return null; entry.setKeyEntry(key); return entry;
public static KnownHostEntry parseKnownHostEntry(String line) { return parseKnownHostEntry(GenericUtils.isEmpty(line) ? null : new KnownHostEntry(), line); }
entry.setConfigLine(line); ValidateUtils.checkTrue(pos > 0, "Missing marker name end delimiter in line=%s", data); ValidateUtils.checkTrue(pos > 1, "No marker name after indicator in line=%s", data); entry.setMarker(line.substring(1, pos)); line = line.substring(pos + 1).trim(); } else { entry.setMarker(null); ValidateUtils.checkNotNull(KnownHostHashValue.parse(hostPattern), "Failed to extract host hash value from line=%s", data); entry.setHashedEntry(hash); entry.setPatterns(null); } else { entry.setHashedEntry(null); entry.setPatterns(parsePatterns(GenericUtils.split(hostPattern, ','))); ValidateUtils.checkNotNull(AuthorizedKeyEntry.parseAuthorizedKeyEntry(line), "No valid key entry recovered from line=%s", data); entry.setKeyEntry(key); return entry;
throws Exception { KnownHostEntry entry = match.getHostEntry(); String matchLine = ValidateUtils.checkNotNullAndNotEmpty(entry.getConfigLine(), "No entry config line"); String newLine = prepareModifiedServerKeyLine( clientSession, remoteAddress, entry, matchLine, match.getServerKey(), actual); entry.setConfigLine(newLine);
public static List<KnownHostEntry> readKnownHostEntries(Path path, OpenOption... options) throws IOException { try (InputStream input = Files.newInputStream(path, options)) { return readKnownHostEntries(input, true); } }
for (SshdSocketAddress host : candidates) { try { if (entry.isHostMatch(host.getHostName(), host.getPort())) { if (debugEnabled) { log.debug("findKnownHostEntry({})[{}] matched host={} for entry={}", log.warn("findKnownHostEntry({})[{}] failed ({}) to check host={} for entry={}: {}", clientSession, remoteAddress, e.getClass().getSimpleName(), host, entry.getConfigLine(), e.getMessage()); if (debugEnabled) { log.debug("findKnownHostEntry(" + clientSession + ") host=" + host + ", entry=" + entry + " match failure details", e);
AuthorizedKeyEntry keyPart = entry.getKeyEntry(); if (keyPart == null) { continue; LOG.warn(format( SshdText.get().knownHostsUnknownKeyType, path, entry.getConfigLine())); } else { newEntries.add(new HostEntryPair(entry, serverKey)); path, entry.getConfigLine()));
KnownHostEntry entry = current.getHostEntry(); for (SshdSocketAddress host : candidates) { if (entry.isHostMatch(host.getHostName(), host.getPort())) { boolean isRevoked = MARKER_REVOKED .equals(entry.getMarker()); if (KeyUtils.compareKeys(serverKey, current.getServerKey())) {
KnownHostEntry entry = parseKnownHostEntry(line); if (entry == null) { continue;
/** * Recover the associated public key from a known host entry * * @param entry The {@link KnownHostEntry} - ignored if {@code null} * @param resolver The {@link PublicKeyEntryResolver} to use if immediate * - decoding does not work - ignored if {@code null} * @return The extracted {@link PublicKey} - {@code null} if none * @throws IOException If failed to decode the key * @throws GeneralSecurityException If failed to generate the key * @see #getFallbackPublicKeyEntryResolver() * @see AuthorizedKeyEntry#resolvePublicKey(PublicKeyEntryResolver) */ protected PublicKey resolveHostKey(KnownHostEntry entry, PublicKeyEntryResolver resolver) throws IOException, GeneralSecurityException { if (entry == null) { return null; } AuthorizedKeyEntry authEntry = ValidateUtils.checkNotNull(entry.getKeyEntry(), "No key extracted from %s", entry); PublicKey key = authEntry.resolvePublicKey(resolver); if (log.isDebugEnabled()) { log.debug("resolveHostKey({}) loaded {}-{}", entry, KeyUtils.getKeyType(key), KeyUtils.getFingerPrint(key)); } return key; }
/** * Invoked <U>after</U> known host entry located and keys match - by default * checks that entry has not been revoked * * @param clientSession The {@link ClientSession} * @param remoteAddress The remote host address * @param serverKey The presented server {@link PublicKey} * @param entry The {@link KnownHostEntry} value - if {@code null} then no * known matching host entry was found - default will call * {@link #acceptUnknownHostKey(ClientSession, SocketAddress, PublicKey)} * @return {@code true} if OK to accept the server */ protected boolean acceptKnownHostEntry(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, KnownHostEntry entry) { if (entry == null) { // not really expected, but manage it return acceptUnknownHostKey(clientSession, remoteAddress, serverKey); } if ("revoked".equals(entry.getMarker())) { log.debug("acceptKnownHostEntry({})[{}] key={}-{} marked as {}", clientSession, remoteAddress, KeyUtils.getKeyType(serverKey), KeyUtils.getFingerPrint(serverKey), entry.getMarker()); return false; } if (log.isDebugEnabled()) { log.debug("acceptKnownHostEntry({})[{}] matched key={}-{}", clientSession, remoteAddress, KeyUtils.getKeyType(serverKey), KeyUtils.getFingerPrint(serverKey)); } return true; }
@Override public List<HostEntryPair> lookup(ClientSession session, SocketAddress remote) { List<HostKeyFile> filesToUse = getFilesToUse(session); HostKeyHelper helper = new HostKeyHelper(); List<HostEntryPair> result = new ArrayList<>(); Collection<SshdSocketAddress> candidates = helper .resolveHostNetworkIdentities(session, remote); for (HostKeyFile file : filesToUse) { for (HostEntryPair current : file.get()) { KnownHostEntry entry = current.getHostEntry(); for (SshdSocketAddress host : candidates) { if (entry.isHostMatch(host.getHostName(), host.getPort())) { result.add(current); break; } } } } return result; }
entry.setConfigLine(line); ValidateUtils.checkTrue(pos > 0, "Missing marker name end delimiter in line=%s", data); ValidateUtils.checkTrue(pos > 1, "No marker name after indicator in line=%s", data); entry.setMarker(line.substring(1, pos)); line = line.substring(pos + 1).trim(); } else { entry.setMarker(null); ValidateUtils.checkNotNull(KnownHostHashValue.parse(hostPattern), "Failed to extract host hash value from line=%s", data); entry.setHashedEntry(hash); entry.setPatterns(null); } else { entry.setHashedEntry(null); entry.setPatterns(parsePatterns(GenericUtils.split(hostPattern, ','))); ValidateUtils.checkNotNull(AuthorizedKeyEntry.parseAuthorizedKeyEntry(line), "No valid key entry recovered from line=%s", data); entry.setKeyEntry(key); return entry;
throws Exception { KnownHostEntry entry = match.getHostEntry(); String matchLine = ValidateUtils.checkNotNullAndNotEmpty(entry.getConfigLine(), "No entry config line"); String newLine = prepareModifiedServerKeyLine(clientSession, remoteAddress, entry, matchLine, match.getServerKey(), actual); if (GenericUtils.isEmpty(newLine)) { entry.setConfigLine(newLine);
public static List<KnownHostEntry> readKnownHostEntries(URL url) throws IOException { try (InputStream input = url.openStream()) { return readKnownHostEntries(input, true); } }
for (SshdSocketAddress host : candidates) { try { if (entry.isHostMatch(host.getHostName(), host.getPort())) { if (debugEnabled) { log.debug("findKnownHostEntry({})[{}] matched host={} for entry={}", log.warn("findKnownHostEntry({})[{}] failed ({}) to check host={} for entry={}: {}", clientSession, remoteAddress, e.getClass().getSimpleName(), host, entry.getConfigLine(), e.getMessage()); if (debugEnabled) { log.debug("findKnownHostEntry(" + clientSession + ") host=" + host + ", entry=" + entry + " match failure details", e);
KnownHostEntry entry = parseKnownHostEntry(line); if (entry == null) { continue;
/** * Recover the associated public key from a known host entry * * @param session The {@link ClientSession} that triggered this request * @param entry The {@link KnownHostEntry} - ignored if {@code null} * @param resolver The {@link PublicKeyEntryResolver} to use if immediate * - decoding does not work - ignored if {@code null} * @return The extracted {@link PublicKey} - {@code null} if none * @throws IOException If failed to decode the key * @throws GeneralSecurityException If failed to generate the key * @see #getFallbackPublicKeyEntryResolver() * @see AuthorizedKeyEntry#resolvePublicKey(SessionContext, PublicKeyEntryResolver) */ protected PublicKey resolveHostKey( ClientSession session, KnownHostEntry entry, PublicKeyEntryResolver resolver) throws IOException, GeneralSecurityException { if (entry == null) { return null; } AuthorizedKeyEntry authEntry = ValidateUtils.checkNotNull(entry.getKeyEntry(), "No key extracted from %s", entry); PublicKey key = authEntry.resolvePublicKey(session, resolver); if (log.isDebugEnabled()) { log.debug("resolveHostKey({}) loaded {}-{}", entry, KeyUtils.getKeyType(key), KeyUtils.getFingerPrint(key)); } return key; }
/** * Invoked <U>after</U> known host entry located and keys match - by default * checks that entry has not been revoked * * @param clientSession The {@link ClientSession} * @param remoteAddress The remote host address * @param serverKey The presented server {@link PublicKey} * @param entry The {@link KnownHostEntry} value - if {@code null} then no * known matching host entry was found - default will call * {@link #acceptUnknownHostKey(ClientSession, SocketAddress, PublicKey)} * @return {@code true} if OK to accept the server */ protected boolean acceptKnownHostEntry(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, KnownHostEntry entry) { if (entry == null) { // not really expected, but manage it return acceptUnknownHostKey(clientSession, remoteAddress, serverKey); } if ("revoked".equals(entry.getMarker())) { log.debug("acceptKnownHostEntry({})[{}] key={}-{} marked as {}", clientSession, remoteAddress, KeyUtils.getKeyType(serverKey), KeyUtils.getFingerPrint(serverKey), entry.getMarker()); return false; } if (log.isDebugEnabled()) { log.debug("acceptKnownHostEntry({})[{}] matched key={}-{}", clientSession, remoteAddress, KeyUtils.getKeyType(serverKey), KeyUtils.getFingerPrint(serverKey)); } return true; }