makes ssh plugin resilient against invalid entries in hosts file

fixes #10238
pull/10331/merge
Brian Coca 9 years ago
parent e349004325
commit 496186f5de

@ -243,21 +243,23 @@ class Connection(ConnectionBase):
tokens = line.split() tokens = line.split()
if not tokens: if not tokens:
continue continue
if tokens[0].find(self.HASHED_KEY_MAGIC) == 0:
# this is a hashed known host entry if isinstance(tokens, list) and tokens: # skip invalid hostlines
try: if tokens[0].find(self.HASHED_KEY_MAGIC) == 0:
(kn_salt,kn_host) = tokens[0][len(self.HASHED_KEY_MAGIC):].split("|",2) # this is a hashed known host entry
hash = hmac.new(kn_salt.decode('base64'), digestmod=sha1) try:
hash.update(host) (kn_salt,kn_host) = tokens[0][len(self.HASHED_KEY_MAGIC):].split("|",2)
if hash.digest() == kn_host.decode('base64'): hash = hmac.new(kn_salt.decode('base64'), digestmod=sha1)
hash.update(host)
if hash.digest() == kn_host.decode('base64'):
return False
except:
# invalid hashed host key, skip it
continue
else:
# standard host file entry
if host in tokens[0]:
return False return False
except:
# invalid hashed host key, skip it
continue
else:
# standard host file entry
if host in tokens[0]:
return False
if (hfiles_not_found == len(host_file_list)): if (hfiles_not_found == len(host_file_list)):
self._display.vvv("EXEC previous known host file not found for {0}".format(host)) self._display.vvv("EXEC previous known host file not found for {0}".format(host))

Loading…
Cancel
Save