Skip to content

Commit

Permalink
Fix KnownHostsKeys#keys_for to match on the entire hostlist
Browse files Browse the repository at this point in the history
  • Loading branch information
byroot committed Aug 3, 2016
1 parent 283b1dc commit 6727dad
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 8 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ appear at the top.

* Add your entries below here, remember to credit yourself however you want
to be credited!
* Fix known_hosts caching to match on the entire hostlist
[PR #364](https://github.com/capistrano/sshkit/pull/364) @byroot

## [1.11.0][] (2016-06-14)

Expand Down
8 changes: 5 additions & 3 deletions lib/sshkit/backends/netssh/known_hosts.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,12 @@ def keys_for(hostlist)
parse_file unless keys && hashes
keys, hashes = hosts_keys, hosts_hashes

hostlist.split(',').each do |host|
key_list = keys[host]
return key_list if key_list
host_names = hostlist.split(',')

keys_found = host_names.map { |h| keys[h] || [] }.compact.inject(:&)
return keys_found unless keys_found.empty?

host_names.each do |host|
hashes.each do |(hmac, salt), hash_keys|
if OpenSSL::HMAC.digest(sha1, salt, host) == hmac
return hash_keys
Expand Down
1 change: 1 addition & 0 deletions test/known_hosts/github_ip
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
github.com,192.30.252.123 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
15 changes: 10 additions & 5 deletions test/unit/backends/test_netssh.rb
Original file line number Diff line number Diff line change
Expand Up @@ -56,23 +56,28 @@ def test_transfer_summarizer

if Net::SSH::Version::CURRENT >= Net::SSH::Version[3, 1, 0]
def test_known_hosts_for_when_all_hosts_are_recognized
perform_known_hosts_test("github")
perform_known_hosts_test('github', 'github.com')
end

def test_known_hosts_for_when_an_host_hash_is_recognized
perform_known_hosts_test("github_hash")
perform_known_hosts_test('github_hash', 'github.com')
end

def test_known_hosts_for_with_multiple_hosts
perform_known_hosts_test('github', '192.30.252.123,github.com', 0)
perform_known_hosts_test('github_ip', '192.30.252.123,github.com', 1)
end
end

private

def perform_known_hosts_test(hostfile)
def perform_known_hosts_test(hostfile, hostlist, keys_count = 1)
source = File.join(File.dirname(__FILE__), '../../known_hosts', hostfile)
kh = Netssh::KnownHosts.new
keys = kh.search_for('github.com', user_known_hosts_file: source, global_known_hosts_file: Tempfile.new('sshkit-test').path)
keys = kh.search_for(hostlist, user_known_hosts_file: source, global_known_hosts_file: Tempfile.new('sshkit-test').path)

assert_instance_of ::Net::SSH::HostKeys, keys
assert_equal(1, keys.count)
assert_equal(keys_count, keys.count)
keys.each do |key|
assert_equal("ssh-rsa", key.ssh_type)
end
Expand Down

0 comments on commit 6727dad

Please sign in to comment.