lgoldstein commented on a change in pull request #119: Add support for openssh
host key certificates
URL: https://github.com/apache/mina-sshd/pull/119#discussion_r410049274
##########
File path:
sshd-core/src/main/java/org/apache/sshd/server/session/AbstractServerSession.java
##########
@@ -367,9 +382,26 @@ protected String
resolveAvailableSignaturesProposal(FactoryManager proposedManag
KeyPairProvider kpp = getKeyPairProvider();
boolean debugEnabled = log.isDebugEnabled();
- Iterable<String> provided;
+ Set<String> provided = null;
try {
- provided = (kpp == null) ? null : kpp.getKeyTypes(this);
+ if (kpp != null) {
+ provided =
StreamSupport.stream(kpp.getKeyTypes(this).spliterator(), false)
+ .collect(Collectors.toSet());
+
+ HostKeyCertificateProvider hostKeyCertificateProvider =
getHostKeyCertificateProvider();
+ if (hostKeyCertificateProvider != null) {
+ Iterable<OpenSshCertificate> certificates =
hostKeyCertificateProvider.loadCertificates(this);
+ for (OpenSshCertificate certificate : certificates) {
+ // Add the certificate alg only if the corresponding
keyPair type is available
+ if (provided.contains(certificate.getRawKeyType())) {
+ provided.add(certificate.getKeyType());
+ } else {
Review comment:
I have reviewed the code and reached the conclusion that you are right -
"laziness" is not an issue in this case
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
