hubick commented on issue #391:
URL: https://github.com/apache/mina-sshd/issues/391#issuecomment-1590448048
```
/**
* Extend KnownHostsServerKeyVerifier to handle the known_hosts file
existing as
* a resource within a jar file.
*/
protected static class StaticKnownHostsKeyVerifier extends
KnownHostsServerKeyVerifier
{
protected final List<KnownHostsServerKeyVerifier.HostEntryPair>
knownHosts;
public StaticKnownHostsKeyVerifier(final ServerKeyVerifier delegate,
final URL knownHostsURL)
throws IOException, URISyntaxException
{
super(delegate, getWatchedPath(knownHostsURL));
knownHosts = getPath().endsWith(".jar") ?
readKnownHosts(knownHostsURL) : Collections.emptyList();
return;
}
/**
* If known_hosts is inside a jar file, Paths.get() will throw a
* java.nio.file.FileSystemNotFoundException if fed the resource URI
directly,
* but we need to give the parent class some Path to watch, so in
that case,
* this method will just return the Path to the jar file itself.
*/
protected static final Path getWatchedPath(final URL knownHostsURL)
throws URISyntaxException
{
/*
* In a URL to a jar resource, everything up to the '!' is the
path to the jar
* itself, and everything after the '!' is the path *within* the
jar to the
* resource (known_hosts) file.
*/
if (knownHostsURL.getPath().indexOf('!') >= 0)
{
final String uri = knownHostsURL.toURI().toString();
return Paths.get(uri.substring(0, uri.indexOf('!')));
}
return Paths.get(knownHostsURL.toURI()); // URL isn't inside a
jar, so just return the actual path.
}
protected static final
List<KnownHostsServerKeyVerifier.HostEntryPair> readKnownHosts(final URL
knownHostsURL)
throws IOException
{
return KnownHostEntry.readKnownHostEntries(knownHostsURL)
.stream()
.map(knownHost -> {
try
{
return new
KnownHostsServerKeyVerifier.HostEntryPair(knownHost,
knownHost.getKeyEntry().resolvePublicKey(null, null));
} catch (Exception e)
{
return null;
}
})
.filter(Objects::nonNull)
.collect(Collectors.toList());
}
@Override
public boolean checkReloadRequired() throws IOException
{
if (getPath().endsWith(".jar"))
return false;
return super.checkReloadRequired();
}
protected List<KnownHostsServerKeyVerifier.HostEntryPair>
reloadKnownHosts(final ClientSession session,
final Path file)
throws IOException, GeneralSecurityException
{
if (getPath().endsWith(".jar"))
return knownHosts;
return super.reloadKnownHosts(session, file);
}
} // StaticKnownHostsKeyVerifier
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
