diff options
Diffstat (limited to 'lib/net/ssh/verifiers')
| -rw-r--r-- | lib/net/ssh/verifiers/secure.rb | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/lib/net/ssh/verifiers/secure.rb b/lib/net/ssh/verifiers/secure.rb index 3aa8b0b..899fe26 100644 --- a/lib/net/ssh/verifiers/secure.rb +++ b/lib/net/ssh/verifiers/secure.rb @@ -13,19 +13,16 @@ module Net; module SSH; module Verifiers # Otherwise, this returns true. class Secure def verify(arguments) - options = arguments[:session].options - host = options[:host_key_alias] || arguments[:session].host_as_string - known_hosts = options.fetch(:known_hosts, KnownHosts) - matches = arguments[:session].host_keys + host_keys = arguments[:session].host_key # We've never seen this host before, so raise an exception. - if matches.empty? - process_cache_miss(known_hosts, host, arguments, HostKeyUnknown, "is unknown") + if host_keys.empty? + process_cache_miss(host_keys, arguments, HostKeyUnknown, "is unknown") end # If we found any matches, check to see that the key type and # blob also match. - found = matches.any? do |key| + found = host_keys.any? do |key| key.ssh_type == arguments[:key].ssh_type && key.to_blob == arguments[:key].to_blob end @@ -33,7 +30,7 @@ module Net; module SSH; module Verifiers # If a match was found, return true. Otherwise, raise an exception # indicating that the key was not recognized. unless found - process_cache_miss(host, arguments, HostKeyMismatch, "does not match") + process_cache_miss(host_keys, HostKeyMismatch, "does not match") end found @@ -41,12 +38,12 @@ module Net; module SSH; module Verifiers private - def process_cache_miss(known_hosts, host, args, exc_class, message) + def process_cache_miss(host_keys, args, exc_class, message) exception = exc_class.new("fingerprint #{args[:fingerprint]} " + - "#{message} for #{host.inspect}") + "#{message} for #{host_keys.host.inspect}") exception.data = args exception.callback = Proc.new do - known_hosts.add(host, args[:key], args[:session].options) + host_keys.add_host_key(args[:key]) end raise exception end |