Conversation
TanmayArya-1p
force-pushed
the
fix-known_hosts-parsing
branch
from
0ef49b9 to
e0fc693
Compare
|
This is a draft implementation should fix the linked issue. I want to try to go through OpenSSH's parsing logic just to make sure we haven't missed any other critical cases here. |
|
Looked at the unit tests for openssh: The parser correctly handles the test cases defined there as far as i can see. |
rustbot
added
the
S-waiting-on-review
|
r? @epage rustbot has assigned @epage. Use Why was this reviewer chosen?The reviewer was selected based on:
|
| } | ||
| } | ||
|
|
||
| fn is_bracketed_with_port(pattern: &str) -> bool { |
There was a problem hiding this comment.
We should also have test for this bracketed ports. Also, do you have any examples for this?
There was a problem hiding this comment.
A host that is bracketed with ports was already tested here so this works as an example:
cargo/src/cargo/sources/git/known_hosts.rs
Line 774 in b9f0d83
I also noticed another bug in the know_hosts parsing that was not mentioned in the original issue:
Say we have the following know_hosts file:
# known_hosts
[example.net]:2222 ssh-dss AAAAB3N..
e:2222 will successfully match because [example.com]:2222 is treated as a glob. In glob matching syntax, [ ] matches if any single character within the brackets matches.
Take a look at this for reference:
https://www.digitalocean.com/community/tools/glob?comments=true&glob=%5Bexample.net%5D%3A2222&matches=false&tests=e%3A2222
I have also added a test that validates against this behaviour here
Here is the block of code responsible:
cargo/src/cargo/sources/git/known_hosts.rs
Lines 612 to 623 in b9f0d83
Just for my future reference, The OpenBSD manual says this about this format:
A hostname or address may optionally be enclosed within ‘[’ and ‘]’ brackets then followed by ‘:’ and a non standard port number.
I can squash and rearrange the commits into 2 atomic commits if you wish :)
TanmayArya-1p
force-pushed
the
fix-known_hosts-parsing
branch
from
accf428 to
2eae793
Compare
|
squashed into 2 atomic commits |
…lso fix parsing of bracketed hosts with port
TanmayArya-1p
force-pushed
the
fix-known_hosts-parsing
branch
from
2eae793 to
66f4d77
Compare
rustbot
removed
the
S-waiting-on-review
Update cargo submodule 15 commits in fe2f314aef06e688a9517da1ac0577bb1854d01f..14f99cc7806713d7353bb57c54e8af2740afe8f7 2026-01-30 21:52:01 +0000 to 2026-02-08 15:10:49 +0000 - refactor(timings): Remove `CanvasRenderer` in favor of `SvgRenderer` (rust-lang/cargo#16602) - Fix known hosts parsing (rust-lang/cargo#16596) - chore: pin openssl-src to 300.5.4 (rust-lang/cargo#16601) - chore(deps): bump time from 0.3.46 to 0.3.47 (rust-lang/cargo#16593) - feat(lints): Add missing_lints_inheritance (rust-lang/cargo#16588) - chore(deps): bump git2 from 0.20.3 to 0.20.4 (rust-lang/cargo#16589) - chore(deps): update msrv (3 versions) to v1.91 (rust-lang/cargo#16587) - feat(lints): Add unused_workspace_package_fields lint (rust-lang/cargo#16585) - Add command field to BuildStarted in build-analysis (rust-lang/cargo#16577) - Fix link for lockfile-publish-time (rust-lang/cargo#16582) - docs(cli): Discuss commands and aliases (rust-lang/cargo#16581) - fix(script): Correct style of help message (rust-lang/cargo#16580) - chore(deps): update compatible (rust-lang/cargo#16578) - chore(deps): update crate-ci/typos action to v1.42.3 (rust-lang/cargo#16579) - fix(timings): Only compute `y_ticks` when the `units` is not empty. (rust-lang/cargo#16575)
Update cargo submodule 27 commits in fe2f314aef06e688a9517da1ac0577bb1854d01f..0c9e687d237ff04b53ccb67b4ce63e9483789e88 2026-01-30 21:52:01 +0000 to 2026-02-11 05:58:30 +0000 - chore: downgrade to libc@0.2.180 (rust-lang/cargo#16624) - fix(script): Load config relative to the script (rust-lang/cargo#16620) - fix(lints): Don't run on-by-default lints when MSRV is too old (rust-lang/cargo#16618) - fix(build): Remove deprecated, unstable --out-dir (rust-lang/cargo#16608) - fix(script): Make the lockfile script-specific independent of build-dir (rust-lang/cargo#16619) - fix(lockfile-path): Respect the config in fix, install (rust-lang/cargo#16617) - chore: upgrade to gix@0.79.0 (rust-lang/cargo#16615) - chore: downgrade to libc@0.2.179 (rust-lang/cargo#16613) - feat(timings): Enable text selection in the charts (rust-lang/cargo#16607) - Add host.runner for wrapping host build target executions (rust-lang/cargo#16599) - feat(schema): Add `impl Copy for RustVersion` (rust-lang/cargo#16609) - refactor(lints): Cleanup (rust-lang/cargo#16610) - refactor(timings): Remove `CanvasRenderer` in favor of `SvgRenderer` (rust-lang/cargo#16602) - Fix known hosts parsing (rust-lang/cargo#16596) - chore: pin openssl-src to 300.5.4 (rust-lang/cargo#16601) - chore(deps): bump time from 0.3.46 to 0.3.47 (rust-lang/cargo#16593) - feat(lints): Add missing_lints_inheritance (rust-lang/cargo#16588) - chore(deps): bump git2 from 0.20.3 to 0.20.4 (rust-lang/cargo#16589) - chore(deps): update msrv (3 versions) to v1.91 (rust-lang/cargo#16587) - feat(lints): Add unused_workspace_package_fields lint (rust-lang/cargo#16585) - Add command field to BuildStarted in build-analysis (rust-lang/cargo#16577) - Fix link for lockfile-publish-time (rust-lang/cargo#16582) - docs(cli): Discuss commands and aliases (rust-lang/cargo#16581) - fix(script): Correct style of help message (rust-lang/cargo#16580) - chore(deps): update compatible (rust-lang/cargo#16578) - chore(deps): update crate-ci/typos action to v1.42.3 (rust-lang/cargo#16579) - fix(timings): Only compute `y_ticks` when the `units` is not empty. (rust-lang/cargo#16575)
4 participants
Fixes #16595
Previously,
ssh.example.comwould match the following line inknown_hosts*example.com,!*h.example.com ssh-ed25519 AAAAC...But it should not match according to the OpenBSD manual. Trying this with
git-fetch-with-cli = trueprompts the user to add the new fingerprint. (But without git cli, Cargo does not throw an error even though it should)How to test and review this PR?
I added a test to known_hosts.rs that demonstrates the new behaviour