HostKeyAlgorithms: ensure result never contains duplicates

Currently the behavior of HostKeyAlgorithms never contains duplicates, only by virtue of golang.org/x/crypto/ssh/knownhosts exposing a maximum of one key per algorithm in its KeyError.Want slice. However, that upstream behavior could theoretically change in the future, especially since golang.org/x/crypto is versioned as a pre-v1 module, and the one-key-per-type behavior is only documented as a comment (e.g. not part of any type or function signature). This commit makes our HostKeyAlgorithms function more robust / future-proof by ensuring that its result does not contain duplicates, regardless of upstream behavior. This means if golang/go#28870 is solved (for example by golang/crypto#254), there should not be any harm to our behavior here in github.com/skeema/knownhosts.
skeema · Sep 18, 2023 · 3a35d9f · 3a35d9f
1 parent 2442217
commit 3a35d9f
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 4 deletions.
diff --git a/knownhosts.go b/knownhosts.go
@@ -69,8 +69,19 @@ func (hkcb HostKeyCallback) HostKeys(hostWithPort string) (keys []ssh.PublicKey)
 // known_hosts entries (for different key types), the result will be sorted by
 // known_hosts filename and line number.
 func (hkcb HostKeyCallback) HostKeyAlgorithms(hostWithPort string) (algos []string) {
- for _, key := range hkcb.HostKeys(hostWithPort) {
- algos = append(algos, key.Type())
+ // We ensure that algos never contains duplicates. This is done for robustness
+ // even though currently golang.org/x/crypto/ssh/knownhosts never exposes
+ // multiple keys of the same type. This way our behavior here is unaffected
+ // even if https://github.com/golang/go/issues/28870 is implemented, for
+ // example by https://github.com/golang/crypto/pull/254.
+ hostKeys := hkcb.HostKeys(hostWithPort)
+ seen := make(map[string]struct{}, len(hostKeys))
+ for _, key := range hostKeys {
+ typ := key.Type()
+ if _, already := seen[typ]; !already {
+ algos = append(algos, typ)
+ seen[typ] = struct{}{}
+ }
  }
  return algos
 }

diff --git a/knownhosts_test.go b/knownhosts_test.go
@@ -248,15 +248,15 @@ func getTestKnownHosts(t *testing.T) string {
 
 // writeTestKnownHosts generates the test known_hosts file and returns the
 // file path to it. The generated file contains several hosts with a mix of
-// key types; each known host has between 1 and 3 different known host keys.
+// key types; each known host has between 1 and 4 different known host keys.
 // If generating or writing the file fails, the test fails.
 func writeTestKnownHosts(t *testing.T) string {
  t.Helper()
  hosts := map[string][]ssh.PublicKey{
  "only-rsa.example.test:22": {generatePubKeyRSA(t)},
  "only-ecdsa.example.test:22": {generatePubKeyECDSA(t)},
  "only-ed25519.example.test:22": {generatePubKeyEd25519(t)},
- "multi.example.test:2233": {generatePubKeyRSA(t), generatePubKeyECDSA(t), generatePubKeyEd25519(t)},
+ "multi.example.test:2233": {generatePubKeyRSA(t), generatePubKeyECDSA(t), generatePubKeyEd25519(t), generatePubKeyEd25519(t)},
  "192.168.1.102:2222": {generatePubKeyECDSA(t), generatePubKeyEd25519(t)},
  "[fe80::abc:abc:abcd:abcd]:22": {generatePubKeyEd25519(t), generatePubKeyRSA(t)},
  }