Handle the known_hosts format more comprehensively

src/process_known_hosts.py

@@ -85,13 +85,24 @@ def process_line(line, ignore_ips):
 
 	If ignore_ips is True, only create entries for domain names."""
 	assert type(line) == str
+	assert type(ignore_ips) == bool
 
 	# Remove trailing newlines
 	if line[-1] == '\n': line = line[:-1]
 
+	# Remove comments if any
+	comment_start = line.find('#')
+	if comment_start != -1:
+		line = line[comment_start:]
+
 	# Just skip over empty lines
 	if line == '': return []
 
+	# Also skip over @cert-authority and @revoked lines
+	# TODO: Handle @revoked somehow?
+	if line.split(' ')[0] in ['@cert-authority', '@revoked']:
+		return []
+
 	# Each line has host(s), algorithm, public key, and possibly one
 	# more optional field
 	fields = line.split(' ')
@@ -124,6 +135,11 @@ def process_line(line, ignore_ips):
 		if host[0] == '|':
 			raise HashedHostError('Cannot deal with hashed hosts')
 
+		# If the host has '*' or '?' it's a wild card
+		# We cannot deal with those
+		if '*' in host or '|' in host:
+			raise HashedHostError('Cannot deal with wildcards')
+
 		# If the host behins with '[' it's a nonstandard port
 		# The format will be [domain]:port
 		# Extractt both