From 4a3107a001fd81eb6305b9bc52eeb00296b58b00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juhani=20Krekel=C3=A4?= <juhani.haverinen@gmail.com>
Date: Fri, 31 Aug 2018 20:12:19 +0300
Subject: [PATCH] Handle the known_hosts format more comprehensively

---
 src/process_known_hosts.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/process_known_hosts.py b/src/process_known_hosts.py
index 7a16e72..c0a9e00 100644
--- a/src/process_known_hosts.py
+++ b/src/process_known_hosts.py
@@ -85,13 +85,24 @@ def process_line(line, ignore_ips):
 
 	If ignore_ips is True, only create entries for domain names."""
 	assert type(line) == str
+	assert type(ignore_ips) == bool
 
 	# Remove trailing newlines
 	if line[-1] == '\n': line = line[:-1]
 
+	# Remove comments if any
+	comment_start = line.find('#')
+	if comment_start != -1:
+		line = line[comment_start:]
+
 	# Just skip over empty lines
 	if line == '': return []
 
+	# Also skip over @cert-authority and @revoked lines
+	# TODO: Handle @revoked somehow?
+	if line.split(' ')[0] in ['@cert-authority', '@revoked']:
+		return []
+
 	# Each line has host(s), algorithm, public key, and possibly one
 	# more optional field
 	fields = line.split(' ')
@@ -124,6 +135,11 @@ def process_line(line, ignore_ips):
 		if host[0] == '|':
 			raise HashedHostError('Cannot deal with hashed hosts')
 
+		# If the host has '*' or '?' it's a wild card
+		# We cannot deal with those
+		if '*' in host or '|' in host:
+			raise HashedHostError('Cannot deal with wildcards')
+
 		# If the host behins with '[' it's a nonstandard port
 		# The format will be [domain]:port
 		# Extractt both