lgoldstein commented on code in PR #222:
URL: https://github.com/apache/mina-sshd/pull/222#discussion_r869427309
##########
sshd-common/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java:
##########
@@ -348,29 +348,36 @@ public List<OpenSshCertificate.CertificateOption>
getCertificateOptions() {
/**
* According to <A HREF=
- *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L222-L262";>PROTOCOL.certkeys</A>:
+ *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L221-L319";>PROTOCOL.certkeys</A>:
*
* Critical Options is a set of bytes that is
*
- * [overall length][name(string)][data(string)]...
+ * [overall length][name(string)][[length of buffer][[length of
string][data(string)]]]...
*
- * Where each Critical Option is encoded as a name (string) and data
(string)
+ * Where each Certificate Option is encoded as a name (string) and buffer
of data (string packed in a buffer)
*
- * Then the entire name + data strings are added as bytes (which will get
a length prefix)
+ * Then the entire name (string) + data (buffer) are added as bytes (which
will get a length prefix)
*
* @param charset {@link Charset} to use for converting bytes to
characters
* @return the parsed result, never {@code null}, but possibly
empty
*/
public List<OpenSshCertificate.CertificateOption>
getCertificateOptions(Charset charset) {
- // pull out entire Critical Options section
- final ByteArrayBuffer optionBuffer = new ByteArrayBuffer(getBytes());
-
List<OpenSshCertificate.CertificateOption> list = new ArrayList<>();
- while (optionBuffer.available() > 0) {
- String name = optionBuffer.getString(charset);
- String data =
GenericUtils.trimToEmpty(optionBuffer.getString(charset));
- list.add(new OpenSshCertificate.CertificateOption(name,
data.length() > 0 ? data : null));
+ if (available() > 0) {
+ // pull out entire Certificate Options section
+ final ByteArrayBuffer optionBuffer = new
ByteArrayBuffer(getBytes());
Review Comment:
No need for *final* keyword
##########
sshd-common/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java:
##########
@@ -348,29 +348,36 @@ public List<OpenSshCertificate.CertificateOption>
getCertificateOptions() {
/**
* According to <A HREF=
- *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L222-L262";>PROTOCOL.certkeys</A>:
+ *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L221-L319";>PROTOCOL.certkeys</A>:
*
* Critical Options is a set of bytes that is
*
- * [overall length][name(string)][data(string)]...
+ * [overall length][name(string)][[length of buffer][[length of
string][data(string)]]]...
*
- * Where each Critical Option is encoded as a name (string) and data
(string)
+ * Where each Certificate Option is encoded as a name (string) and buffer
of data (string packed in a buffer)
*
- * Then the entire name + data strings are added as bytes (which will get
a length prefix)
+ * Then the entire name (string) + data (buffer) are added as bytes (which
will get a length prefix)
*
* @param charset {@link Charset} to use for converting bytes to
characters
* @return the parsed result, never {@code null}, but possibly
empty
*/
public List<OpenSshCertificate.CertificateOption>
getCertificateOptions(Charset charset) {
- // pull out entire Critical Options section
- final ByteArrayBuffer optionBuffer = new ByteArrayBuffer(getBytes());
-
List<OpenSshCertificate.CertificateOption> list = new ArrayList<>();
- while (optionBuffer.available() > 0) {
- String name = optionBuffer.getString(charset);
- String data =
GenericUtils.trimToEmpty(optionBuffer.getString(charset));
- list.add(new OpenSshCertificate.CertificateOption(name,
data.length() > 0 ? data : null));
+ if (available() > 0) {
+ // pull out entire Certificate Options section
+ final ByteArrayBuffer optionBuffer = new
ByteArrayBuffer(getBytes());
Review Comment:
Why can't it be `Buffer optionBuffer = new ...` - are you using any
*ByteArrayBuffer* methods that are not available via the *Buffer* class ?
Hint: recommend to use the "weakest" variable type you need and not what you
know its full type is.
##########
sshd-common/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java:
##########
@@ -348,29 +348,36 @@ public List<OpenSshCertificate.CertificateOption>
getCertificateOptions() {
/**
* According to <A HREF=
- *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L222-L262";>PROTOCOL.certkeys</A>:
+ *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L221-L319";>PROTOCOL.certkeys</A>:
*
* Critical Options is a set of bytes that is
*
- * [overall length][name(string)][data(string)]...
+ * [overall length][name(string)][[length of buffer][[length of
string][data(string)]]]...
*
- * Where each Critical Option is encoded as a name (string) and data
(string)
+ * Where each Certificate Option is encoded as a name (string) and buffer
of data (string packed in a buffer)
*
- * Then the entire name + data strings are added as bytes (which will get
a length prefix)
+ * Then the entire name (string) + data (buffer) are added as bytes (which
will get a length prefix)
*
* @param charset {@link Charset} to use for converting bytes to
characters
* @return the parsed result, never {@code null}, but possibly
empty
*/
public List<OpenSshCertificate.CertificateOption>
getCertificateOptions(Charset charset) {
- // pull out entire Critical Options section
- final ByteArrayBuffer optionBuffer = new ByteArrayBuffer(getBytes());
-
List<OpenSshCertificate.CertificateOption> list = new ArrayList<>();
- while (optionBuffer.available() > 0) {
- String name = optionBuffer.getString(charset);
- String data =
GenericUtils.trimToEmpty(optionBuffer.getString(charset));
- list.add(new OpenSshCertificate.CertificateOption(name,
data.length() > 0 ? data : null));
+ if (available() > 0) {
+ // pull out entire Certificate Options section
+ final ByteArrayBuffer optionBuffer = new
ByteArrayBuffer(getBytes());
+
+ while (optionBuffer.available() > 0) {
+ String name = optionBuffer.getString(charset);
+ String data = null;
+ final ByteArrayBuffer dataBuffer = new
ByteArrayBuffer(optionBuffer.getBytes());
Review Comment:
Same remarks as before (including no need for *final*)
##########
sshd-core/src/main/java/org/apache/sshd/certificate/OpenSshCertificateBuilder.java:
##########
@@ -104,7 +110,21 @@ public OpenSshCertificateBuilder
principals(Collection<String> principals) {
}
public OpenSshCertificateBuilder
criticalOptions(List<OpenSshCertificate.CertificateOption> criticalOptions) {
- this.criticalOptions = criticalOptions;
+ if (criticalOptions != null && !criticalOptions.isEmpty()) {
+ // check if any duplicates
+ Set<String> names = new HashSet<String>();
Review Comment:
No need to specify type of *HashSet* use diamond...
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
