Call lookup_hostname only under reject policy

de0fda1a · Sheng · 33703f0c · de0fda1a
Commit de0fda1a authored Oct 08, 2018 by Sheng
Show whitespace changes
Inline Side-by-side

Showing with 14 additions and 12 deletions

handler.py webssh/handler.py +14 -12

No files found.
--- a/webssh/handler.py
+++ b/webssh/handler.py
@@ -152,16 +152,6 @@ class IndexHandler(MixinHandler, tornado.web.RequestHandler):
            raise InvalidValueError('Invalid hostname: {}'.format(value))
        return value
-    def lookup_hostname(self, hostname, port):
-        if isinstance(self.policy, paramiko.RejectPolicy):
-            key = hostname if port == 22 else '[{}]:{}'.format(hostname, port)
-            if self.ssh_client._system_host_keys.lookup(key) is None:
-                if self.ssh_client._host_keys.lookup(key) is None:
-                    raise ValueError(
-                        'Connection to {}:{} is not allowed.'.format(
-                            hostname, port)
-                    )
    def get_port(self):
        value = self.get_value('port')
        try:
@@ -174,16 +164,28 @@ class IndexHandler(MixinHandler, tornado.web.RequestHandler):
        raise InvalidValueError('Invalid port: {}'.format(value))
+    def lookup_hostname(self, hostname, port):
+        key = hostname if port == 22 else '[{}]:{}'.format(hostname, port)
+        if self.ssh_client._system_host_keys.lookup(key) is None:
+            if self.ssh_client._host_keys.lookup(key) is None:
+                raise ValueError(
+                    'Connection to {}:{} is not allowed.'.format(
+                        hostname, port)
+                )
    def get_args(self):
        hostname = self.get_hostname()
        port = self.get_port()
+        if isinstance(self.policy, paramiko.RejectPolicy):
            self.lookup_hostname(hostname, port)
        username = self.get_value('username')
        password = self.get_argument('password', u'')
        privatekey = self.get_privatekey()
        if privatekey:
-            pkey = self.get_pkey_obj(privatekey, password,
+            pkey = self.get_pkey_obj(
-                                     self.privatekey_filename)
+                privatekey, password, self.privatekey_filename
+            )
        else:
            pkey = None
        args = (hostname, port, username, password, pkey)