From a71a7d7d330e7e1e8377e384862a0fbe98c7fb44 Mon Sep 17 00:00:00 2001
From: Jeroen van Erp <jeroen@hierynomus.com>
Date: Mon, 13 Nov 2017 15:49:48 +0100
Subject: [PATCH] Fix escaping in WildcardHostMatcher (#382)

* Escape '[' and ']' in WildcardHostMatcher

* Anchoring regex to match entire string (Fixes #381)
---
 .../sshj/transport/verification/KnownHostMatchers.java       | 2 +-
 .../sshj/transport/verification/OpenSSHKnownHosts.java       | 2 +-
 .../sshj/transport/verification/KnownHostMatchersTest.groovy | 5 +++++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/hierynomus/sshj/transport/verification/KnownHostMatchers.java b/src/main/java/com/hierynomus/sshj/transport/verification/KnownHostMatchers.java
index 2c52d96b..08e5d8b7 100644
--- a/src/main/java/com/hierynomus/sshj/transport/verification/KnownHostMatchers.java
+++ b/src/main/java/com/hierynomus/sshj/transport/verification/KnownHostMatchers.java
@@ -135,7 +135,7 @@ public class KnownHostMatchers {
         private final Pattern pattern;
 
         public WildcardHostMatcher(String hostEntry) {
-            this.pattern = Pattern.compile(hostEntry.replace(".", "\\.").replace("*", ".*").replace("?", "."));
+            this.pattern = Pattern.compile("^" + hostEntry.replace("[", "\\[").replace("]", "\\]").replace(".", "\\.").replace("*", ".*").replace("?", ".") + "$");
         }
 
         @Override
diff --git a/src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java b/src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java
index 1c035b98..38b3c300 100644
--- a/src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java
+++ b/src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java
@@ -360,7 +360,7 @@ public class OpenSSHKnownHosts
         }
 
         protected String getHostPart() {
-            return  hostPart;
+            return hostPart;
         }
     }
 
diff --git a/src/test/groovy/com/hierynomus/sshj/transport/verification/KnownHostMatchersTest.groovy b/src/test/groovy/com/hierynomus/sshj/transport/verification/KnownHostMatchersTest.groovy
index 715989fd..d335c753 100644
--- a/src/test/groovy/com/hierynomus/sshj/transport/verification/KnownHostMatchersTest.groovy
+++ b/src/test/groovy/com/hierynomus/sshj/transport/verification/KnownHostMatchersTest.groovy
@@ -49,6 +49,11 @@ class KnownHostMatchersSpec extends Specification {
         "aaa.b??.com" | "aaa.bccd.com" | false
         "|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=" | "192.168.1.61" | true
         "|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=" | "192.168.2.61" | false
+        "[aaa.bbb.com]:2222" | "aaa.bbb.com" | false
+        "[aaa.bbb.com]:2222" | "[aaa.bbb.com]:2222" | true
+        "[aaa.?bb.com]:2222" | "[aaa.dbb.com]:2222" | true
+        "[aaa.?xb.com]:2222" | "[aaa.dbb.com]:2222" | false
+        "[*.bbb.com]:2222" | "[aaa.bbb.com]:2222" | true
         yesno = match ? "" : "no"
     }
 }