removed insecure code that might cause Man-in-the-middle attack

This commit is contained in:
mohammed jasem alaajel 2022-02-04 09:01:31 +04:00
parent 914c01f532
commit 26c5adbbc8
2 changed files with 18 additions and 5 deletions

View File

@ -7,6 +7,8 @@ import org.bukkit.plugin.java.JavaPlugin;
import org.bukkit.scheduler.BukkitRunnable;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
public class AppleTunneler extends JavaPlugin {
@ -17,10 +19,7 @@ public class AppleTunneler extends JavaPlugin {
if (sshSession != null) {
sshSession.disconnect();
}
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
sshSession = jsch.getSession(getUsername(), getHost(), getPort());
sshSession.setConfig(config);
sshSession.connect(2000);
loadRemoteToLocalPortForwarding();
}
@ -59,12 +58,26 @@ public class AppleTunneler extends JavaPlugin {
}
}
private void loadKnownHostFile() throws FileNotFoundException, JSchException {
File knownHosts = new File(getDataFolder(), ".known_hosts");
if (knownHosts.isDirectory()) {
knownHosts.delete();
}
if (!knownHosts.exists()) {
getLogger().severe("FILE at path: " + knownHosts.getAbsolutePath() + " Does not exists");
throw new RuntimeException("Known host file does not exists in plugin folder");
}
this.jsch.setKnownHosts(new FileInputStream(knownHosts));
}
@Override
public void onEnable() {
this.saveDefaultConfig();
try {
loadIds();
} catch (JSchException e) {
loadKnownHostFile();
} catch (JSchException | FileNotFoundException e) {
throw new RuntimeException(e);
}
try {

View File

@ -4,7 +4,7 @@
username: apple
# host eg: domains can be used.
host: 192.168.0.100
# port
# ssh port
port: 22
# Syntax is "local-port:remote-host:remote-port"