Disallow SSH host names starting with a dash

author: Eelco Dolstra <edolstra@gmail.com> 2017-08-11T11·55+0200
committer: Eelco Dolstra <edolstra@gmail.com> 2017-08-16T18·55+0200
commit: e4bd42f98f7da0ac49cdea579d1e43be64c0621f (patch)
tree: 6632534b273cc8454788f120c1b6d3279cebe33f
parent: 82c4b37c6fb8f32012b6922436ded3c590a69852 (diff)
2 files changed, 12 insertions, 8 deletions
diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc
index 776ffdb83431..7ff7a9bffc49 100644
--- a/src/libstore/ssh.cc
+++ b/src/libstore/ssh.cc
@@ -2,6 +2,17 @@
 
 namespace nix {
 
+SSHMaster::SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD)
+    : host(host)
+    , keyFile(keyFile)
+    , useMaster(useMaster)
+    , compress(compress)
+    , logFD(logFD)
+{
+    if (host == "" || hasPrefix(host, "-"))
+        throw Error("invalid SSH host name '%s'", host);
+}
+
 void SSHMaster::addCommonSSHOpts(Strings & args)
 {
     for (auto & i : tokenizeString<Strings>(getEnv("NIX_SSHOPTS")))
diff --git a/src/libstore/ssh.hh b/src/libstore/ssh.hh
index 18dea227ad1f..1268e6d00054 100644
--- a/src/libstore/ssh.hh
+++ b/src/libstore/ssh.hh
@@ -28,14 +28,7 @@ private:
 
 public:
 
-    SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD = -1)
-        : host(host)
-        , keyFile(keyFile)
-        , useMaster(useMaster)
-        , compress(compress)
-        , logFD(logFD)
-    {
-    }
+    SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD = -1);
 
     struct Connection
     {
author	Eelco Dolstra <edolstra@gmail.com>	2017-08-11T11·55+0200
committer	Eelco Dolstra <edolstra@gmail.com>	2017-08-16T18·55+0200
commit	e4bd42f98f7da0ac49cdea579d1e43be64c0621f (patch)
tree	6632534b273cc8454788f120c1b6d3279cebe33f
parent	82c4b37c6fb8f32012b6922436ded3c590a69852 (diff)