-/* $OpenBSD: sshconnect.c,v 1.359 2022/10/24 22:43:36 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.360 2022/11/03 21:59:20 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
return 0;
}
+ /*
+ * Don't ever try to write an invalid name to a known hosts file.
+ * Note: do this before get_hostfile_hostname_ipaddr() to catch
+ * '[' or ']' in the name before they are added.
+ */
+ if (strcspn(hostname, "@?*#[]|'\'\"\\") != strlen(hostname)) {
+ debug_f("invalid hostname \"%s\"; will not record: %s",
+ hostname, fail_reason);
+ readonly = RDONLY;
+ }
+
/*
* Prepare the hostname and address strings used for hostkey lookup.
* In some cases, these will have a port number appended.
(host_found != NULL && host_found->note != 0)))
readonly = RDONLY;
- /* Don't ever try to write an invalid name to a known hosts file */
- if (!valid_domain(hostname, 0, &fail_reason)) {
- debug_f("invalid hostname \"%s\"; will not record: %s",
- hostname, fail_reason);
- readonly = RDONLY;
- }
-
/*
* Also perform check for the ip address, skip the check if we are
* localhost, looking for a certificate, or the hostname was an ip
projects / thirdparty / openssh-portable.git / commitdiff
