From 5cec74dae1bf439a3d137152e77badc7214ddc7c Mon Sep 17 00:00:00 2001
From: Adam Curtis <adam.curtis.dev@gmail.com>
Date: Fri, 19 Jan 2024 12:16:32 -0500
Subject: [PATCH] fix shell escaping in networking config

---
 modules/networking/default.nix    |  6 +++---
 tests/networking-shell-escape.nix | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 tests/networking-shell-escape.nix

diff --git a/modules/networking/default.nix b/modules/networking/default.nix
index af82c39..c70b07d 100644
--- a/modules/networking/default.nix
+++ b/modules/networking/default.nix
@@ -107,13 +107,13 @@ in
       echo "configuring networking..." >&2
 
       ${optionalString (cfg.computerName != null) ''
-        scutil --set ComputerName '${cfg.computerName}'
+        scutil --set ComputerName ${escapeShellArg cfg.computerName}
       ''}
       ${optionalString (cfg.hostName != null) ''
-        scutil --set HostName '${cfg.hostName}'
+        scutil --set HostName ${escapeShellArg cfg.hostName}
       ''}
       ${optionalString (cfg.localHostName != null) ''
-        scutil --set LocalHostName '${cfg.localHostName}'
+        scutil --set LocalHostName ${escapeShellArg cfg.localHostName}
       ''}
 
       ${setNetworkServices}
diff --git a/tests/networking-shell-escape.nix b/tests/networking-shell-escape.nix
new file mode 100644
index 0000000..da399b1
--- /dev/null
+++ b/tests/networking-shell-escape.nix
@@ -0,0 +1,15 @@
+
+{ config, pkgs, ... }:
+
+{
+  networking.computerName = "\"Quotey McQuote's Macbook Pro\"";
+  networking.hostName = "\"Quotey-McQuote's-Macbook-Pro\"";
+
+  test = ''
+    echo checking hostname in /activate >&2
+    grep "scutil --set ComputerName '"\""Quotey McQuote's Macbook Pro"\""'" ${config.out}/activate
+    grep "scutil --set LocalHostName '"\""Quotey-McQuote's-Macbook-Pro"\""'" ${config.out}/activate
+    grep "scutil --set HostName "'"\""Quotey-McQuote's-Macbook-Pro"\""'"  ${config.out}/activate
+    echo checking defaults write in ${config.out}/activate-user >&2
+  '';
+}