Mercurial > dropbear
comparison cli-runopts.c @ 1933:e093ddc5b585
Fix extra default -i arguments for multihop
When multihop executes dbclient it should only add -i arguments
from the original commandline, not the default id_dropbear key.
Otherwise multiple -i arguments keep getting added which
results in servers disconnecting with too many auth attempts
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 01 Apr 2022 11:56:10 +0800 |
parents | 3442105b2aba |
children | a7ad060707b6 |
comparison
equal
deleted
inserted
replaced
1932:62ae35ff833e | 1933:e093ddc5b585 |
---|---|
480 if (cli_opts.cmd && cli_opts.netcat_host) { | 480 if (cli_opts.cmd && cli_opts.netcat_host) { |
481 dropbear_log(LOG_INFO, "Ignoring command '%s' in netcat mode", cli_opts.cmd); | 481 dropbear_log(LOG_INFO, "Ignoring command '%s' in netcat mode", cli_opts.cmd); |
482 } | 482 } |
483 #endif | 483 #endif |
484 | 484 |
485 #if (DROPBEAR_CLI_PUBKEY_AUTH) | |
486 { | |
487 char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY); | |
488 loadidentityfile(expand_path, 0); | |
489 m_free(expand_path); | |
490 } | |
491 #endif | |
492 | |
493 /* The hostname gets set up last, since | 485 /* The hostname gets set up last, since |
494 * in multi-hop mode it will require knowledge | 486 * in multi-hop mode it will require knowledge |
495 * of other flags such as -i */ | 487 * of other flags such as -i */ |
496 #if DROPBEAR_CLI_MULTIHOP | 488 #if DROPBEAR_CLI_MULTIHOP |
497 parse_multihop_hostname(host_arg, argv[0]); | 489 parse_multihop_hostname(host_arg, argv[0]); |
498 #else | 490 #else |
499 parse_hostname(host_arg); | 491 parse_hostname(host_arg); |
500 #endif | 492 #endif |
493 | |
494 /* We don't want to include default id_dropbear as a | |
495 -i argument for multihop, so handle it later. */ | |
496 #if (DROPBEAR_CLI_PUBKEY_AUTH) | |
497 { | |
498 char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY); | |
499 loadidentityfile(expand_path, 0); | |
500 m_free(expand_path); | |
501 } | |
502 #endif | |
503 | |
501 } | 504 } |
502 | 505 |
503 #if DROPBEAR_CLI_PUBKEY_AUTH | 506 #if DROPBEAR_CLI_PUBKEY_AUTH |
504 static void loadidentityfile(const char* filename, int warnfail) { | 507 static void loadidentityfile(const char* filename, int warnfail) { |
505 sign_key *key; | 508 sign_key *key; |