dropbear: cli-runopts.c comparison

comparison cli-runopts.c @ 1933:e093ddc5b585

Fix extra default -i arguments for multihop When multihop executes dbclient it should only add -i arguments from the original commandline, not the default id_dropbear key. Otherwise multiple -i arguments keep getting added which results in servers disconnecting with too many auth attempts

author	Matt Johnston <matt@ucc.asn.au>
date	Fri, 01 Apr 2022 11:56:10 +0800
parents	3442105b2aba
children	a7ad060707b6

comparison

equal deleted inserted replaced

-:62ae35ff833e
+:e093ddc5b585
 	if (cli_opts.cmd && cli_opts.netcat_host) {
 		dropbear_log(LOG_INFO, "Ignoring command '%s' in netcat mode", cli_opts.cmd);
 	}
 #endif
-#if (DROPBEAR_CLI_PUBKEY_AUTH)
-	{
-		char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY);
-		loadidentityfile(expand_path, 0);
-		m_free(expand_path);
-	}
-#endif
 	/* The hostname gets set up last, since
 	 * in multi-hop mode it will require knowledge
 	 * of other flags such as -i */
 #if DROPBEAR_CLI_MULTIHOP
 	parse_multihop_hostname(host_arg, argv[0]);
 #else
 	parse_hostname(host_arg);
 #endif
+	/* We don't want to include default id_dropbear as a
+	   -i argument for multihop, so handle it later. */
+#if (DROPBEAR_CLI_PUBKEY_AUTH)
+	{
+		char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY);
+		loadidentityfile(expand_path, 0);
+		m_free(expand_path);
+	}
+#endif
 }
 #if DROPBEAR_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename, int warnfail) {
 	sign_key *key;

Mercurial > dropbear

comparison cli-runopts.c @ 1933:e093ddc5b585