# HG changeset patch
# User Guilhem Moulin <guilhem@debian.org>
# Date 1593176163 -28800
# Node ID 2f5d797d9811aefb8cb05ccef25652491ed2377f
# Parent  cddc90de1b6f5ea7c107674db57e742c91ff29d6
Don't choke on disabled authorized_keys(5) options
As of 2020.79 X11 forwarding is disabled at build time, which could lock
out users with authorized_keys(5) files containing ‘no-X11-forwarding’
options.

diff -r cddc90de1b6f -r 2f5d797d9811 svr-authpubkeyoptions.c
--- a/svr-authpubkeyoptions.c	Fri Jun 26 20:55:56 2020 +0800
+++ b/svr-authpubkeyoptions.c	Fri Jun 26 20:56:03 2020 +0800
@@ -147,20 +147,20 @@
 			ses.authstate.pubkey_options->no_port_forwarding_flag = 1;
 			goto next_option;
 		}
+		if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) {
 #if DROPBEAR_SVR_AGENTFWD
-		if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) {
 			dropbear_log(LOG_WARNING, "Agent forwarding disabled.");
 			ses.authstate.pubkey_options->no_agent_forwarding_flag = 1;
+#endif
 			goto next_option;
 		}
-#endif
+		if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) {
 #if DROPBEAR_X11FWD
-		if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) {
 			dropbear_log(LOG_WARNING, "X11 forwarding disabled.");
 			ses.authstate.pubkey_options->no_x11_forwarding_flag = 1;
+#endif
 			goto next_option;
 		}
-#endif
 		if (match_option(options_buf, "no-pty") == DROPBEAR_SUCCESS) {
 			dropbear_log(LOG_WARNING, "Pty allocation disabled.");
 			ses.authstate.pubkey_options->no_pty_flag = 1;