# HG changeset patch
# User Catalin Patulea <cat@vv.carleton.ca>
# Date 1420152466 18000
# Node ID d46e7f61315737baf1e149bd5909d7cb49b47106
# Parent  2b62f26cf808ab77a1f81e5dfd2ff9de147fea45
Handle invalid agent keys by skipping rather than exiting.

My agent exposes both conventional keys and certs (ecdsa-sha2-nistp256-cert-v01@openssh.com) and I want dropbear to be able to use the former.

diff -r 2b62f26cf808 -r d46e7f613157 cli-agentfwd.c
--- a/cli-agentfwd.c	Sun Jan 04 22:22:43 2015 +0800
+++ b/cli-agentfwd.c	Thu Jan 01 17:47:46 2015 -0500
@@ -210,13 +210,14 @@
 		ret = buf_get_pub_key(key_buf, pubkey, &key_type);
 		buf_free(key_buf);
 		if (ret != DROPBEAR_SUCCESS) {
-			/* This is slack, properly would cleanup vars etc */
-			dropbear_exit("Bad pubkey received from agent");
+			TRACE(("Skipping bad pubkey from agent"));
+			sign_key_free(pubkey);
+		} else {
+			pubkey->type = key_type;
+			pubkey->source = SIGNKEY_SOURCE_AGENT;
+
+			list_append(ret_list, pubkey);
 		}
-		pubkey->type = key_type;
-		pubkey->source = SIGNKEY_SOURCE_AGENT;
-
-		list_append(ret_list, pubkey);
 
 		/* We'll ignore the comment for now. might want it later.*/
 		buf_eatstring(inbuf);