changeset 984:d46e7f613157

Handle invalid agent keys by skipping rather than exiting. My agent exposes both conventional keys and certs ([email protected]) and I want dropbear to be able to use the former.
author Catalin Patulea <cat@vv.carleton.ca>
date Thu, 01 Jan 2015 17:47:46 -0500
parents 2b62f26cf808
children 9bf46570868f
files cli-agentfwd.c
diffstat 1 files changed, 7 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/cli-agentfwd.c	Sun Jan 04 22:22:43 2015 +0800
+++ b/cli-agentfwd.c	Thu Jan 01 17:47:46 2015 -0500
@@ -210,13 +210,14 @@
 		ret = buf_get_pub_key(key_buf, pubkey, &key_type);
 		buf_free(key_buf);
 		if (ret != DROPBEAR_SUCCESS) {
-			/* This is slack, properly would cleanup vars etc */
-			dropbear_exit("Bad pubkey received from agent");
+			TRACE(("Skipping bad pubkey from agent"));
+			sign_key_free(pubkey);
+		} else {
+			pubkey->type = key_type;
+			pubkey->source = SIGNKEY_SOURCE_AGENT;
+
+			list_append(ret_list, pubkey);
 		}
-		pubkey->type = key_type;
-		pubkey->source = SIGNKEY_SOURCE_AGENT;
-
-		list_append(ret_list, pubkey);
 
 		/* We'll ignore the comment for now. might want it later.*/
 		buf_eatstring(inbuf);