diff options
| author | Catalin Patulea <cat@vv.carleton.ca> | 2015-01-01 17:47:46 -0500 |
|---|---|---|
| committer | Catalin Patulea <cat@vv.carleton.ca> | 2015-01-01 17:47:46 -0500 |
| commit | b1a05bf07de41f386be9c29e1b6bb08fa74fd6bc (patch) | |
| tree | 7fefdf246c8a84fc855997cc65b3c12a8cba90d0 | |
| parent | 859f547aa1c2212fe90d31832d65c4223943172b (diff) | |
| download | dropbear-b1a05bf07de41f386be9c29e1b6bb08fa74fd6bc.tar.gz | |
Handle invalid agent keys by skipping rather than exiting.
My agent exposes both conventional keys and certs (ecdsa-sha2-nistp256-cert-v01@openssh.com) and I want dropbear to be able to use the former.
| -rw-r--r-- | cli-agentfwd.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/cli-agentfwd.c b/cli-agentfwd.c index 535024f..7badc88 100644 --- a/cli-agentfwd.c +++ b/cli-agentfwd.c @@ -210,13 +210,14 @@ static void agent_get_key_list(m_list * ret_list) ret = buf_get_pub_key(key_buf, pubkey, &key_type); buf_free(key_buf); if (ret != DROPBEAR_SUCCESS) { - /* This is slack, properly would cleanup vars etc */ - dropbear_exit("Bad pubkey received from agent"); - } - pubkey->type = key_type; - pubkey->source = SIGNKEY_SOURCE_AGENT; + TRACE(("Skipping bad pubkey from agent")); + sign_key_free(pubkey); + } else { + pubkey->type = key_type; + pubkey->source = SIGNKEY_SOURCE_AGENT; - list_append(ret_list, pubkey); + list_append(ret_list, pubkey); + } /* We'll ignore the comment for now. might want it later.*/ buf_eatstring(inbuf); |