From 47faf121174a9176ae4ec981b7069eabb06112bb Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Fri, 1 Apr 2022 11:56:10 +0800
Subject: Fix extra default -i arguments for multihop

When multihop executes dbclient it should only add -i arguments
from the original commandline, not the default id_dropbear key.
Otherwise multiple -i arguments keep getting added which
results in servers disconnecting with too many auth attempts
---
 cli-runopts.c | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/cli-runopts.c b/cli-runopts.c
index c91f668..20bebe7 100644
--- a/cli-runopts.c
+++ b/cli-runopts.c
@@ -482,14 +482,6 @@ void cli_getopts(int argc, char ** argv) {
 	}
 #endif
 
-#if (DROPBEAR_CLI_PUBKEY_AUTH)
-	{
-		char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY);
-		loadidentityfile(expand_path, 0);
-		m_free(expand_path);
-	}
-#endif
-
 	/* The hostname gets set up last, since
 	 * in multi-hop mode it will require knowledge
 	 * of other flags such as -i */
@@ -498,6 +490,17 @@ void cli_getopts(int argc, char ** argv) {
 #else
 	parse_hostname(host_arg);
 #endif
+
+	/* We don't want to include default id_dropbear as a
+	   -i argument for multihop, so handle it later. */
+#if (DROPBEAR_CLI_PUBKEY_AUTH)
+	{
+		char *expand_path = expand_homedir_path(DROPBEAR_DEFAULT_CLI_AUTHKEY);
+		loadidentityfile(expand_path, 0);
+		m_free(expand_path);
+	}
+#endif
+
 }
 
 #if DROPBEAR_CLI_PUBKEY_AUTH
-- 
cgit v1.2.1