did some testing with a small adaption in cli-runopts.c Basicly if a proycmd if used and multihop is used, I pass the proxycmd with -J in each exec
Seems to work :) underneath the complete function... didn't have time to make a diff to the original... Hans static void parse_multihop_hostname(const char* orighostarg, const char* argv0) { char *userhostarg = NULL; char *hostbuf = NULL; char *last_hop = NULL; char *remainder = NULL; /* both scp and rsync parse a user@host argument * and turn it into "-l user host". This breaks * for our multihop syntax, so we suture it back together. * This will break usernames that have both '@' and ',' in them, * though that should be fairly uncommon. */ if (cli_opts.username && strchr(cli_opts.username, ',') && strchr(cli_opts.username, '@')) { unsigned int len = strlen(orighostarg) + strlen(cli_opts.username) + 2; hostbuf = m_malloc(len); snprintf(hostbuf, len, "%s@%s", cli_opts.username, orighostarg); } else { hostbuf = m_strdup(orighostarg); } userhostarg = hostbuf; last_hop = strrchr(userhostarg, ','); if (last_hop) { if (last_hop == userhostarg) { dropbear_exit("Bad multi-hop hostnames"); } *last_hop = '\0'; last_hop++; remainder = userhostarg; userhostarg = last_hop; } parse_hostname(userhostarg); if (last_hop) { /* Set up the proxycmd */ unsigned int cmd_len = 0; char *passthrough_args = multihop_passthrough_args(); char *pproxycmd = NULL; if (cli_opts.remoteport == NULL) { cli_opts.remoteport = "22"; } cmd_len = strlen(argv0) + strlen(remainder) + strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport) + strlen(passthrough_args) + 30; /* if proxycmd is filled, pass it also with every exec */ if (cli_opts.proxycmd) { int proxylen = strlen(cli_opts.proxycmd) + 10; /* save original proxycmd to insert in new cmd */ pproxycmd = m_malloc(proxylen); snprintf(pproxycmd,proxylen,"-J \"%s\" ",cli_opts.proxycmd); cli_opts.proxycmd = NULL; /* increase cmd_len with proxycmd length */ cmd_len += proxylen; } cli_opts.proxycmd = m_malloc(cmd_len); snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s", argv0, (pproxycmd)?pproxycmd:"", cli_opts.remotehost, cli_opts.remoteport, passthrough_args, remainder); #ifndef DISABLE_ZLIB /* The stream will be incompressible since it's encrypted. */ opts.compress_mode = DROPBEAR_COMPRESS_OFF; #endif if (pproxycmd) m_free(pproxycmd); m_free(passthrough_args); } m_free(hostbuf); } >