#!/bin/bash

# JW_PKG_SSH_EXTRA_OPTS in the context of CI can contain "-l someuser".  For
# the ssh login to a remote ssh://otheruser@gitserver.com, this runs the ssh
# command "ssh -l someuser otheruser@gitserver.com".  Since with openssh, -l
# takes precedence of the @, ssh tries to authenticate as someuser against
# gitserver, and is rightly denied access.
#
# That case happens with the janware's pub remote, so the -l needs to be
# removed from JW_PKG_SSH_EXTRA_OPTS if a remote with a username@ prefix from
# the Git configuration hits this script, and that's what most of its logic
# does.

run_ssh()
{
	local has_user_at_host=0
	local arg
	for arg in "$@"; do
		case "$arg" in
			-*)
				;;
			?*@?*)
				has_user_at_host=1
				break
				;;
		esac
	done

	local -a extra_opts
	read -r -a extra_opts <<< "${JW_PKG_SSH_EXTRA_OPTS:-}"

	if (( has_user_at_host )); then
		local -a filtered_opts=()
		local skip_next=0
		local opt
		for opt in "${extra_opts[@]}"; do
			if (( skip_next )); then
				skip_next=0
				continue
			fi

			case "$opt" in
				-l)
					skip_next=1
					;;
				-l?*)
					;;
				*)
					filtered_opts+=("$opt")
					;;
			esac
		done

		extra_opts=("${filtered_opts[@]}")
	fi

	[[ "${JW_PKG_VERBOSE:-false}" = "true" ]] && set -x

	exec /usr/bin/ssh "${extra_opts[@]}" "$@"
}

run_ssh "$@"