pkd: emit error message for OpenSSH clients < 7.0

Emit a friendly error message for OpenSSH clients older than 7.0. Some of the recent pkd changes now require a modern client to support some newer config options. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-18 19:31:35 -04:00 · 2018-06-18 19:31:35 -04:00 · bf10a66b5d
--- a/tests/pkd/pkd_util.c
+++ b/tests/pkd/pkd_util.c
@ -1,12 +1,15 @@
 /*
 * pkd_util.c -- pkd utilities
 *
- * (c) 2014 Jon Simons
+ * (c) 2014, 2018 Jon Simons <jon@jonsimons.org>
 */

+#include <errno.h>
+#include <limits.h>
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <sys/wait.h>

 #include "pkd_client.h"
@ -37,8 +40,64 @@ static int bin_exists(const char *binary) {
    return (system_checked(bin) == 0);
 }

+static int is_openssh_client_new_enough(void) {
+    int rc = -1;
+    FILE *fp = NULL;
+    char version[1024] = { 0 };
+
+    int version_ok = 0;
+    unsigned long int major = 0;
+    char *tmp = NULL;
+
+    fp = popen("ssh -V 2>&1", "r");
+    if (fp == NULL) {
+        fprintf(stderr, "failed to get OpenSSH client version\n");
+        goto done;
+    }
+
+    if (fgets(&version[0], sizeof(version), fp) == NULL) {
+        fprintf(stderr, "failed to get OpenSSH client version string\n");
+        goto errfgets;
+    }
+
+    /* "OpenSSH_<major>.<minor><SP>..." */
+    if (strlen(version) < 11) {
+        goto errversion;
+    }
+
+    /* Extract major. */
+    major = strtoul(version + 8, &tmp, 10);
+    if ((tmp == (version + 8)) ||
+        ((errno = ERANGE) && (major == ULONG_MAX)) ||
+        ((errno != 0) && (major == 0)) ||
+        ((major < 1) || (major > 100))) {
+        fprintf(stderr, "failed to parse OpenSSH client version, "
+                        "errno %d\n", errno);
+        goto errversion;
+    }
+
+    if (major < 7) {
+        fprintf(stderr, "error: minimum OpenSSH client version "
+                        "required is 7, found: %ld\n", major);
+        goto errversion;
+    }
+
+    version_ok = 1;
+
+errversion:
+errfgets:
+    rc = pclose(fp);
+    if (rc != 0) {
+        fprintf(stderr, "failed to get OpenSSH client version: %d\n", rc);
+    }
+done:
+    return version_ok;
+}
+
 int is_openssh_client_enabled(void) {
-    return (bin_exists(OPENSSH_BINARY) && bin_exists(OPENSSH_KEYGEN));
+    return (bin_exists(OPENSSH_BINARY) &&
+            bin_exists(OPENSSH_KEYGEN) &&
+            is_openssh_client_new_enough());
 }

 int is_dropbear_client_enabled(void) {