From bf10a66b5d4865903f6cad395443ab0ff51872a5 Mon Sep 17 00:00:00 2001
From: Jon Simons <jon@jonsimons.org>
Date: Mon, 18 Jun 2018 19:31:35 -0400
Subject: pkd: emit error message for OpenSSH clients < 7.0

Emit a friendly error message for OpenSSH clients older than
7.0.  Some of the recent pkd changes now require a modern
client to support some newer config options.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 tests/pkd/pkd_util.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 61 insertions(+), 2 deletions(-)

diff --git a/tests/pkd/pkd_util.c b/tests/pkd/pkd_util.c
index 963b58d6..89a417f0 100644
--- a/tests/pkd/pkd_util.c
+++ b/tests/pkd/pkd_util.c
@@ -1,12 +1,15 @@
 /*
  * pkd_util.c -- pkd utilities
  *
- * (c) 2014 Jon Simons
+ * (c) 2014, 2018 Jon Simons <jon@jonsimons.org>
  */
 
+#include <errno.h>
+#include <limits.h>
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <sys/wait.h>
 
 #include "pkd_client.h"
@@ -37,8 +40,64 @@ static int bin_exists(const char *binary) {
     return (system_checked(bin) == 0);
 }
 
+static int is_openssh_client_new_enough(void) {
+    int rc = -1;
+    FILE *fp = NULL;
+    char version[1024] = { 0 };
+
+    int version_ok = 0;
+    unsigned long int major = 0;
+    char *tmp = NULL;
+
+    fp = popen("ssh -V 2>&1", "r");
+    if (fp == NULL) {
+        fprintf(stderr, "failed to get OpenSSH client version\n");
+        goto done;
+    }
+
+    if (fgets(&version[0], sizeof(version), fp) == NULL) {
+        fprintf(stderr, "failed to get OpenSSH client version string\n");
+        goto errfgets;
+    }
+
+    /* "OpenSSH_<major>.<minor><SP>..." */
+    if (strlen(version) < 11) {
+        goto errversion;
+    }
+
+    /* Extract major. */
+    major = strtoul(version + 8, &tmp, 10);
+    if ((tmp == (version + 8)) ||
+        ((errno = ERANGE) && (major == ULONG_MAX)) ||
+        ((errno != 0) && (major == 0)) ||
+        ((major < 1) || (major > 100))) {
+        fprintf(stderr, "failed to parse OpenSSH client version, "
+                        "errno %d\n", errno);
+        goto errversion;
+    }
+
+    if (major < 7) {
+        fprintf(stderr, "error: minimum OpenSSH client version "
+                        "required is 7, found: %ld\n", major);
+        goto errversion;
+    }
+
+    version_ok = 1;
+
+errversion:
+errfgets:
+    rc = pclose(fp);
+    if (rc != 0) {
+        fprintf(stderr, "failed to get OpenSSH client version: %d\n", rc);
+    }
+done:
+    return version_ok;
+}
+
 int is_openssh_client_enabled(void) {
-    return (bin_exists(OPENSSH_BINARY) && bin_exists(OPENSSH_KEYGEN));
+    return (bin_exists(OPENSSH_BINARY) &&
+            bin_exists(OPENSSH_KEYGEN) &&
+            is_openssh_client_new_enough());
 }
 
 int is_dropbear_client_enabled(void) {
-- 
cgit v1.2.3