Add new cmdmon status codes for packet version and length mismatch

With next procotol version this will allow chronyc to report that
chronyd is using a different protocol version.

diff --git a/candm.h b/candm.h
index d721325e7aeaf8ccc96fe61ad3d8d33889be0645..bedc834e077abffd4afb6bfe6a10c45097eb84c2 100644 (file)
--- a/candm.h
+++ b/candm.h
@@ -328,6 +328,10 @@ typedef struct {
 
 #define PROTO_VERSION_NUMBER 4
 
+/* The oldest protocol version that is compatible enough with
+   the current version to report a version mismatch */
+#define PROTO_VERSION_MISMATCH_COMPAT 4
+
 /* ================================================== */
 
 typedef struct {
@@ -434,6 +438,8 @@ typedef struct {
 #define STT_INACTIVE 15
 #define STT_BADSAMPLE 16
 #define STT_INVALIDAF 17
+#define STT_BADPKTVERSION 18
+#define STT_BADPKTLENGTH 19
 
 typedef struct {
   int32_t EOR;

diff --git a/client.c b/client.c
index 8885d66112890999ac63f7f82702e2ad2a3055f9..0dd8ede04f5efe35d19f7df44d285e767868705d 100644 (file)
--- a/client.c
+++ b/client.c
@@ -1305,7 +1305,9 @@ submit_request(CMD_Request *request, CMD_Reply *reply, int *reply_auth_ok)
           continue;
         }
         
-        bad_header = ((reply->version != PROTO_VERSION_NUMBER) ||
+        bad_header = ((reply->version != PROTO_VERSION_NUMBER &&
+                       !(reply->version >= PROTO_VERSION_MISMATCH_COMPAT &&
+                         ntohs(reply->status) == STT_BADPKTVERSION)) ||
                       (reply->pkt_type != PKT_TYPE_CMD_REPLY) ||
                       (reply->res1 != 0) ||
                       (reply->res2 != 0) ||
@@ -1428,6 +1430,12 @@ request_reply(CMD_Request *request, CMD_Reply *reply, int requested_reply, int v
       case STT_BADSAMPLE:
         printf("516 Sample index out of range");
         break;
+      case STT_BADPKTVERSION:
+        printf("517 Protocol version mismatch");
+        break;
+      case STT_BADPKTLENGTH:
+        printf("518 Packet length mismatch");
+        break;
       case STT_INACTIVE:
         printf("519 Client logging is not active in the daemon");
         break;

diff --git a/cmdmon.c b/cmdmon.c
index 98d84bb66aad1a402e15a891b4db37cd741d6222..c8d22d5e8d1c7d018c5ec1cdc8b9e6355ba254cf 100644 (file)
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -1822,23 +1822,35 @@ read_from_cmd_socket(void *anything)
     return;
   }
 
+  if (read_length < offsetof(CMD_Request, data) ||
+      rx_message.pkt_type != PKT_TYPE_CMD_REQUEST ||
+      rx_message.res1 != 0 ||
+      rx_message.res2 != 0) {
 
-  if (read_length != expected_length) {
-    LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToString(&remote_ip), remote_port);
+    /* We don't know how to process anything like this */
     CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
-    /* For now, just ignore the packet.  We may want to send a reply
-       back eventually */
+    
     return;
   }
 
-  if ((rx_message.version != PROTO_VERSION_NUMBER) ||
-      (rx_message.pkt_type != PKT_TYPE_CMD_REQUEST) ||
-      (rx_message.res1 != 0) ||
-      (rx_message.res2 != 0)) {
+  if (rx_message.version != PROTO_VERSION_NUMBER) {
+    tx_message.status = htons(STT_NOHOSTACCESS);
+    LOG(LOGS_WARN, LOGF_CmdMon, "Read packet with protocol version %d (expected %d) from %s:%hu", rx_message.version, PROTO_VERSION_NUMBER, UTI_IPToString(&remote_ip), remote_port);
+    CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
 
-    /* We don't know how to process anything like this */
+    if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT) {
+      tx_message.status = htons(STT_BADPKTVERSION);
+      transmit_reply(&tx_message, &where_from);
+    }
+    return;
+  }
+
+  if (read_length != expected_length) {
+    LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToString(&remote_ip), remote_port);
     CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
-    
+
+    tx_message.status = htons(STT_BADPKTLENGTH);
+    transmit_reply(&tx_message, &where_from);
     return;
   }