Add new cmdmon status codes for packet version and length mismatch

With next procotol version this will allow chronyc to report that
chronyd is using a different protocol version.

candm.h

@@ -328,6 +328,10 @@ typedef struct {
 
 #define PROTO_VERSION_NUMBER 4
 
+/* The oldest protocol version that is compatible enough with
+   the current version to report a version mismatch */
+#define PROTO_VERSION_MISMATCH_COMPAT 4
+
 /* ================================================== */
 
 typedef struct {
@@ -434,6 +438,8 @@ typedef struct {
 #define STT_INACTIVE 15
 #define STT_BADSAMPLE 16
 #define STT_INVALIDAF 17
+#define STT_BADPKTVERSION 18
+#define STT_BADPKTLENGTH 19
 
 typedef struct {
   int32_t EOR;

client.c

@@ -1305,7 +1305,9 @@ submit_request(CMD_Request *request, CMD_Reply *reply, int *reply_auth_ok)
           continue;
         }
         
-        bad_header = ((reply->version != PROTO_VERSION_NUMBER) ||
+        bad_header = ((reply->version != PROTO_VERSION_NUMBER &&
+                       !(reply->version >= PROTO_VERSION_MISMATCH_COMPAT &&
+                         ntohs(reply->status) == STT_BADPKTVERSION)) ||
                       (reply->pkt_type != PKT_TYPE_CMD_REPLY) ||
                       (reply->res1 != 0) ||
                       (reply->res2 != 0) ||
@@ -1428,6 +1430,12 @@ request_reply(CMD_Request *request, CMD_Reply *reply, int requested_reply, int v
       case STT_BADSAMPLE:
         printf("516 Sample index out of range");
         break;
+      case STT_BADPKTVERSION:
+        printf("517 Protocol version mismatch");
+        break;
+      case STT_BADPKTLENGTH:
+        printf("518 Packet length mismatch");
+        break;
       case STT_INACTIVE:
         printf("519 Client logging is not active in the daemon");
         break;

cmdmon.c

@@ -1822,19 +1822,10 @@ read_from_cmd_socket(void *anything)
     return;
   }
 
-
-  if (read_length != expected_length) {
-    LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToString(&remote_ip), remote_port);
-    CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
-    /* For now, just ignore the packet.  We may want to send a reply
-       back eventually */
-    return;
-  }
-
-  if ((rx_message.version != PROTO_VERSION_NUMBER) ||
-      (rx_message.pkt_type != PKT_TYPE_CMD_REQUEST) ||
-      (rx_message.res1 != 0) ||
-      (rx_message.res2 != 0)) {
+  if (read_length < offsetof(CMD_Request, data) ||
+      rx_message.pkt_type != PKT_TYPE_CMD_REQUEST ||
+      rx_message.res1 != 0 ||
+      rx_message.res2 != 0) {
 
     /* We don't know how to process anything like this */
     CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
@@ -1842,6 +1833,27 @@ read_from_cmd_socket(void *anything)
     return;
   }
 
+  if (rx_message.version != PROTO_VERSION_NUMBER) {
+    tx_message.status = htons(STT_NOHOSTACCESS);
+    LOG(LOGS_WARN, LOGF_CmdMon, "Read packet with protocol version %d (expected %d) from %s:%hu", rx_message.version, PROTO_VERSION_NUMBER, UTI_IPToString(&remote_ip), remote_port);
+    CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
+
+    if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT) {
+      tx_message.status = htons(STT_BADPKTVERSION);
+      transmit_reply(&tx_message, &where_from);
+    }
+    return;
+  }
+
+  if (read_length != expected_length) {
+    LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToString(&remote_ip), remote_port);
+    CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
+
+    tx_message.status = htons(STT_BADPKTLENGTH);
+    transmit_reply(&tx_message, &where_from);
+    return;
+  }
+
   rx_command = ntohs(rx_message.command);
 
   /* OK, we have a valid message.  Now dispatch on message type and process it. */