#Copyright (C) 2016,2023 Weber Yann
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; either version 3 of the License, or
#any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program.  If not, see <http://www.gnu.org/licenses/>.

#
#	SSH checks
#

check_ssh_nc() {
	host=$1
	port=$2
	
	if [ -z "$port" ]
	then
		port=22
	fi

	rep="$(nc -w1 "$host" "$port" </dev/null)"
	res=$?
	if [ "$res" -ne "0" ]
	then
		fail "Netcat unable to connect to $host:$port"
		return
	fi
	if echo "$rep" | grep "^SSH-2.0-OpenSSH" >/dev/null
	then
		success "OpenSSH replied on $host:$port"
	else
		fail "Bad reply from $host:$port : '$rep'"
	fi
}

check_ssh_key() {
	host="$1"
	testkey="$2"
	keytype="$3"
	port="$4"
	
	if [ -z "$port" ]
	then
		port=22
	fi

	if [ -z "$keytype" ]
	then
		keytype="rsa"
	fi

	key=$(ssh-keyscan -p $port -t "$keytype" "$host" 2>/dev/null | cut -d " " -f3)

	if [ -z "$key" ]
	then
		fail "SSH server not responding"
		return
	elif [ "$key" = "$testkey" ]
	then
		success "OpenSSH $host:$port key is $testkey"
		return
	else
		fail "OpenSSH $host:$port missmatch : "
		logdate ERR "Expected : $testkey" 1
		logdate ERR "Received : $key" 1
		return
	fi
}