mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-30 10:38:37 +00:00
Merge branch '1.0' into 2.0
This commit is contained in:
terrafrost
commit
024ac81d04
@ -299,6 +299,9 @@ class SCP
|
|||||||
$response = $this->ssh->_get_binary_packet();
|
$response = $this->ssh->_get_binary_packet();
|
||||||
switch ($response[SSH1::RESPONSE_TYPE]) {
|
switch ($response[SSH1::RESPONSE_TYPE]) {
|
||||||
case NET_SSH1_SMSG_STDOUT_DATA:
|
case NET_SSH1_SMSG_STDOUT_DATA:
|
||||||
|
if (strlen($response[SSH1::RESPONSE_DATA]) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA]));
|
extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA]));
|
||||||
return $this->ssh->_string_shift($response[SSH1::RESPONSE_DATA], $length);
|
return $this->ssh->_string_shift($response[SSH1::RESPONSE_DATA], $length);
|
||||||
case NET_SSH1_SMSG_STDERR_DATA:
|
case NET_SSH1_SMSG_STDERR_DATA:
|
||||||
|
|||||||
@ -472,11 +472,20 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nversion', $this->_string_shift($response, 4)));
|
extract(unpack('Nversion', $this->_string_shift($response, 4)));
|
||||||
$this->version = $version;
|
$this->version = $version;
|
||||||
while (!empty($response)) {
|
while (!empty($response)) {
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$key = $this->_string_shift($response, $length);
|
$key = $this->_string_shift($response, $length);
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$value = $this->_string_shift($response, $length);
|
$value = $this->_string_shift($response, $length);
|
||||||
$this->extensions[$key] = $value;
|
$this->extensions[$key] = $value;
|
||||||
@ -587,12 +596,15 @@ class SFTP extends SSH2
|
|||||||
function _logError($response, $status = -1)
|
function _logError($response, $status = -1)
|
||||||
{
|
{
|
||||||
if ($status == -1) {
|
if ($status == -1) {
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
}
|
}
|
||||||
|
|
||||||
$error = $this->status_codes[$status];
|
$error = $this->status_codes[$status];
|
||||||
|
|
||||||
if ($this->version > 2) {
|
if ($this->version > 2 || strlen($response) < 4) {
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length);
|
$this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length);
|
||||||
} else {
|
} else {
|
||||||
@ -641,6 +653,9 @@ class SFTP extends SSH2
|
|||||||
// should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
|
// should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
|
||||||
// at is the first part and that part is defined the same in SFTP versions 3 through 6.
|
// at is the first part and that part is defined the same in SFTP versions 3 through 6.
|
||||||
$this->_string_shift($response, 4); // skip over the count - it should be 1, anyway
|
$this->_string_shift($response, 4); // skip over the count - it should be 1, anyway
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
return $this->_string_shift($response, $length);
|
return $this->_string_shift($response, $length);
|
||||||
case NET_SFTP_STATUS:
|
case NET_SFTP_STATUS:
|
||||||
@ -875,10 +890,19 @@ class SFTP extends SSH2
|
|||||||
$response = $this->_get_sftp_packet();
|
$response = $this->_get_sftp_packet();
|
||||||
switch ($this->packet_type) {
|
switch ($this->packet_type) {
|
||||||
case NET_SFTP_NAME:
|
case NET_SFTP_NAME:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
||||||
for ($i = 0; $i < $count; $i++) {
|
for ($i = 0; $i < $count; $i++) {
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$shortname = $this->_string_shift($response, $length);
|
$shortname = $this->_string_shift($response, $length);
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$longname = $this->_string_shift($response, $length);
|
$longname = $this->_string_shift($response, $length);
|
||||||
$attributes = $this->_parseAttributes($response);
|
$attributes = $this->_parseAttributes($response);
|
||||||
@ -905,6 +929,9 @@ class SFTP extends SSH2
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case NET_SFTP_STATUS:
|
case NET_SFTP_STATUS:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_EOF) {
|
if ($status != NET_SFTP_STATUS_EOF) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -1499,6 +1526,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -1611,12 +1641,18 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
||||||
// the file isn't a symlink
|
// the file isn't a symlink
|
||||||
if (!$count) {
|
if (!$count) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
return $this->_string_shift($response, $length);
|
return $this->_string_shift($response, $length);
|
||||||
}
|
}
|
||||||
@ -1651,6 +1687,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -1714,6 +1753,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -1751,6 +1793,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
|
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
|
||||||
@ -1976,6 +2021,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -2007,6 +2055,9 @@ class SFTP extends SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -2206,6 +2257,9 @@ class SFTP extends SSH2
|
|||||||
}
|
}
|
||||||
|
|
||||||
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -2631,6 +2685,9 @@ class SFTP extends SSH2
|
|||||||
}
|
}
|
||||||
|
|
||||||
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
||||||
if ($status != NET_SFTP_STATUS_OK) {
|
if ($status != NET_SFTP_STATUS_OK) {
|
||||||
$this->_logError($response, $status);
|
$this->_logError($response, $status);
|
||||||
@ -2658,6 +2715,10 @@ class SFTP extends SSH2
|
|||||||
function _parseAttributes(&$response)
|
function _parseAttributes(&$response)
|
||||||
{
|
{
|
||||||
$attr = array();
|
$attr = array();
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return array();
|
||||||
|
}
|
||||||
extract(unpack('Nflags', $this->_string_shift($response, 4)));
|
extract(unpack('Nflags', $this->_string_shift($response, 4)));
|
||||||
// SFTPv4+ have a type field (a byte) that follows the above flag field
|
// SFTPv4+ have a type field (a byte) that follows the above flag field
|
||||||
foreach ($this->attributes as $key => $value) {
|
foreach ($this->attributes as $key => $value) {
|
||||||
@ -2672,9 +2733,17 @@ class SFTP extends SSH2
|
|||||||
$attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8)));
|
$attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8)));
|
||||||
break;
|
break;
|
||||||
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
|
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
|
||||||
|
if (strlen($response) < 8) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
|
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
|
||||||
break;
|
break;
|
||||||
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
|
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
$attr+= unpack('Npermissions', $this->_string_shift($response, 4));
|
$attr+= unpack('Npermissions', $this->_string_shift($response, 4));
|
||||||
// mode == permissions; permissions was the original array key and is retained for bc purposes.
|
// mode == permissions; permissions was the original array key and is retained for bc purposes.
|
||||||
// mode was added because that's the more industry standard terminology
|
// mode was added because that's the more industry standard terminology
|
||||||
@ -2685,13 +2754,29 @@ class SFTP extends SSH2
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
|
case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
|
||||||
|
if (strlen($response) < 8) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
$attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
|
$attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
|
||||||
break;
|
break;
|
||||||
case NET_SFTP_ATTR_EXTENDED: // 0x80000000
|
case NET_SFTP_ATTR_EXTENDED: // 0x80000000
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
||||||
for ($i = 0; $i < $count; $i++) {
|
for ($i = 0; $i < $count; $i++) {
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$key = $this->_string_shift($response, $length);
|
$key = $this->_string_shift($response, $length);
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
user_error('Malformed file attributes');
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$attr[$key] = $this->_string_shift($response, $length);
|
$attr[$key] = $this->_string_shift($response, $length);
|
||||||
}
|
}
|
||||||
@ -2845,6 +2930,9 @@ class SFTP extends SSH2
|
|||||||
}
|
}
|
||||||
$this->packet_buffer.= $temp;
|
$this->packet_buffer.= $temp;
|
||||||
}
|
}
|
||||||
|
if (strlen($this->packet_buffer) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4)));
|
extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4)));
|
||||||
$tempLength = $length;
|
$tempLength = $length;
|
||||||
$tempLength-= strlen($this->packet_buffer);
|
$tempLength-= strlen($this->packet_buffer);
|
||||||
|
|||||||
@ -575,28 +575,46 @@ class SSH1
|
|||||||
|
|
||||||
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
||||||
|
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 2) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
||||||
$server_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
$server_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
||||||
$this->server_key_public_exponent = $server_key_public_exponent;
|
$this->server_key_public_exponent = $server_key_public_exponent;
|
||||||
|
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 2) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
||||||
$server_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
$server_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
||||||
|
|
||||||
$this->server_key_public_modulus = $server_key_public_modulus;
|
$this->server_key_public_modulus = $server_key_public_modulus;
|
||||||
|
|
||||||
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
||||||
|
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 2) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
||||||
$host_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
$host_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
||||||
$this->host_key_public_exponent = $host_key_public_exponent;
|
$this->host_key_public_exponent = $host_key_public_exponent;
|
||||||
|
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 2) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2));
|
||||||
$host_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
$host_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
||||||
|
|
||||||
$this->host_key_public_modulus = $host_key_public_modulus;
|
$this->host_key_public_modulus = $host_key_public_modulus;
|
||||||
|
|
||||||
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
$this->_string_shift($response[self::RESPONSE_DATA], 4);
|
||||||
|
|
||||||
// get a list of the supported ciphers
|
// get a list of the supported ciphers
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4)));
|
extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4)));
|
||||||
|
|
||||||
foreach ($this->supported_ciphers as $mask => $name) {
|
foreach ($this->supported_ciphers as $mask => $name) {
|
||||||
if (($supported_ciphers_mask & (1 << $mask)) == 0) {
|
if (($supported_ciphers_mask & (1 << $mask)) == 0) {
|
||||||
unset($this->supported_ciphers[$mask]);
|
unset($this->supported_ciphers[$mask]);
|
||||||
@ -604,6 +622,9 @@ class SSH1
|
|||||||
}
|
}
|
||||||
|
|
||||||
// get a list of the supported authentications
|
// get a list of the supported authentications
|
||||||
|
if (strlen($response[self::RESPONSE_DATA]) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4)));
|
extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4)));
|
||||||
foreach ($this->supported_authentications as $mask => $name) {
|
foreach ($this->supported_authentications as $mask => $name) {
|
||||||
if (($supported_authentications_mask & (1 << $mask)) == 0) {
|
if (($supported_authentications_mask & (1 << $mask)) == 0) {
|
||||||
@ -1091,7 +1112,11 @@ class SSH1
|
|||||||
}
|
}
|
||||||
|
|
||||||
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
||||||
$temp = unpack('Nlength', fread($this->fsock, 4));
|
$data = fread($this->fsock, 4);
|
||||||
|
if (strlen($data) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$temp = unpack('Nlength', $data);
|
||||||
|
|
||||||
$padding_length = 8 - ($temp['length'] & 7);
|
$padding_length = 8 - ($temp['length'] & 7);
|
||||||
$length = $temp['length'] + $padding_length;
|
$length = $temp['length'] + $padding_length;
|
||||||
@ -1112,6 +1137,9 @@ class SSH1
|
|||||||
$type = $raw[$padding_length];
|
$type = $raw[$padding_length];
|
||||||
$data = substr($raw, $padding_length + 1, -4);
|
$data = substr($raw, $padding_length + 1, -4);
|
||||||
|
|
||||||
|
if (strlen($raw) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Ncrc', substr($raw, -4));
|
$temp = unpack('Ncrc', substr($raw, -4));
|
||||||
|
|
||||||
//if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
|
//if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
|
||||||
|
|||||||
@ -1110,7 +1110,7 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
||||||
user_error('Expected SSH_MSG_KEXINIT');
|
user_error('Expected SSH_MSG_KEXINIT');
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -1307,36 +1307,69 @@ class SSH2
|
|||||||
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
|
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
|
||||||
$server_cookie = $this->_string_shift($response, 16);
|
$server_cookie = $this->_string_shift($response, 16);
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
$this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1)));
|
extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1)));
|
||||||
$first_kex_packet_follows = $first_kex_packet_follows != 0;
|
$first_kex_packet_follows = $first_kex_packet_follows != 0;
|
||||||
|
|
||||||
@ -1435,10 +1468,16 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('NprimeLength', $this->_string_shift($response, 4)));
|
extract(unpack('NprimeLength', $this->_string_shift($response, 4)));
|
||||||
$primeBytes = $this->_string_shift($response, $primeLength);
|
$primeBytes = $this->_string_shift($response, $primeLength);
|
||||||
$prime = new BigInteger($primeBytes, -256);
|
$prime = new BigInteger($primeBytes, -256);
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('NgLength', $this->_string_shift($response, 4)));
|
extract(unpack('NgLength', $this->_string_shift($response, 4)));
|
||||||
$gBytes = $this->_string_shift($response, $gLength);
|
$gBytes = $this->_string_shift($response, $gLength);
|
||||||
$g = new BigInteger($gBytes, -256);
|
$g = new BigInteger($gBytes, -256);
|
||||||
@ -1521,6 +1560,9 @@ class SSH2
|
|||||||
user_error('Connection closed by server');
|
user_error('Connection closed by server');
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
if ($type != $serverKexReplyMessage) {
|
if ($type != $serverKexReplyMessage) {
|
||||||
@ -1528,18 +1570,33 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']);
|
$this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']);
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$public_key_format = $this->_string_shift($server_public_host_key, $temp['length']);
|
$public_key_format = $this->_string_shift($server_public_host_key, $temp['length']);
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$fBytes = $this->_string_shift($response, $temp['length']);
|
$fBytes = $this->_string_shift($response, $temp['length']);
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||||
$this->signature = $this->_string_shift($response, $temp['length']);
|
$this->signature = $this->_string_shift($response, $temp['length']);
|
||||||
|
|
||||||
|
if (strlen($this->signature) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($this->signature, 4));
|
$temp = unpack('Nlength', $this->_string_shift($this->signature, 4));
|
||||||
$this->signature_format = $this->_string_shift($this->signature, $temp['length']);
|
$this->signature_format = $this->_string_shift($this->signature, $temp['length']);
|
||||||
|
|
||||||
@ -1610,6 +1667,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
if ($type != NET_SSH2_MSG_NEWKEYS) {
|
if ($type != NET_SSH2_MSG_NEWKEYS) {
|
||||||
@ -1940,6 +2000,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
|
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
|
||||||
@ -1989,6 +2052,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2044,6 +2110,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2051,14 +2120,23 @@ class SSH2
|
|||||||
if (defined('NET_SSH2_LOGGING')) {
|
if (defined('NET_SSH2_LOGGING')) {
|
||||||
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
|
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
|
||||||
}
|
}
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length));
|
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length));
|
||||||
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
|
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
|
||||||
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
||||||
// can we use keyboard-interactive authentication? if not then either the login is bad or the server employees
|
// can we use keyboard-interactive authentication? if not then either the login is bad or the server employees
|
||||||
// multi-factor authentication
|
// multi-factor authentication
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$auth_methods = explode(',', $this->_string_shift($response, $length));
|
$auth_methods = explode(',', $this->_string_shift($response, $length));
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Cpartial_success', $this->_string_shift($response, 1)));
|
extract(unpack('Cpartial_success', $this->_string_shift($response, 1)));
|
||||||
$partial_success = $partial_success != 0;
|
$partial_success = $partial_success != 0;
|
||||||
|
|
||||||
@ -2133,16 +2211,31 @@ class SSH2
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
case NET_SSH2_MSG_USERAUTH_INFO_REQUEST:
|
case NET_SSH2_MSG_USERAUTH_INFO_REQUEST:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->_string_shift($response, $length); // name; may be empty
|
$this->_string_shift($response, $length); // name; may be empty
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->_string_shift($response, $length); // instruction; may be empty
|
$this->_string_shift($response, $length); // instruction; may be empty
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->_string_shift($response, $length); // language tag; may be empty
|
$this->_string_shift($response, $length); // language tag; may be empty
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nnum_prompts', $this->_string_shift($response, 4)));
|
extract(unpack('Nnum_prompts', $this->_string_shift($response, 4)));
|
||||||
|
|
||||||
for ($i = 0; $i < count($responses); $i++) {
|
for ($i = 0; $i < count($responses); $i++) {
|
||||||
@ -2157,6 +2250,9 @@ class SSH2
|
|||||||
|
|
||||||
if (isset($this->keyboard_requests_responses)) {
|
if (isset($this->keyboard_requests_responses)) {
|
||||||
for ($i = 0; $i < $num_prompts; $i++) {
|
for ($i = 0; $i < $num_prompts; $i++) {
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
// prompt - ie. "Password: "; must not be empty
|
// prompt - ie. "Password: "; must not be empty
|
||||||
$prompt = $this->_string_shift($response, $length);
|
$prompt = $this->_string_shift($response, $length);
|
||||||
@ -2302,10 +2398,16 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length);
|
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length);
|
||||||
return false;
|
return false;
|
||||||
@ -2337,6 +2439,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2455,6 +2560,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
list(, $type) = unpack('C', $this->_string_shift($response, 1));
|
list(, $type) = unpack('C', $this->_string_shift($response, 1));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2591,6 +2699,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
list(, $type) = unpack('C', $this->_string_shift($response, 1));
|
list(, $type) = unpack('C', $this->_string_shift($response, 1));
|
||||||
|
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2926,6 +3037,9 @@ class SSH2
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen($raw) < 5) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5)));
|
extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5)));
|
||||||
|
|
||||||
$remaining_length = $packet_length + 4 - $this->decrypt_block_size;
|
$remaining_length = $packet_length + 4 - $this->decrypt_block_size;
|
||||||
@ -3001,6 +3115,9 @@ class SSH2
|
|||||||
switch (ord($payload[0])) {
|
switch (ord($payload[0])) {
|
||||||
case NET_SSH2_MSG_DISCONNECT:
|
case NET_SSH2_MSG_DISCONNECT:
|
||||||
$this->_string_shift($payload, 1);
|
$this->_string_shift($payload, 1);
|
||||||
|
if (strlen($payload) < 8) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8)));
|
extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8)));
|
||||||
$this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length));
|
$this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length));
|
||||||
$this->bitmap = 0;
|
$this->bitmap = 0;
|
||||||
@ -3010,6 +3127,9 @@ class SSH2
|
|||||||
break;
|
break;
|
||||||
case NET_SSH2_MSG_DEBUG:
|
case NET_SSH2_MSG_DEBUG:
|
||||||
$this->_string_shift($payload, 2);
|
$this->_string_shift($payload, 2);
|
||||||
|
if (strlen($payload) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
||||||
$this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length));
|
$this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length));
|
||||||
$payload = $this->_get_binary_packet();
|
$payload = $this->_get_binary_packet();
|
||||||
@ -3029,6 +3149,9 @@ class SSH2
|
|||||||
// see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
|
// see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
|
||||||
if (($this->bitmap & self::MASK_CONNECTED) && !($this->bitmap & self::MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
|
if (($this->bitmap & self::MASK_CONNECTED) && !($this->bitmap & self::MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
|
||||||
$this->_string_shift($payload, 1);
|
$this->_string_shift($payload, 1);
|
||||||
|
if (strlen($payload) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
||||||
$this->banner_message = utf8_decode($this->_string_shift($payload, $length));
|
$this->banner_message = utf8_decode($this->_string_shift($payload, $length));
|
||||||
$payload = $this->_get_binary_packet();
|
$payload = $this->_get_binary_packet();
|
||||||
@ -3038,6 +3161,9 @@ class SSH2
|
|||||||
if (($this->bitmap & self::MASK_CONNECTED) && ($this->bitmap & self::MASK_LOGIN)) {
|
if (($this->bitmap & self::MASK_CONNECTED) && ($this->bitmap & self::MASK_LOGIN)) {
|
||||||
switch (ord($payload[0])) {
|
switch (ord($payload[0])) {
|
||||||
case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
|
case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
|
||||||
|
if (strlen($payload) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
||||||
$this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length);
|
$this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length);
|
||||||
|
|
||||||
@ -3049,8 +3175,14 @@ class SSH2
|
|||||||
break;
|
break;
|
||||||
case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1
|
case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1
|
||||||
$this->_string_shift($payload, 1);
|
$this->_string_shift($payload, 1);
|
||||||
|
if (strlen($payload) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
||||||
$data = $this->_string_shift($payload, $length);
|
$data = $this->_string_shift($payload, $length);
|
||||||
|
if (strlen($payload) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nserver_channel', $this->_string_shift($payload, 4)));
|
extract(unpack('Nserver_channel', $this->_string_shift($payload, 4)));
|
||||||
switch ($data) {
|
switch ($data) {
|
||||||
case 'auth-agent':
|
case 'auth-agent':
|
||||||
@ -3058,6 +3190,9 @@ class SSH2
|
|||||||
if (isset($this->agent)) {
|
if (isset($this->agent)) {
|
||||||
$new_channel = self::CHANNEL_AGENT_FORWARD;
|
$new_channel = self::CHANNEL_AGENT_FORWARD;
|
||||||
|
|
||||||
|
if (strlen($payload) < 8) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4)));
|
extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4)));
|
||||||
extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4)));
|
extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4)));
|
||||||
|
|
||||||
@ -3103,6 +3238,9 @@ class SSH2
|
|||||||
break;
|
break;
|
||||||
case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST:
|
case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST:
|
||||||
$this->_string_shift($payload, 1);
|
$this->_string_shift($payload, 1);
|
||||||
|
if (strlen($payload) < 8) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nchannel', $this->_string_shift($payload, 4)));
|
extract(unpack('Nchannel', $this->_string_shift($payload, 4)));
|
||||||
extract(unpack('Nwindow_size', $this->_string_shift($payload, 4)));
|
extract(unpack('Nwindow_size', $this->_string_shift($payload, 4)));
|
||||||
$this->window_size_client_to_server[$channel]+= $window_size;
|
$this->window_size_client_to_server[$channel]+= $window_size;
|
||||||
@ -3233,8 +3371,14 @@ class SSH2
|
|||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!strlen($response)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||||
|
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
if ($type == NET_SSH2_MSG_CHANNEL_OPEN) {
|
if ($type == NET_SSH2_MSG_CHANNEL_OPEN) {
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
} else {
|
} else {
|
||||||
@ -3258,14 +3402,23 @@ class SSH2
|
|||||||
case NET_SSH2_MSG_CHANNEL_OPEN:
|
case NET_SSH2_MSG_CHANNEL_OPEN:
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION:
|
case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nserver_channel', $this->_string_shift($response, 4)));
|
extract(unpack('Nserver_channel', $this->_string_shift($response, 4)));
|
||||||
$this->server_channels[$channel] = $server_channel;
|
$this->server_channels[$channel] = $server_channel;
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nwindow_size', $this->_string_shift($response, 4)));
|
extract(unpack('Nwindow_size', $this->_string_shift($response, 4)));
|
||||||
if ($window_size < 0) {
|
if ($window_size < 0) {
|
||||||
$window_size&= 0x7FFFFFFF;
|
$window_size&= 0x7FFFFFFF;
|
||||||
$window_size+= 0x80000000;
|
$window_size+= 0x80000000;
|
||||||
}
|
}
|
||||||
$this->window_size_client_to_server[$channel] = $window_size;
|
$this->window_size_client_to_server[$channel] = $window_size;
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4));
|
$temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4));
|
||||||
$this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server'];
|
$this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server'];
|
||||||
$result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended);
|
$result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended);
|
||||||
@ -3305,6 +3458,9 @@ class SSH2
|
|||||||
$this->_send_channel_packet($channel, chr(0));
|
$this->_send_channel_packet($channel, chr(0));
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$data = $this->_string_shift($response, $length);
|
$data = $this->_string_shift($response, $length);
|
||||||
|
|
||||||
@ -3331,6 +3487,9 @@ class SSH2
|
|||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
|
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
|
||||||
|
if (strlen($response) < 8) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
|
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
|
||||||
$data = $this->_string_shift($response, $length);
|
$data = $this->_string_shift($response, $length);
|
||||||
$this->stdErrorLog.= $data;
|
$this->stdErrorLog.= $data;
|
||||||
@ -3346,14 +3505,23 @@ class SSH2
|
|||||||
$this->channel_buffers[$channel][] = $data;
|
$this->channel_buffers[$channel][] = $data;
|
||||||
break;
|
break;
|
||||||
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$value = $this->_string_shift($response, $length);
|
$value = $this->_string_shift($response, $length);
|
||||||
switch ($value) {
|
switch ($value) {
|
||||||
case 'exit-signal':
|
case 'exit-signal':
|
||||||
$this->_string_shift($response, 1);
|
$this->_string_shift($response, 1);
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
$this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length);
|
$this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length);
|
||||||
$this->_string_shift($response, 1);
|
$this->_string_shift($response, 1);
|
||||||
|
if (strlen($response) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||||
if ($length) {
|
if ($length) {
|
||||||
$this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length);
|
$this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length);
|
||||||
@ -3366,6 +3534,9 @@ class SSH2
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
case 'exit-status':
|
case 'exit-status':
|
||||||
|
if (strlen($response) < 5) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5)));
|
extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5)));
|
||||||
$this->exit_status = $exit_status;
|
$this->exit_status = $exit_status;
|
||||||
|
|
||||||
@ -3994,6 +4165,9 @@ class SSH2
|
|||||||
$signature = $this->signature;
|
$signature = $this->signature;
|
||||||
$server_public_host_key = $this->server_public_host_key;
|
$server_public_host_key = $this->server_public_host_key;
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4)));
|
extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4)));
|
||||||
$this->_string_shift($server_public_host_key, $length);
|
$this->_string_shift($server_public_host_key, $length);
|
||||||
|
|
||||||
@ -4009,15 +4183,27 @@ class SSH2
|
|||||||
case 'ssh-dss':
|
case 'ssh-dss':
|
||||||
$zero = new BigInteger();
|
$zero = new BigInteger();
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$p = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$p = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$q = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$q = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$g = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$g = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$y = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$y = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
@ -4064,15 +4250,24 @@ class SSH2
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
case 'ssh-rsa':
|
case 'ssh-rsa':
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$e = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$e = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
|
if (strlen($server_public_host_key) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$rawN = $this->_string_shift($server_public_host_key, $temp['length']);
|
$rawN = $this->_string_shift($server_public_host_key, $temp['length']);
|
||||||
$n = new BigInteger($rawN, -256);
|
$n = new BigInteger($rawN, -256);
|
||||||
$nLength = strlen(ltrim($rawN, "\0"));
|
$nLength = strlen(ltrim($rawN, "\0"));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
if (strlen($signature) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
||||||
$signature = $this->_string_shift($signature, $temp['length']);
|
$signature = $this->_string_shift($signature, $temp['length']);
|
||||||
|
|
||||||
@ -4085,6 +4280,9 @@ class SSH2
|
|||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
if (strlen($signature) < 4) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
||||||
$s = new BigInteger($this->_string_shift($signature, $temp['length']), 256);
|
$s = new BigInteger($this->_string_shift($signature, $temp['length']), 256);
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user