mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-12-29 04:23:34 +00:00
Merge branch '2.0' into 3.0
This commit is contained in:
commit
1a201dd131
@ -267,6 +267,18 @@ class SSH2
|
|||||||
*/
|
*/
|
||||||
private $server_host_key_algorithms = false;
|
private $server_host_key_algorithms = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Supported Private Key Algorithms
|
||||||
|
*
|
||||||
|
* In theory this should be the same as the Server Host Key Algorithms but, in practice,
|
||||||
|
* some servers (eg. Azure) will support rsa-sha2-512 as a server host key algorithm but
|
||||||
|
* not a private key algorithm
|
||||||
|
*
|
||||||
|
* @see self::privatekey_login()
|
||||||
|
* @var array|false
|
||||||
|
*/
|
||||||
|
private $supported_private_key_algorithms = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encryption Algorithms: Client to Server
|
* Encryption Algorithms: Client to Server
|
||||||
*
|
*
|
||||||
@ -1546,6 +1558,8 @@ class SSH2
|
|||||||
$first_kex_packet_follows
|
$first_kex_packet_follows
|
||||||
) = Strings::unpackSSH2('L10C', $response);
|
) = Strings::unpackSSH2('L10C', $response);
|
||||||
|
|
||||||
|
$this->supported_private_key_algorithms = $this->server_host_key_algorithms;
|
||||||
|
|
||||||
if ($send_kex) {
|
if ($send_kex) {
|
||||||
$this->send_binary_packet($kexinit_payload_client);
|
$this->send_binary_packet($kexinit_payload_client);
|
||||||
}
|
}
|
||||||
@ -2533,7 +2547,7 @@ class SSH2
|
|||||||
if (isset($this->preferred['hostkey'])) {
|
if (isset($this->preferred['hostkey'])) {
|
||||||
$algos = array_intersect($this->preferred['hostkey'], $algos);
|
$algos = array_intersect($this->preferred['hostkey'], $algos);
|
||||||
}
|
}
|
||||||
$algo = self::array_intersect_first($algos, $this->server_host_key_algorithms);
|
$algo = self::array_intersect_first($algos, $this->supported_private_key_algorithms);
|
||||||
switch ($algo) {
|
switch ($algo) {
|
||||||
case 'rsa-sha2-512':
|
case 'rsa-sha2-512':
|
||||||
$hash = 'sha512';
|
$hash = 'sha512';
|
||||||
@ -2602,6 +2616,10 @@ class SSH2
|
|||||||
switch ($type) {
|
switch ($type) {
|
||||||
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
||||||
list($auth_methods) = Strings::unpackSSH2('L', $response);
|
list($auth_methods) = Strings::unpackSSH2('L', $response);
|
||||||
|
if (in_array('publickey', $auth_methods) && substr($signatureType, 0, 9) == 'rsa-sha2-') {
|
||||||
|
$this->supported_private_key_algorithms = array_diff($this->supported_private_key_algorithms, ['rsa-sha2-256', 'rsa-sha2-512']);
|
||||||
|
return $this->privatekey_login($username, $privatekey);
|
||||||
|
}
|
||||||
$this->auth_methods_to_continue = $auth_methods;
|
$this->auth_methods_to_continue = $auth_methods;
|
||||||
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE';
|
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE';
|
||||||
return false;
|
return false;
|
||||||
|
Loading…
Reference in New Issue
Block a user