From 24bb941799984f70003ea79508756cb86c440f9c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 7 Apr 2014 00:30:50 -0500 Subject: [PATCH] SSH1: do fsockopen() call when login has been called --- phpseclib/Net/SSH1.php | 90 ++++++++++++++++++++++++++++++++++++------ 1 file changed, 78 insertions(+), 12 deletions(-) diff --git a/phpseclib/Net/SSH1.php b/phpseclib/Net/SSH1.php index ed70a289..160b77d5 100644 --- a/phpseclib/Net/SSH1.php +++ b/phpseclib/Net/SSH1.php @@ -182,8 +182,9 @@ define('NET_SSH1_RESPONSE_DATA', 2); * @access private */ define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001); -define('NET_SSH1_MASK_LOGIN', 0x00000002); -define('NET_SSH1_MASK_SHELL', 0x00000004); +define('NET_SSH1_MASK_CONNECTED', 0x00000002); +define('NET_SSH1_MASK_LOGIN', 0x00000004); +define('NET_SSH1_MASK_SHELL', 0x00000008); /**#@-*/ /**#@+ @@ -457,6 +458,48 @@ class Net_SSH1 */ var $log_short_width = 16; + /** + * Hostname + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var String + * @access private + */ + var $host; + + /** + * Port Number + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $port; + + /** + * Timeout for Constructor + * + * For historical BC purposes setTimeout() does not effect timeout of constructor + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $constructorTimeout; + + /** + * Default cipher + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $cipher; + /** * Default Constructor. * @@ -505,10 +548,24 @@ class Net_SSH1 $this->_define_array($this->protocol_flags); - $this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout); + $this->host = $host; + $this->port = $port; + $this->constructorTimeout = $timeout; + $this->cipher = $cipher; + } + + /** + * Connect to an SSHv1 server + * + * @return Boolean + * @access private + */ + function _connect() + { + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->constructorTimeout); if (!$this->fsock) { - user_error(rtrim("Cannot connect to $host. Error $errno. $errstr")); - return; + user_error(rtrim("Cannot connect to $this->host:$this->port. Error $errno. $errstr")); + return false; } $this->server_identification = $init_line = fgets($this->fsock, 255); @@ -520,11 +577,11 @@ class Net_SSH1 if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) { user_error('Can only connect to SSH servers'); - return; + return false; } if ($parts[1][0] != 1) { user_error("Cannot connect to SSH $parts[1] servers"); - return; + return false; } fputs($this->fsock, $this->identifier."\r\n"); @@ -532,7 +589,7 @@ class Net_SSH1 $response = $this->_get_binary_packet(); if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) { user_error('Expected SSH_SMSG_PUBLIC_KEY'); - return; + return false; } $anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8); @@ -612,12 +669,12 @@ class Net_SSH1 ); } - $cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES; + $cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : NET_SSH1_CIPHER_3DES; $data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_SESSION_KEY'); - return; + return false; } switch ($cipher) { @@ -656,10 +713,12 @@ class Net_SSH1 if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { user_error('Expected SSH_SMSG_SUCCESS'); - return; + return false; } - $this->bitmap = NET_SSH1_MASK_CONSTRUCTOR; + $this->bitmap = NET_SSH1_MASK_CONNECTED; + + return true; } /** @@ -673,6 +732,13 @@ class Net_SSH1 function login($username, $password = '') { if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) { + $this->bitmap |= NET_SSH1_MASK_CONSTRUCTOR; + if (!$this->_connect()) { + return false; + } + } + + if (!($this->bitmap & NET_SSH1_MASK_CONNECTED)) { return false; }