From 2fb6f317d6608f6f49ee53ab996648312719ef42 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 6 Feb 2024 04:29:25 -0600 Subject: [PATCH 1/3] SSH2: set stream timeout before calling stream_get_contents --- phpseclib/Net/SSH2.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 1c459672..688c0ac6 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -3646,6 +3646,9 @@ class SSH2 } $start = microtime(true); + $sec = (int) floor($this->curTimeout); + $usec = (int) (1000000 * ($this->curTimeout - $sec)); + stream_set_timeout($this->fsock, $sec, $usec); $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); if (!strlen($raw)) { From c948a9a40781306d754bb3213b42a087606adeb6 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Wed, 7 Feb 2024 20:09:26 -0600 Subject: [PATCH 2/3] SSH2: set stream timeout before calling stream_get_contents --- phpseclib/Net/SSH2.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 1c459672..0b694f32 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1108,6 +1108,8 @@ class SSH2 * Default Constructor. * * $host can either be a string, representing the host, or a stream resource. + * If $host is a stream resource then $port doesn't do anything, altho $timeout + * still will be used * * @param mixed $host * @param int $port @@ -1198,6 +1200,8 @@ class SSH2 31 => 'NET_SSH2_MSG_KEX_ECDH_REPLY') ); + $this->timeout = $timeout; + if (is_resource($host)) { $this->fsock = $host; return; @@ -1206,7 +1210,6 @@ class SSH2 if (is_string($host)) { $this->host = $host; $this->port = $port; - $this->timeout = $timeout; } } @@ -3646,6 +3649,9 @@ class SSH2 } $start = microtime(true); + $sec = (int) floor($this->curTimeout); + $usec = (int) (1000000 * ($this->curTimeout - $sec)); + stream_set_timeout($this->fsock, $sec, $usec); $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); if (!strlen($raw)) { From 89f0d3c952ede0bcbe7e68de966e2e5c4db42c60 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Wed, 7 Feb 2024 20:30:21 -0600 Subject: [PATCH 3/3] Tests: data providers need to be static --- tests/Unit/Crypt/AES/TestCase.php | 8 ++++---- tests/Unit/Crypt/BlowfishTest.php | 2 +- tests/Unit/Crypt/EC/CurveTest.php | 6 +++--- tests/Unit/Crypt/GCMTest.php | 4 ++-- tests/Unit/Crypt/HashTest.php | 4 ++-- tests/Unit/Crypt/RC2Test.php | 6 +++--- tests/Unit/Crypt/RC4Test.php | 2 +- tests/Unit/Crypt/RandomTest.php | 10 ++-------- tests/Unit/Crypt/Salsa20Test.php | 2 +- tests/Unit/Crypt/TripleDESTest.php | 12 ++++++------ tests/Unit/Net/SSH2UnitTest.php | 2 +- 11 files changed, 26 insertions(+), 32 deletions(-) diff --git a/tests/Unit/Crypt/AES/TestCase.php b/tests/Unit/Crypt/AES/TestCase.php index e42fbc3f..29c96b5d 100644 --- a/tests/Unit/Crypt/AES/TestCase.php +++ b/tests/Unit/Crypt/AES/TestCase.php @@ -30,7 +30,7 @@ abstract class TestCase extends PhpseclibTestCase * * @return array */ - public function continuousBufferCombos() + public static function continuousBufferCombos() { $modes = [ 'ctr', @@ -133,7 +133,7 @@ abstract class TestCase extends PhpseclibTestCase * * @return list */ - public function continuousBufferBatteryCombos() + public static function continuousBufferBatteryCombos() { $modes = [ 'ctr', @@ -176,9 +176,9 @@ abstract class TestCase extends PhpseclibTestCase /** * @return array */ - public function continuousBufferBatteryCombosWithoutSingleCombos() + public static function continuousBufferBatteryCombosWithoutSingleCombos() { - return array_filter($this->continuousBufferBatteryCombos(), function (array $continuousBufferBatteryCombo) { + return array_filter(self::continuousBufferBatteryCombos(), function (array $continuousBufferBatteryCombo) { return count($continuousBufferBatteryCombo[2]) > 1; }); } diff --git a/tests/Unit/Crypt/BlowfishTest.php b/tests/Unit/Crypt/BlowfishTest.php index f97dab3e..5d10f12b 100644 --- a/tests/Unit/Crypt/BlowfishTest.php +++ b/tests/Unit/Crypt/BlowfishTest.php @@ -14,7 +14,7 @@ use phpseclib3\Tests\PhpseclibTestCase; class BlowfishTest extends PhpseclibTestCase { - public function engineVectors() + public static function engineVectors() { $engines = [ 'PHP', diff --git a/tests/Unit/Crypt/EC/CurveTest.php b/tests/Unit/Crypt/EC/CurveTest.php index bf201b4e..41cb61e2 100644 --- a/tests/Unit/Crypt/EC/CurveTest.php +++ b/tests/Unit/Crypt/EC/CurveTest.php @@ -16,7 +16,7 @@ use phpseclib3\Tests\PhpseclibTestCase; class CurveTest extends PhpseclibTestCase { - public function curves() + public static function curves() { $curves = []; foreach (new \DirectoryIterator(__DIR__ . '/../../../../phpseclib/Crypt/EC/Curves/') as $file) { @@ -38,7 +38,7 @@ class CurveTest extends PhpseclibTestCase return $curves; } - public function allCurves() + public static function allCurves() { $curves = []; foreach (new \DirectoryIterator(__DIR__ . '/../../../../phpseclib/Crypt/EC/Curves/') as $file) { @@ -55,7 +55,7 @@ class CurveTest extends PhpseclibTestCase return $curves; } - public function curvesWithOIDs() + public static function curvesWithOIDs() { $class = new \ReflectionClass('phpseclib3\Crypt\EC\Formats\Keys\PKCS8'); diff --git a/tests/Unit/Crypt/GCMTest.php b/tests/Unit/Crypt/GCMTest.php index 7e2260bc..5d7e1e0c 100644 --- a/tests/Unit/Crypt/GCMTest.php +++ b/tests/Unit/Crypt/GCMTest.php @@ -18,7 +18,7 @@ class GCMTest extends PhpseclibTestCase * * @return array */ - public function engine128Vectors() + public static function engine128Vectors() { $engines = [ 'PHP', @@ -131,7 +131,7 @@ class GCMTest extends PhpseclibTestCase * * @return array */ - public function engine256Vectors() + public static function engine256Vectors() { $engines = [ 'PHP', diff --git a/tests/Unit/Crypt/HashTest.php b/tests/Unit/Crypt/HashTest.php index a2b5f711..ed14e741 100644 --- a/tests/Unit/Crypt/HashTest.php +++ b/tests/Unit/Crypt/HashTest.php @@ -426,7 +426,7 @@ class HashTest extends PhpseclibTestCase $this->assertSame($hash->getLengthInBytes(), $length); } - public function lengths() + public static function lengths() { return [ // known @@ -439,7 +439,7 @@ class HashTest extends PhpseclibTestCase ]; } - public function UMACs() + public static function UMACs() { return [ ['', 'umac-32', '113145FB', "umac-32 and message of "], diff --git a/tests/Unit/Crypt/RC2Test.php b/tests/Unit/Crypt/RC2Test.php index 9b424a8e..a648bc19 100644 --- a/tests/Unit/Crypt/RC2Test.php +++ b/tests/Unit/Crypt/RC2Test.php @@ -13,14 +13,14 @@ use phpseclib3\Tests\PhpseclibTestCase; class RC2Test extends PhpseclibTestCase { - public $engines = [ + public static $engines = [ 'PHP', 'Eval', 'mcrypt', 'OpenSSL', ]; - public function engineVectors() + public static function engineVectors() { // tests from https://tools.ietf.org/html/rfc2268#page-8 $tests = [ @@ -37,7 +37,7 @@ class RC2Test extends PhpseclibTestCase $result = []; - foreach ($this->engines as $engine) { + foreach (self::$engines as $engine) { foreach ($tests as $test) { $result[] = [$engine, $test[0], $test[1], $test[2], $test[3]]; } diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index 5fec1f7d..109abcf7 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -14,7 +14,7 @@ use phpseclib3\Tests\PhpseclibTestCase; class RC4Test extends PhpseclibTestCase { - public function engineVectors() + public static function engineVectors() { $engines = [ 'PHP', diff --git a/tests/Unit/Crypt/RandomTest.php b/tests/Unit/Crypt/RandomTest.php index 856e47d1..95aecfd3 100644 --- a/tests/Unit/Crypt/RandomTest.php +++ b/tests/Unit/Crypt/RandomTest.php @@ -13,9 +13,9 @@ use phpseclib3\Tests\PhpseclibTestCase; class RandomTest extends PhpseclibTestCase { - public function stringLengthData() + public static function stringLengthData() { - return array_map([$this, 'wrap'], [ + return array_map(function($x) { return [$x]; }, [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 17, 19, 20, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 111, 128, 1000, 1024, 10000, 12345, 100000, 123456 @@ -50,10 +50,4 @@ class RandomTest extends PhpseclibTestCase $values[$rand] = true; } } - - protected function wrap($x) - { - // array() is not a function, but $this->wrap() is. - return [$x]; - } } diff --git a/tests/Unit/Crypt/Salsa20Test.php b/tests/Unit/Crypt/Salsa20Test.php index 7bced092..c550fa77 100644 --- a/tests/Unit/Crypt/Salsa20Test.php +++ b/tests/Unit/Crypt/Salsa20Test.php @@ -13,7 +13,7 @@ use phpseclib3\Tests\PhpseclibTestCase; class Salsa20Test extends PhpseclibTestCase { - public function engineVectors() + public static function engineVectors() { $engines = [ 'PHP', diff --git a/tests/Unit/Crypt/TripleDESTest.php b/tests/Unit/Crypt/TripleDESTest.php index b226f779..15b77db5 100644 --- a/tests/Unit/Crypt/TripleDESTest.php +++ b/tests/Unit/Crypt/TripleDESTest.php @@ -13,14 +13,14 @@ use phpseclib3\Tests\PhpseclibTestCase; class TripleDESTest extends PhpseclibTestCase { - public $engines = [ + public static $engines = [ 'PHP', 'Eval', 'mcrypt', 'OpenSSL', ]; - public function engineVectors() + public static function engineVectors() { // tests from http://csrc.nist.gov/publications/nistpubs/800-20/800-20.pdf#page=273 $tests = [ @@ -94,7 +94,7 @@ class TripleDESTest extends PhpseclibTestCase $result = []; - foreach ($this->engines as $engine) { + foreach (self::$engines as $engine) { foreach ($tests as $test) { $result[] = [$engine, $test[0], $test[1], $test[2]]; } @@ -121,7 +121,7 @@ class TripleDESTest extends PhpseclibTestCase $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); } - public function engineIVVectors() + public static function engineIVVectors() { $engines = [ 'PHP', @@ -184,7 +184,7 @@ class TripleDESTest extends PhpseclibTestCase $des->setKey('abcdefghijklmnopqrstuvwx'); $des->setIV(str_repeat("\0", $des->getBlockLength() >> 3)); - foreach ($this->engines as $engine) { + foreach (self::$engines as $engine) { $des->setPreferredEngine($engine); if (!$des->isValidEngine($engine)) { self::markTestSkipped("Unable to initialize $engine engine"); @@ -212,7 +212,7 @@ class TripleDESTest extends PhpseclibTestCase /** * @return list */ - public function provideForCorrectSelfUseInLambda() + public static function provideForCorrectSelfUseInLambda() { return [ ['YWFhYWFhYWFhYWFhYWFhYWFhYWG9l9gm', 'fDSmC5bbLdx8NKYLltst3Hw0pguW2y3cfDSmC5bbLdxmhqEOIeS2ig=='], diff --git a/tests/Unit/Net/SSH2UnitTest.php b/tests/Unit/Net/SSH2UnitTest.php index 42497c06..0a67b10d 100644 --- a/tests/Unit/Net/SSH2UnitTest.php +++ b/tests/Unit/Net/SSH2UnitTest.php @@ -14,7 +14,7 @@ use phpseclib3\Tests\PhpseclibTestCase; class SSH2UnitTest extends PhpseclibTestCase { - public function formatLogDataProvider() + public static function formatLogDataProvider() { return [ [