mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-12-27 19:54:57 +00:00
commit
8816719671
4
AUTHORS
4
AUTHORS
@ -1,3 +1,5 @@
|
||||
phpseclib Lead Developer: TerraFrost (Jim Wigginton)
|
||||
|
||||
phpseclib Developers: monnerat (Patrick Monnerat)
|
||||
phpseclib Developers: monnerat (Patrick Monnerat)
|
||||
bantu (Andreas Fischer)
|
||||
petrich (Hans-Jürgen Petrich)
|
||||
|
@ -43,6 +43,9 @@
|
||||
"File": "phpseclib/",
|
||||
"Math": "phpseclib/",
|
||||
"Net": "phpseclib/"
|
||||
}
|
||||
},
|
||||
"files": [
|
||||
"phpseclib/Crypt/Random.php"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -168,7 +168,7 @@ class Crypt_Hash {
|
||||
* Keys can be of any length.
|
||||
*
|
||||
* @access public
|
||||
* @param String $key
|
||||
* @param optional String $key
|
||||
*/
|
||||
function setKey($key = false)
|
||||
{
|
||||
@ -350,7 +350,7 @@ class Crypt_Hash {
|
||||
* Wrapper for MD5
|
||||
*
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param String $m
|
||||
*/
|
||||
function _md5($m)
|
||||
{
|
||||
@ -361,7 +361,7 @@ class Crypt_Hash {
|
||||
* Wrapper for SHA1
|
||||
*
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param String $m
|
||||
*/
|
||||
function _sha1($m)
|
||||
{
|
||||
@ -374,7 +374,7 @@ class Crypt_Hash {
|
||||
* See {@link http://tools.ietf.org/html/rfc1319 RFC1319}.
|
||||
*
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param String $m
|
||||
*/
|
||||
function _md2($m)
|
||||
{
|
||||
@ -450,7 +450,7 @@ class Crypt_Hash {
|
||||
* See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}.
|
||||
*
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param String $m
|
||||
*/
|
||||
function _sha256($m)
|
||||
{
|
||||
@ -555,7 +555,7 @@ class Crypt_Hash {
|
||||
* Pure-PHP implementation of SHA384 and SHA512
|
||||
*
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param String $m
|
||||
*/
|
||||
function _sha512($m)
|
||||
{
|
||||
@ -784,9 +784,8 @@ class Crypt_Hash {
|
||||
* _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
|
||||
* possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
|
||||
*
|
||||
* @param String $string
|
||||
* @param optional Integer $index
|
||||
* @return String
|
||||
* @param Integer $...
|
||||
* @return Integer
|
||||
* @see _sha256()
|
||||
* @access private
|
||||
*/
|
||||
|
@ -83,7 +83,7 @@ if (!class_exists('Math_BigInteger')) {
|
||||
// will trigger a call to __autoload() if you're wanting to auto-load classes
|
||||
// call function_exists() a second time to stop the require_once from being called outside
|
||||
// of the auto loader
|
||||
if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
|
||||
if (!function_exists('crypt_random_string')) {
|
||||
require_once('Crypt/Random.php');
|
||||
}
|
||||
|
||||
@ -465,7 +465,7 @@ class Crypt_RSA {
|
||||
|
||||
if ( !defined('CRYPT_RSA_MODE') ) {
|
||||
switch (true) {
|
||||
case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>='):
|
||||
case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile):
|
||||
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL);
|
||||
break;
|
||||
default:
|
||||
@ -2142,6 +2142,7 @@ class Crypt_RSA {
|
||||
}
|
||||
|
||||
// EME-PKCS1-v1_5 encoding
|
||||
|
||||
$psLen = $this->k - $mLen - 3;
|
||||
$ps = '';
|
||||
while (strlen($ps) != $psLen) {
|
||||
@ -2149,7 +2150,14 @@ class Crypt_RSA {
|
||||
$temp = str_replace("\x00", '', $temp);
|
||||
$ps.= $temp;
|
||||
}
|
||||
$em = chr(0) . chr(2) . $ps . chr(0) . $m;
|
||||
$type = 2;
|
||||
// see the comments of _rsaes_pkcs1_v1_5_decrypt() to understand why this is being done
|
||||
if (defined('CRYPT_RSA_PKCS15_COMPAT') && (!isset($this->publicExponent) || $this->exponent !== $this->publicExponent)) {
|
||||
$type = 1;
|
||||
// "The padding string PS shall consist of k-3-||D|| octets. ... for block type 01, they shall have value FF"
|
||||
$ps = str_repeat("\xFF", $psLen);
|
||||
}
|
||||
$em = chr(0) . chr($type) . $ps . chr(0) . $m;
|
||||
|
||||
// RSA encryption
|
||||
$m = $this->_os2ip($em);
|
||||
|
@ -53,7 +53,8 @@
|
||||
* @return String
|
||||
* @access public
|
||||
*/
|
||||
function crypt_random_string($length) {
|
||||
function crypt_random_string($length)
|
||||
{
|
||||
// PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster
|
||||
if ((PHP_OS & "\xDF\xDF\xDF") === 'WIN') {
|
||||
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
|
||||
|
@ -319,8 +319,12 @@ class File_ASN1 {
|
||||
// support it up to four.
|
||||
$length&= 0x7F;
|
||||
$temp = $this->_string_shift($encoded, $length);
|
||||
// tags of indefinte length don't really have a header length; this length includes the tag
|
||||
$current+= array('headerlength' => $length + 2);
|
||||
$start+= $length;
|
||||
extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)));
|
||||
} else {
|
||||
$current+= array('headerlength' => 2);
|
||||
}
|
||||
|
||||
// End-of-content, see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2
|
||||
@ -349,6 +353,7 @@ class File_ASN1 {
|
||||
'content' => $constructed ? $this->_decode_ber($content, $start) : $content,
|
||||
'length' => $length + $start - $current['start']
|
||||
) + $current;
|
||||
$start+= $length;
|
||||
continue 2;
|
||||
}
|
||||
|
||||
@ -913,6 +918,9 @@ class File_ASN1 {
|
||||
}
|
||||
$value = new Math_BigInteger($value);
|
||||
$value = $value->toBytes(true);
|
||||
if (!strlen($value)) {
|
||||
$value = chr(0);
|
||||
}
|
||||
}
|
||||
break;
|
||||
case FILE_ASN1_TYPE_UTC_TIME:
|
||||
|
@ -1436,18 +1436,7 @@ class File_X509 {
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
/*
|
||||
X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
|
||||
some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
|
||||
|
||||
subject=/O=organization/OU=org unit/CN=common name
|
||||
issuer=/O=organization/CN=common name
|
||||
*/
|
||||
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $cert);
|
||||
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
|
||||
if ($temp != false) {
|
||||
$cert = $temp;
|
||||
}
|
||||
$cert = $this->_extractBER($cert);
|
||||
|
||||
if ($cert === false) {
|
||||
$this->currentCert = false;
|
||||
@ -2804,11 +2793,7 @@ class File_X509 {
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $csr);
|
||||
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
|
||||
if ($temp != false) {
|
||||
$csr = $temp;
|
||||
}
|
||||
$csr = $this->_extractBER($csr);
|
||||
$orig = $csr;
|
||||
|
||||
if ($csr === false) {
|
||||
@ -3000,11 +2985,7 @@ class File_X509 {
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $crl);
|
||||
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
|
||||
if ($temp != false) {
|
||||
$crl = $temp;
|
||||
}
|
||||
$crl = $this->_extractBER($crl);
|
||||
$orig = $crl;
|
||||
|
||||
if ($crl === false) {
|
||||
@ -4337,4 +4318,31 @@ class File_X509 {
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Extract raw BER from Base64 encoding
|
||||
*
|
||||
* @access private
|
||||
* @param String $str
|
||||
* @return String
|
||||
*/
|
||||
function _extractBER($str)
|
||||
{
|
||||
/*
|
||||
X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
|
||||
some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
|
||||
|
||||
Bag Attributes
|
||||
localKeyID: 01 00 00 00
|
||||
subject=/O=organization/OU=org unit/CN=common name
|
||||
issuer=/O=organization/CN=common name
|
||||
*/
|
||||
$temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
|
||||
// remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
|
||||
$temp = preg_replace('#-+[^-]+-+#', '', $temp);
|
||||
// remove new lines
|
||||
$temp = str_replace(array("\r", "\n", ' '), '', $temp);
|
||||
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
|
||||
return $temp != false ? $temp : $str;
|
||||
}
|
||||
}
|
@ -297,7 +297,30 @@ class Net_SFTP extends Net_SSH2 {
|
||||
5 => 'NET_SFTP_STATUS_BAD_MESSAGE',
|
||||
6 => 'NET_SFTP_STATUS_NO_CONNECTION',
|
||||
7 => 'NET_SFTP_STATUS_CONNECTION_LOST',
|
||||
8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED'
|
||||
8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED',
|
||||
9 => 'NET_SFTP_STATUS_INVALID_HANDLE',
|
||||
10 => 'NET_SFTP_STATUS_NO_SUCH_PATH',
|
||||
11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS',
|
||||
12 => 'NET_SFTP_STATUS_WRITE_PROTECT',
|
||||
13 => 'NET_SFTP_STATUS_NO_MEDIA',
|
||||
14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM',
|
||||
15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED',
|
||||
16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL',
|
||||
17 => 'NET_SFTP_STATUS_LOCK_CONFLICT',
|
||||
18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY',
|
||||
19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY',
|
||||
20 => 'NET_SFTP_STATUS_INVALID_FILENAME',
|
||||
21 => 'NET_SFTP_STATUS_LINK_LOOP',
|
||||
22 => 'NET_SFTP_STATUS_CANNOT_DELETE',
|
||||
23 => 'NET_SFTP_STATUS_INVALID_PARAMETER',
|
||||
24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY',
|
||||
25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT',
|
||||
26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED',
|
||||
27 => 'NET_SFTP_STATUS_DELETE_PENDING',
|
||||
28 => 'NET_SFTP_STATUS_FILE_CORRUPT',
|
||||
29 => 'NET_SFTP_STATUS_OWNER_INVALID',
|
||||
30 => 'NET_SFTP_STATUS_GROUP_INVALID',
|
||||
31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK'
|
||||
);
|
||||
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1
|
||||
// the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why
|
||||
@ -985,7 +1008,7 @@ class Net_SFTP extends Net_SSH2 {
|
||||
*/
|
||||
function _size($filename)
|
||||
{
|
||||
$result = $this->_stat($filename, NET_SFTP_LSTAT);
|
||||
$result = $this->_stat($filename, NET_SFTP_STAT);
|
||||
if ($result === false) {
|
||||
return false;
|
||||
}
|
||||
@ -1648,6 +1671,7 @@ class Net_SFTP extends Net_SSH2 {
|
||||
}
|
||||
break;
|
||||
case NET_SFTP_STATUS:
|
||||
// could, in theory, return false if !strlen($content) but we'll hold off for the time being
|
||||
$this->_logError($response);
|
||||
break 2;
|
||||
default:
|
||||
@ -1691,6 +1715,7 @@ class Net_SFTP extends Net_SSH2 {
|
||||
return false;
|
||||
}
|
||||
|
||||
// if $content isn't set that means a file was written to
|
||||
if (isset($content)) {
|
||||
return $content;
|
||||
}
|
||||
@ -1891,8 +1916,11 @@ class Net_SFTP extends Net_SSH2 {
|
||||
break;
|
||||
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
|
||||
$attr+= unpack('Npermissions', $this->_string_shift($response, 4));
|
||||
// mode == permissions; permissions was the original array key and is retained for bc purposes.
|
||||
// mode was added because that's the more industry standard terminology
|
||||
$attr+= array('mode' => $attr['permissions']);
|
||||
$fileType = $this->_parseMode($attr['permissions']);
|
||||
if ($filetype !== false) {
|
||||
if ($fileType !== false) {
|
||||
$attr+= array('type' => $fileType);
|
||||
}
|
||||
break;
|
||||
|
759
phpseclib/Net/SFTP/Stream.php
Normal file
759
phpseclib/Net/SFTP/Stream.php
Normal file
@ -0,0 +1,759 @@
|
||||
<?php
|
||||
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
||||
|
||||
/**
|
||||
* SFTP Stream Wrapper
|
||||
*
|
||||
* Creates an sftp:// protocol handler that can be used with, for example, fopen(), dir(), etc.
|
||||
*
|
||||
* PHP version 5
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Net
|
||||
* @package Net_SFTP_Stream
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMXIII Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Net_SSH2
|
||||
*/
|
||||
if (!class_exists('Net_SFTP')) {
|
||||
require_once('Net/SFTP.php');
|
||||
}
|
||||
|
||||
/**
|
||||
* SFTP Stream Wrapper
|
||||
*
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @version 0.3.2
|
||||
* @access public
|
||||
* @package Net_SFTP_Stream
|
||||
*/
|
||||
class Net_SFTP_Stream {
|
||||
/**
|
||||
* SFTP instances
|
||||
*
|
||||
* Rather than re-create the connection we re-use instances if possible
|
||||
*
|
||||
* @var Array
|
||||
* @access static
|
||||
*/
|
||||
static $instances;
|
||||
|
||||
/**
|
||||
* SFTP instance
|
||||
*
|
||||
* @var Object
|
||||
* @access private
|
||||
*/
|
||||
var $sftp;
|
||||
|
||||
/**
|
||||
* Path
|
||||
*
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $path;
|
||||
|
||||
/**
|
||||
* Mode
|
||||
*
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $mode;
|
||||
|
||||
/**
|
||||
* Position
|
||||
*
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $pos;
|
||||
|
||||
/**
|
||||
* Size
|
||||
*
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $size;
|
||||
|
||||
/**
|
||||
* Directory entries
|
||||
*
|
||||
* @var Array
|
||||
* @access private
|
||||
*/
|
||||
var $entries;
|
||||
|
||||
/**
|
||||
* EOF flag
|
||||
*
|
||||
* @var Boolean
|
||||
* @access private
|
||||
*/
|
||||
var $eof;
|
||||
|
||||
/**
|
||||
* Context resource
|
||||
*
|
||||
* Technically this needs to be publically accessible so PHP can set it directly
|
||||
*
|
||||
* @var Resource
|
||||
* @access public
|
||||
*/
|
||||
var $context;
|
||||
|
||||
/**
|
||||
* Notification callback function
|
||||
*
|
||||
* @var Callable
|
||||
* @access public
|
||||
*/
|
||||
var $notification;
|
||||
|
||||
/**
|
||||
* Path Parser
|
||||
*
|
||||
* Extract a path from a URI and actually connect to an SSH server if appropriate
|
||||
*
|
||||
* If "notification" is set as a context parameter the message code for successful login is
|
||||
* NET_SSH2_MSG_USERAUTH_SUCCESS. For a failed login it's NET_SSH2_MSG_USERAUTH_FAILURE.
|
||||
*
|
||||
* @param String $path
|
||||
* @return String
|
||||
* @access private
|
||||
*/
|
||||
function _parse_path($path)
|
||||
{
|
||||
extract(parse_url($path));
|
||||
|
||||
if (!isset($host)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$context = stream_context_get_params($this->context);
|
||||
if (isset($context['notification'])) {
|
||||
$this->notification = $context['notification'];
|
||||
}
|
||||
|
||||
if ($host[0] == '$') {
|
||||
$host = substr($host, 1);
|
||||
global $$host;
|
||||
if (!is_object($$host) || get_class($$host) != 'Net_sFTP') {
|
||||
return false;
|
||||
}
|
||||
$this->sftp = $$host;
|
||||
} else {
|
||||
$context = stream_context_get_options($this->context);
|
||||
if (isset($context['sftp']['session'])) {
|
||||
$sftp = $context['sftp']['session'];
|
||||
}
|
||||
if (isset($context['sftp']['sftp'])) {
|
||||
$sftp = $context['sftp']['sftp'];
|
||||
}
|
||||
if (isset($sftp) && is_object($sftp) && get_class($sftp) == 'Net_SFTP') {
|
||||
$this->sftp = $sftp;
|
||||
return $path;
|
||||
}
|
||||
if (isset($context['sftp']['username'])) {
|
||||
$user = $context['sftp']['username'];
|
||||
}
|
||||
if (isset($context['sftp']['password'])) {
|
||||
$pass = $context['sftp']['password'];
|
||||
}
|
||||
if (isset($context['sftp']['privkey']) && is_object($context['sftp']['privkey']) && get_Class($context['sftp']['privkey']) == 'Crypt_RSA') {
|
||||
$pass = $context['sftp']['privkey'];
|
||||
}
|
||||
|
||||
if (!isset($user) || !isset($pass)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// casting $pass to a string is necessary in the event that it's a Crypt_RSA object
|
||||
if (isset(self::$instances[$host][$port][$user][(string) $pass])) {
|
||||
$this->sftp = self::$instances[$host][$port][$user][(string) $pass];
|
||||
} else {
|
||||
$this->sftp = new Net_SFTP($host, isset($port) ? $port : 22);
|
||||
if (isset($this->notification) && is_callable($this->notification)) {
|
||||
/* if !is_callable($this->notification) we could do this:
|
||||
|
||||
user_error('fopen(): failed to call user notifier', E_USER_WARNING);
|
||||
|
||||
the ftp wrapper gives errors like that when the notifier isn't callable.
|
||||
i've opted not to do that, however, since the ftp wrapper gives the line
|
||||
on which the fopen occurred as the line number - not the line that the
|
||||
user_error is on.
|
||||
*/
|
||||
call_user_func($this->notification, STREAM_NOTIFY_CONNECT, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0);
|
||||
call_user_func($this->notification, STREAM_NOTIFY_AUTH_REQUIRED, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0);
|
||||
if (!$this->sftp->login($user, $pass)) {
|
||||
call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_ERR, 'Login Failure', NET_SSH2_MSG_USERAUTH_FAILURE, 0, 0);
|
||||
return false;
|
||||
}
|
||||
call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_INFO, 'Login Success', NET_SSH2_MSG_USERAUTH_SUCCESS, 0, 0);
|
||||
} else {
|
||||
if (!$this->sftp->login($user, $pass)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
self::$instances[$host][$port][$user][(string) $pass] = $this->sftp;
|
||||
}
|
||||
}
|
||||
|
||||
return $path;
|
||||
}
|
||||
|
||||
/**
|
||||
* Opens file or URL
|
||||
*
|
||||
* @param String $path
|
||||
* @param String $mode
|
||||
* @param Integer $options
|
||||
* @param String $opened_path
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_open($path, $mode, $options, &$opened_path)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
$this->path = $path;
|
||||
|
||||
$this->size = $this->sftp->size($path);
|
||||
$this->mode = preg_replace('#[bt]$#', '', $mode);
|
||||
|
||||
if ($this->size === false) {
|
||||
if ($this->mode[0] == 'r') {
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
switch ($this->mode[0]) {
|
||||
case 'x':
|
||||
return false;
|
||||
case 'w':
|
||||
case 'c':
|
||||
$this->sftp->truncate($path, 0);
|
||||
}
|
||||
}
|
||||
|
||||
$this->pos = $this->mode[0] != 'a' ? 0 : $size;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Read from stream
|
||||
*
|
||||
* @param Integer $count
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function _stream_read($count)
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case 'w':
|
||||
case 'a':
|
||||
case 'x':
|
||||
case 'c':
|
||||
return false;
|
||||
}
|
||||
|
||||
// commented out because some files - eg. /dev/urandom - will say their size is 0 when in fact it's kinda infinite
|
||||
//if ($this->pos >= $this->size) {
|
||||
// $this->eof = true;
|
||||
// return false;
|
||||
//}
|
||||
|
||||
$result = $this->sftp->get($this->path, false, $this->pos, $count);
|
||||
if (isset($this->notification) && is_callable($this->notification)) {
|
||||
if ($result === false) {
|
||||
call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0);
|
||||
return 0;
|
||||
}
|
||||
// seems that PHP calls stream_read in 8k chunks
|
||||
call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $size);
|
||||
}
|
||||
|
||||
if (empty($result)) { // ie. false or empty string
|
||||
$this->eof = true;
|
||||
return false;
|
||||
}
|
||||
$this->pos+= strlen($result);
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Write to stream
|
||||
*
|
||||
* @param String $data
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function _stream_write($data)
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case 'r':
|
||||
return false;
|
||||
}
|
||||
|
||||
$result = $this->sftp->put($this->path, $data, NET_SFTP_STRING, $this->pos);
|
||||
if (isset($this->notification) && is_callable($this->notification)) {
|
||||
if (!$result) {
|
||||
call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0);
|
||||
return 0;
|
||||
}
|
||||
// seems that PHP splits up strings into 8k blocks before calling stream_write
|
||||
call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($data), strlen($data));
|
||||
}
|
||||
|
||||
if ($result === false) {
|
||||
return false;
|
||||
}
|
||||
$this->pos+= strlen($data);
|
||||
if ($this->pos > $this->size) {
|
||||
$this->size = $this->pos;
|
||||
}
|
||||
$this->eof = false;
|
||||
return strlen($data);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the current position of a stream
|
||||
*
|
||||
* @return Integer
|
||||
* @access public
|
||||
*/
|
||||
function _stream_tell()
|
||||
{
|
||||
return $this->pos;
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests for end-of-file on a file pointer
|
||||
*
|
||||
* In my testing there are four classes functions that normally effect the pointer:
|
||||
* fseek, fputs / fwrite, fgets / fread and ftruncate.
|
||||
*
|
||||
* Only fgets / fread, however, results in feof() returning true. do fputs($fp, 'aaa') on a blank file and feof()
|
||||
* will return false. do fread($fp, 1) and feof() will then return true. do fseek($fp, 10) on ablank file and feof()
|
||||
* will return false. do fread($fp, 1) and feof() will then return true.
|
||||
*
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_eof()
|
||||
{
|
||||
return $this->eof;
|
||||
}
|
||||
|
||||
/**
|
||||
* Seeks to specific location in a stream
|
||||
*
|
||||
* @param Integer $offset
|
||||
* @param Integer $whence
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_seek($offset, $whence)
|
||||
{
|
||||
switch ($whence) {
|
||||
case SEEK_SET:
|
||||
if ($offset >= $this->size || $offset < 0) {
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case SEEK_CUR:
|
||||
$offset+= $this->pos;
|
||||
break;
|
||||
case SEEK_END:
|
||||
$offset+= $this->size;
|
||||
}
|
||||
|
||||
$this->pos = $offset;
|
||||
$this->eof = false;
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Change stream options
|
||||
*
|
||||
* @param String $path
|
||||
* @param Integer $option
|
||||
* @param Mixed $var
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_metadata($path, $option, $var)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// stream_metadata was introduced in PHP 5.4.0 but as of 5.4.11 the constants haven't been defined
|
||||
// see http://www.php.net/streamwrapper.stream-metadata and https://bugs.php.net/64246
|
||||
// and https://github.com/php/php-src/blob/master/main/php_streams.h#L592
|
||||
switch ($option) {
|
||||
case 1: // PHP_STREAM_META_TOUCH
|
||||
return $this->sftp->touch($path, $var[0], $var[1]);
|
||||
case 2: // PHP_STREAM_OWNER_NAME
|
||||
case 3: // PHP_STREAM_GROUP_NAME
|
||||
return false;
|
||||
case 4: // PHP_STREAM_META_OWNER
|
||||
return $this->sftp->chown($path, $var);
|
||||
case 5: // PHP_STREAM_META_GROUP
|
||||
return $this->sftp->chgrp($path, $var);
|
||||
case 6: // PHP_STREAM_META_ACCESS
|
||||
return $this->sftp->chmod($path, $var) !== false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the underlaying resource
|
||||
*
|
||||
* @param Integer $cast_as
|
||||
* @return Resource
|
||||
* @access public
|
||||
*/
|
||||
function _stream_cast($cast_as)
|
||||
{
|
||||
return $this->sftp->fsock;
|
||||
}
|
||||
|
||||
/**
|
||||
* Advisory file locking
|
||||
*
|
||||
* @param Integer $operation
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_lock($operation)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Renames a file or directory
|
||||
*
|
||||
* Attempts to rename oldname to newname, moving it between directories if necessary.
|
||||
* If newname exists, it will be overwritten. This is a departure from what Net_SFTP
|
||||
* does.
|
||||
*
|
||||
* @param String $path_from
|
||||
* @param String $path_to
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _rename($path_from, $path_to)
|
||||
{
|
||||
$path1 = parse_url($path_from);
|
||||
$path2 = parse_url($path_to);
|
||||
unset($path1['path'], $path2['path']);
|
||||
if ($path1 != $path2) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$path_from = $this->_parse_path($path_from);
|
||||
$path_to = parse_url($path_to);
|
||||
if ($path_from == false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$path_to = $path_to['path']; // the $component part of parse_url() was added in PHP 5.1.2
|
||||
// "It is an error if there already exists a file with the name specified by newpath."
|
||||
// -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-6.5
|
||||
if (!$this->sftp->rename($path_from, $path_to)) {
|
||||
if ($this->sftp->stat($path_to)) {
|
||||
return $this->sftp->delete($path_to, true) && $this->sftp->rename($path_from, $path_to);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Open directory handle
|
||||
*
|
||||
* The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and
|
||||
* removed in 5.4 I'm just going to ignore it
|
||||
*
|
||||
* @param String $path
|
||||
* @param Integer $options
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _dir_opendir($path, $options)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
$this->pos = 0;
|
||||
$this->entries = $this->sftp->nlist($path);
|
||||
return $this->entries !== false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Read entry from directory handle
|
||||
*
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function _dir_readdir()
|
||||
{
|
||||
if (isset($this->entries[$this->pos])) {
|
||||
return $this->entries[$this->pos++];
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Rewind directory handle
|
||||
*
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _dir_rewinddir()
|
||||
{
|
||||
$this->pos = 0;
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Close directory handle
|
||||
*
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _dir_closedir()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a directory
|
||||
*
|
||||
* Only valid $options is STREAM_MKDIR_RECURSIVE
|
||||
*
|
||||
* @param String $path
|
||||
* @param Integer $mode
|
||||
* @param Integer $options
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _mkdir($path, $mode, $options)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->sftp->mkdir($path, $mode, $options & STREAM_MKDIR_RECURSIVE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Removes a directory
|
||||
*
|
||||
* Only valid $options is STREAM_MKDIR_RECURSIVE per <http://php.net/streamwrapper.rmdir>, however,
|
||||
* <http://php.net/rmdir> does not have a $recursive parameter as mkdir() does so I don't know how
|
||||
* STREAM_MKDIR_RECURSIVE is supposed to be set. Also, when I try it out with rmdir() I get 8 as
|
||||
* $options. What does 8 correspond to?
|
||||
*
|
||||
* @param String $path
|
||||
* @param Integer $mode
|
||||
* @param Integer $options
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _rmdir($path, $options)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->sftp->rmdir($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* Flushes the output
|
||||
*
|
||||
* See <http://php.net/fflush>. Always returns true because Net_SFTP doesn't cache stuff before writing
|
||||
*
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_flush()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve information about a file resource
|
||||
*
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function _stream_stat()
|
||||
{
|
||||
$results = $this->sftp->stat($this->path);
|
||||
if ($results === false) {
|
||||
return false;
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete a file
|
||||
*
|
||||
* @param String $path
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _unlink($path)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->sftp->delete($path, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve information about a file
|
||||
*
|
||||
* Ignores the STREAM_URL_STAT_QUIET flag because the entirety of Net_SFTP_Stream is quiet by default
|
||||
* might be worthwhile to reconstruct bits 12-16 (ie. the file type) if mode doesn't have them but we'll
|
||||
* cross that bridge when and if it's reached
|
||||
*
|
||||
* @param String $path
|
||||
* @param Integer $flags
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function _url_stat($path, $flags)
|
||||
{
|
||||
$path = $this->_parse_path($path);
|
||||
if ($path === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$results = $flags & STREAM_URL_STAT_LINK ? $this->sftp->lstat($path) : $this->sftp->stat($path);
|
||||
if ($results === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $results;
|
||||
}
|
||||
|
||||
/**
|
||||
* Truncate stream
|
||||
*
|
||||
* @param Integer $new_size
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_truncate($new_size)
|
||||
{
|
||||
if (!$this->sftp->truncate($this->path, $new_size)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->eof = false;
|
||||
$this->size = $new_size;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Change stream options
|
||||
*
|
||||
* STREAM_OPTION_WRITE_BUFFER isn't supported for the same reason stream_flush isn't.
|
||||
* The other two aren't supported because of limitations in Net_SFTP.
|
||||
*
|
||||
* @param Integer $option
|
||||
* @param Integer $arg1
|
||||
* @param Integer $arg2
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function _stream_set_option($option, $arg1, $arg2)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Close an resource
|
||||
*
|
||||
* @access public
|
||||
*/
|
||||
function _stream_close()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* __call Magic Method
|
||||
*
|
||||
* When you're utilizing an SFTP stream you're not calling the methods in this class directly - PHP is calling them for you.
|
||||
* Which kinda begs the question... what methods is PHP calling and what parameters is it passing to them? This function
|
||||
* lets you figure that out.
|
||||
*
|
||||
* If NET_SFTP_STREAM_LOGGING is defined all calls will be output on the screen and then (regardless of whether or not
|
||||
* NET_SFTP_STREAM_LOGGING is enabled) the parameters will be passed through to the appropriate method.
|
||||
*
|
||||
* @param String
|
||||
* @param Array
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function __call($name, $arguments)
|
||||
{
|
||||
if (defined('NET_SFTP_STREAM_LOGGING')) {
|
||||
echo $name . '(';
|
||||
$last = count($arguments) - 1;
|
||||
foreach ($arguments as $i => $argument) {
|
||||
var_export($argument);
|
||||
if ($i != $last) {
|
||||
echo ',';
|
||||
}
|
||||
}
|
||||
echo ")\r\n";
|
||||
}
|
||||
$name = '_' . $name;
|
||||
if (!method_exists($this, $name)) {
|
||||
return false;
|
||||
}
|
||||
return call_user_func_array(array($this, $name), $arguments);
|
||||
}
|
||||
}
|
||||
|
||||
stream_wrapper_register('sftp', 'Net_SFTP_Stream');
|
@ -80,11 +80,7 @@ if (!class_exists('Math_BigInteger')) {
|
||||
/**
|
||||
* Include Crypt_Random
|
||||
*/
|
||||
// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
|
||||
// will trigger a call to __autoload() if you're wanting to auto-load classes
|
||||
// call function_exists() a second time to stop the require_once from being called outside
|
||||
// of the auto loader
|
||||
if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
|
||||
if (!function_exists('crypt_random_string')) {
|
||||
require_once('Crypt/Random.php');
|
||||
}
|
||||
|
||||
@ -123,8 +119,9 @@ if (!class_exists('Crypt_AES')) {
|
||||
* @access private
|
||||
*/
|
||||
define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001);
|
||||
define('NET_SSH2_MASK_LOGIN', 0x00000002);
|
||||
define('NET_SSH2_MASK_SHELL', 0x00000004);
|
||||
define('NET_SSH2_MASK_LOGIN_REQ', 0x00000002);
|
||||
define('NET_SSH2_MASK_LOGIN', 0x00000004);
|
||||
define('NET_SSH2_MASK_SHELL', 0x00000008);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
@ -732,6 +729,29 @@ class Net_SSH2 {
|
||||
*/
|
||||
var $in_request_pty_exec = false;
|
||||
|
||||
/**
|
||||
* Contents of stdError
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
var $stdErrorLog;
|
||||
|
||||
/**
|
||||
* The Last Interactive Response
|
||||
*
|
||||
* @see Net_SSH2::_keyboard_interactive_process()
|
||||
* @access private
|
||||
*/
|
||||
var $last_interactive_response = '';
|
||||
|
||||
/**
|
||||
* Keyboard Interactive Request / Responses
|
||||
*
|
||||
* @see Net_SSH2::_keyboard_interactive_process()
|
||||
* @access private
|
||||
*/
|
||||
var $keyboard_requests_responses = array();
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
@ -1449,40 +1469,72 @@ class Net_SSH2 {
|
||||
/**
|
||||
* Login
|
||||
*
|
||||
* The $password parameter can be a plaintext password or a Crypt_RSA object.
|
||||
* The $password parameter can be a plaintext password, a Crypt_RSA object or an array
|
||||
*
|
||||
* @param String $username
|
||||
* @param Mixed $password
|
||||
* @param Mixed $...
|
||||
* @return Boolean
|
||||
* @see _login_helper
|
||||
* @access public
|
||||
*/
|
||||
function login($username)
|
||||
{
|
||||
$args = array_slice(func_get_args(), 1);
|
||||
if (empty($args)) {
|
||||
return $this->_login_helper($username);
|
||||
}
|
||||
|
||||
foreach ($args as $arg) {
|
||||
if ($this->_login_helper($username, $arg)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Login Helper
|
||||
*
|
||||
* @param String $username
|
||||
* @param optional String $password
|
||||
* @return Boolean
|
||||
* @access public
|
||||
* @access private
|
||||
* @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis}
|
||||
* by sending dummy SSH_MSG_IGNORE messages.
|
||||
*/
|
||||
function login($username, $password = null)
|
||||
function _login_helper($username, $password = null)
|
||||
{
|
||||
if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$packet = pack('CNa*',
|
||||
NET_SSH2_MSG_SERVICE_REQUEST, strlen('ssh-userauth'), 'ssh-userauth'
|
||||
);
|
||||
if (!($this->bitmap & NET_SSH2_MASK_LOGIN_REQ)) {
|
||||
$packet = pack('CNa*',
|
||||
NET_SSH2_MSG_SERVICE_REQUEST, strlen('ssh-userauth'), 'ssh-userauth'
|
||||
);
|
||||
|
||||
if (!$this->_send_binary_packet($packet)) {
|
||||
return false;
|
||||
if (!$this->_send_binary_packet($packet)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$response = $this->_get_binary_packet();
|
||||
if ($response === false) {
|
||||
user_error('Connection closed by server');
|
||||
return false;
|
||||
}
|
||||
|
||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||
|
||||
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
|
||||
user_error('Expected SSH_MSG_SERVICE_ACCEPT');
|
||||
return false;
|
||||
}
|
||||
$this->bitmap |= NET_SSH2_MASK_LOGIN_REQ;
|
||||
}
|
||||
|
||||
$response = $this->_get_binary_packet();
|
||||
if ($response === false) {
|
||||
user_error('Connection closed by server');
|
||||
return false;
|
||||
}
|
||||
|
||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||
|
||||
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
|
||||
user_error('Expected SSH_MSG_SERVICE_ACCEPT');
|
||||
return false;
|
||||
if (strlen($this->last_interactive_response)) {
|
||||
return !is_string($password) && !is_array($password) ? false : $this->_keyboard_interactive_process($password);
|
||||
}
|
||||
|
||||
// although PHP5's get_class() preserves the case, PHP4's does not
|
||||
@ -1490,6 +1542,14 @@ class Net_SSH2 {
|
||||
return $this->_privatekey_login($username, $password);
|
||||
}
|
||||
|
||||
if (is_array($password)) {
|
||||
if ($this->_keyboard_interactive_login($username, $password)) {
|
||||
$this->bitmap |= NET_SSH2_MASK_LOGIN;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!isset($password)) {
|
||||
$packet = pack('CNa*Na*Na*',
|
||||
NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
|
||||
@ -1557,7 +1617,10 @@ class Net_SSH2 {
|
||||
// multi-factor authentication
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
$auth_methods = explode(',', $this->_string_shift($response, $length));
|
||||
if (in_array('keyboard-interactive', $auth_methods)) {
|
||||
extract(unpack('Cpartial_success', $this->_string_shift($response, 1)));
|
||||
$partial_success = $partial_success != 0;
|
||||
|
||||
if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) {
|
||||
if ($this->_keyboard_interactive_login($username, $password)) {
|
||||
$this->bitmap |= NET_SSH2_MASK_LOGIN;
|
||||
return true;
|
||||
@ -1608,25 +1671,20 @@ class Net_SSH2 {
|
||||
{
|
||||
$responses = func_get_args();
|
||||
|
||||
$response = $this->_get_binary_packet();
|
||||
if ($response === false) {
|
||||
user_error('Connection closed by server');
|
||||
return false;
|
||||
if (strlen($this->last_interactive_response)) {
|
||||
$response = $this->last_interactive_response;
|
||||
} else {
|
||||
$orig = $response = $this->_get_binary_packet();
|
||||
if ($response === false) {
|
||||
user_error('Connection closed by server');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
||||
|
||||
switch ($type) {
|
||||
case NET_SSH2_MSG_USERAUTH_INFO_REQUEST:
|
||||
// see http://tools.ietf.org/html/rfc4256#section-3.2
|
||||
if (defined('NET_SSH2_LOGGING')) {
|
||||
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
||||
'UNKNOWN',
|
||||
'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
|
||||
$this->message_number_log[count($this->message_number_log) - 1]
|
||||
);
|
||||
}
|
||||
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
$this->_string_shift($response, $length); // name; may be empty
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
@ -1634,14 +1692,48 @@ class Net_SSH2 {
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
$this->_string_shift($response, $length); // language tag; may be empty
|
||||
extract(unpack('Nnum_prompts', $this->_string_shift($response, 4)));
|
||||
/*
|
||||
for ($i = 0; $i < $num_prompts; $i++) {
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
// prompt - ie. "Password: "; must not be empty
|
||||
$this->_string_shift($response, $length);
|
||||
$echo = $this->_string_shift($response) != chr(0);
|
||||
|
||||
for ($i = 0; $i < count($responses); $i++) {
|
||||
if (is_array($responses[$i])) {
|
||||
foreach ($responses[$i] as $key => $value) {
|
||||
$this->keyboard_requests_responses[$key] = $value;
|
||||
}
|
||||
unset($responses[$i]);
|
||||
}
|
||||
}
|
||||
$responses = array_values($responses);
|
||||
|
||||
if (isset($this->keyboard_requests_responses)) {
|
||||
for ($i = 0; $i < $num_prompts; $i++) {
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
// prompt - ie. "Password: "; must not be empty
|
||||
$prompt = $this->_string_shift($response, $length);
|
||||
//$echo = $this->_string_shift($response) != chr(0);
|
||||
foreach ($this->keyboard_requests_responses as $key => $value) {
|
||||
if (substr($prompt, 0, strlen($key)) == $key) {
|
||||
$responses[] = $value;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// see http://tools.ietf.org/html/rfc4256#section-3.2
|
||||
if (strlen($this->last_interactive_response)) {
|
||||
$this->last_interactive_response = '';
|
||||
} else if (defined('NET_SSH2_LOGGING')) {
|
||||
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
||||
'UNKNOWN',
|
||||
'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
|
||||
$this->message_number_log[count($this->message_number_log) - 1]
|
||||
);
|
||||
}
|
||||
|
||||
if (!count($responses) && $num_prompts) {
|
||||
$this->last_interactive_response = $orig;
|
||||
$this->bitmap |= NET_SSH_MASK_LOGIN_INTERACTIVE;
|
||||
return false;
|
||||
}
|
||||
*/
|
||||
|
||||
/*
|
||||
After obtaining the requested information from the user, the client
|
||||
@ -1733,7 +1825,7 @@ class Net_SSH2 {
|
||||
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
||||
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
||||
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length);
|
||||
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
|
||||
return false;
|
||||
case NET_SSH2_MSG_USERAUTH_PK_OK:
|
||||
// we'll just take it on faith that the public key blob and the public key algorithm name are as
|
||||
// they should be
|
||||
@ -1789,6 +1881,13 @@ class Net_SSH2 {
|
||||
$this->timeout = $this->curTimeout = $timeout;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the output from stdError
|
||||
*/
|
||||
function getStdError(){
|
||||
return $this->stdErrorLog;
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute Command
|
||||
*
|
||||
@ -1803,6 +1902,7 @@ class Net_SSH2 {
|
||||
function exec($command, $block = true)
|
||||
{
|
||||
$this->curTimeout = $this->timeout;
|
||||
$this->stdErrorLog = '';
|
||||
|
||||
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
||||
return false;
|
||||
@ -2317,6 +2417,11 @@ class Net_SSH2 {
|
||||
|
||||
while (true) {
|
||||
if ($this->curTimeout) {
|
||||
if ($this->curTimeout < 0) {
|
||||
$this->_close_channel($client_channel);
|
||||
return true;
|
||||
}
|
||||
|
||||
$read = array($this->fsock);
|
||||
$write = $except = NULL;
|
||||
|
||||
@ -2395,9 +2500,6 @@ class Net_SSH2 {
|
||||
$this->channel_buffers[$client_channel][] = $data;
|
||||
break;
|
||||
case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA:
|
||||
if ($skip_extended || $this->quiet_mode) {
|
||||
break;
|
||||
}
|
||||
/*
|
||||
if ($client_channel == NET_SSH2_CHANNEL_EXEC) {
|
||||
$this->_send_channel_packet($client_channel, chr(0));
|
||||
@ -2406,6 +2508,10 @@ class Net_SSH2 {
|
||||
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
|
||||
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
|
||||
$data = $this->_string_shift($response, $length);
|
||||
$this->stdErrorLog .= $data;
|
||||
if ($skip_extended || $this->quiet_mode) {
|
||||
break;
|
||||
}
|
||||
if ($client_channel == $channel) {
|
||||
return $data;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user