From 5b932495cc9a287a6f2b2b67200210dd09916235 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Wed, 15 Oct 2014 17:27:48 +0200
Subject: [PATCH 1/8] SFTP: Replace incorrect comment about filesize. There is
 no 4 GiB limit.

---
 phpseclib/Net/SFTP.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php
index 400e86f3..1a834bc6 100644
--- a/phpseclib/Net/SFTP.php
+++ b/phpseclib/Net/SFTP.php
@@ -2473,11 +2473,12 @@ class Net_SFTP extends Net_SSH2
         foreach ($this->attributes as $key => $value) {
             switch ($flags & $key) {
                 case NET_SFTP_ATTR_SIZE: // 0x00000001
-                    // size is represented by a 64-bit integer, so we perhaps ought to be doing the following:
-                    // $attr['size'] = new Math_BigInteger($this->_string_shift($response, 8), 256);
-                    // of course, you shouldn't be using Net_SFTP to transfer files that are in excess of 4GB
-                    // (0xFFFFFFFF bytes), anyway.  as such, we'll just represent all file sizes that are bigger than
-                    // 4GB as being 4GB.
+                    // The size attribute is defined as an unsigned 64-bit integer.
+                    // The following will use floats on 32-bit platforms, if necessary.
+                    // As can be seen in the BigInteger class, floats are generally
+                    // IEEE 754 binary64 "double precision" on such platforms and
+                    // as such can represent integers of at least 2^50 without loss
+                    // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB.
                     extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8)));
                     $attr['size'] = $upper ? 4294967296 * $upper : 0;
                     $attr['size']+= $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;

From ad03d8446190a4c34034be50605e7ea829928ffe Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Fri, 17 Oct 2014 18:03:02 +0200
Subject: [PATCH 2/8] Restore compatibility with PHP 5.6.1 by using explicit
 array indexes.

This seems to be caused by the resolution of PHP Ticket 67985.
---
 phpseclib/Math/BigInteger.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php
index ec229596..109d346e 100644
--- a/phpseclib/Math/BigInteger.php
+++ b/phpseclib/Math/BigInteger.php
@@ -915,7 +915,7 @@ class Math_BigInteger
             $value = $x_value;
         }
 
-        $value[] = 0; // just in case the carry adds an extra digit
+        $value[count($value)] = 0; // just in case the carry adds an extra digit
 
         $carry = 0;
         for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) {
@@ -2137,7 +2137,7 @@ class Math_BigInteger
 
         if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) {
             $corrector_value = $this->_array_repeat(0, $n_length + 1);
-            $corrector_value[] = 1;
+            $corrector_value[count($corrector_value)] = 1;
             $result = $this->_add($result, false, $corrector_value, false);
             $result = $result[MATH_BIGINTEGER_VALUE];
         }
@@ -3482,7 +3482,7 @@ class Math_BigInteger
         }
 
         if ( $carry ) {
-            $this->value[] = $carry;
+            $this->value[count($this->value)] = $carry;
         }
 
         while ($num_digits--) {

From 6182a643945e43fbaad08e9e6a542879221fecb3 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Tue, 14 Oct 2014 18:17:14 +0200
Subject: [PATCH 3/8] SFTP: Add truncate() to size() test for files larger than
 4 GiB.

---
 tests/Functional/Net/SFTPUserStoryTest.php | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tests/Functional/Net/SFTPUserStoryTest.php b/tests/Functional/Net/SFTPUserStoryTest.php
index 7388e89d..faf56807 100644
--- a/tests/Functional/Net/SFTPUserStoryTest.php
+++ b/tests/Functional/Net/SFTPUserStoryTest.php
@@ -431,6 +431,20 @@ class Functional_Net_SFTPUserStoryTest extends PhpseclibFunctionalTestCase
     /**
     * @depends testFileExistsIsFileIsDirDir
     */
+    public function testTruncateLargeFile($sftp)
+    {
+        $filesize = (4 * 1024 + 16) * 1024 * 1024;
+        $filename = 'file-large-from-truncate-4112MiB.txt';
+        $this->assertTrue($sftp->touch($filename));
+        $this->assertTrue($sftp->truncate($filename, $filesize));
+        $this->assertSame($filesize, $sftp->size($filename));
+
+        return $sftp;
+    }
+
+    /**
+    * @depends testTruncateLargeFile
+    */
     public function testRmDirScratch($sftp)
     {
         $this->assertFalse(

From 5c3058cc4bfa6c519092a0ab9efff75f290d5811 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Sun, 19 Oct 2014 21:07:12 +0200
Subject: [PATCH 4/8] SFTP: Use hexdec() and bin2hex() for filesize
 calculation.

---
 phpseclib/Net/SFTP.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php
index 1a834bc6..0fe88e0e 100644
--- a/phpseclib/Net/SFTP.php
+++ b/phpseclib/Net/SFTP.php
@@ -2479,9 +2479,7 @@ class Net_SFTP extends Net_SSH2
                     // IEEE 754 binary64 "double precision" on such platforms and
                     // as such can represent integers of at least 2^50 without loss
                     // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB.
-                    extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8)));
-                    $attr['size'] = $upper ? 4294967296 * $upper : 0;
-                    $attr['size']+= $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
+                    $attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8)));
                     break;
                 case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
                     $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));

From 3eac2582d6668ef6c6ef29e7de9cacf6f1b9f834 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@php.net>
Date: Thu, 6 Nov 2014 11:58:03 -0600
Subject: [PATCH 5/8] SSH2: fix issues with RSA key verification

Sometimes SSH servers will null pad their RSA keys. this null padding
broke Net/SSH2.php's RSA implementation (Crypt/RSA.php's implementation
works just fine). Also, the -3 was counting the initial "\0" of $h
twice so adjust it to -2.
---
 phpseclib/Net/SSH2.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php
index ad996d7b..73259cdb 100644
--- a/phpseclib/Net/SSH2.php
+++ b/phpseclib/Net/SSH2.php
@@ -77,7 +77,7 @@ define('NET_SSH2_MASK_CONNECTED',     0x00000002);
 define('NET_SSH2_MASK_LOGIN_REQ',     0x00000004);
 define('NET_SSH2_MASK_LOGIN',         0x00000008);
 define('NET_SSH2_MASK_SHELL',         0x00000010);
-define('NET_SSH2_MASK_WINDOW_ADJUST', 0X00000020);
+define('NET_SSH2_MASK_WINDOW_ADJUST', 0x00000020);
 /**#@-*/
 
 /**#@+
@@ -3769,8 +3769,9 @@ class Net_SSH2
                 $e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
 
                 $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
-                $n = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
-                $nLength = $temp['length'];
+                $rawN = $this->_string_shift($server_public_host_key, $temp['length']);
+                $n = new Math_BigInteger($rawN, -256);
+                $nLength = strlen(ltrim($rawN, "\0"));
 
                 /*
                 $temp = unpack('Nlength', $this->_string_shift($signature, 4));
@@ -3807,7 +3808,7 @@ class Net_SSH2
                 $s = $s->toBytes();
 
                 $h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash));
-                $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 3 - strlen($h)) . $h;
+                $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 2 - strlen($h)) . $h;
 
                 if ($s != $h) {
                     user_error('Bad server signature');

From 860ba065c421b72954e30b72c19b7c857c0be979 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@php.net>
Date: Sun, 9 Nov 2014 20:30:27 -0600
Subject: [PATCH 6/8] add CHANGELOG.md

---
 CHANGELOG.md | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..0fd3ca09
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,83 @@
+# Changelog
+
+## 0.3.9 - 2014-11-09
+
+- PHP 5.6 improvements ([#482](https://github.com/phpseclib/phpseclib/pull/482), [#491](https://github.com/phpseclib/phpseclib/issues/491))
+
+## 0.3.8 - 2014-09-12
+
+- improve support for indef lengths in File_ASN1
+- add hmac-sha2-256 support to Net_SSH2
+- make it so negotiated algorithms can be seen before Net_SSH2 login
+- add sha256-96 and sha512-96 to Crypt_Hash
+- window size handling adjustments in Net_SSH2
+
+## 0.3.7 - 2014-07-05
+
+- auto-detect public vs private keys
+- add file_exists, is_dir, is_file, readlink and symlink to Net_SFTP
+- add support for recursive nlist and rawlist
+- make it so nlist and rawlist can return pre-sorted output
+- make it so callback functions can make exec() return early
+- add signSPKAC and saveSPKAC methods to File_X509
+- add support for PKCS8 keys in Crypt_RSA
+- add pbkdf1 support to setPassword() in Crypt_Base
+- add getWindowColumns, getWindowRows, setWindowColumns, setWindowRows to Net_SSH2
+- add support for filenames with spaces in them to Net_SCP
+
+## 0.3.6 - 2014-02-23
+
+- add preliminary support for custom SSH subsystems
+- add ssh-agent support
+
+## 0.3.5 - 2013-07-11
+
+- numerous SFTP changes:
+ - chown
+ - chgrp
+ - truncate
+ - improved file type detection
+ - put() can write to te middle of a file
+ - mkdir accepts the same paramters that PHP's mkdir does
+ - the ability to upload/download 2GB files
+- across-the-board speedups for the various encryption algorithms
+- multi-factor authentication support for Net_SSH2
+- a $callback parameter for Net_SSH2::exec
+- new classes:
+ - Net_SFTP_StreamWrapper
+ - Net_SCP
+ - Crypt_Twofish
+ - Crypt_Blowfish
+
+## 0.3.1 - 2012-11-20
+
+- add Net_SSH2::enableQuietMode() for suppressing stderr
+- add Crypt_RSA::__toString() and Crypt_RSA::getSize()
+- fix problems with File_X509::validateDate(), File_X509::sign() and Crypt_RSA::verify()
+- use OpenSSL to speed up modular exponention in Math_BigInteger
+- improved timeout functionality in Net_SSH2
+- add support for SFTPv2
+- add support for CRLs in File_X509
+- SSH-2.0-SSH doesn't implement hmac-*-96 correctly
+
+## 0.3.0 - 2012-07-08
+
+- add support for reuming Net_SFTP::put()
+- add support for recursive deletes and recursive chmods to Net_SFTP
+- add setTimeout() to Net_SSH2
+- add support for PBKDF2 to the various Crypt_* classes via setPassword()
+- add File_X509 and File_ASN1
+- add the ability to decode various formats in Crypt_RSA
+- make Net_SSH2::getServerPublicHostKey() return a printer-friendly version of the public key
+
+## 0.2.2 - 2011-05-09
+
+- CFB and OFB modes were added to all block ciphers
+- support for interactive mode was added to Net_SSH2
+- Net_SSH2 now has limited keyboard_interactive authentication support
+- support was added for PuTTY formatted RSA private keys and XML formatted RSA private keys
+- Crypt_RSA::loadKey() will now try all key types automatically
+= add support for AES-128-CBC and DES-EDE3-CFB encrypted RSA private keys
+- add Net_SFTP::stat(), Net_SFTP::lstat() and Net_SFTP::rawlist()
+- logging was added to Net_SSH1
+- the license was changed to the less restrictive MIT license
\ No newline at end of file

From 76c1c6607fa082ef182002791d14b51bb24415ba Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@php.net>
Date: Sun, 9 Nov 2014 21:08:08 -0600
Subject: [PATCH 7/8] update download version in README.me

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3c9515b4..cad56570 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ MIT-licensed pure-PHP implementations of an arbitrary-precision integer
 arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael,
 AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509
 
-* [Download (0.3.8)](http://sourceforge.net/projects/phpseclib/files/phpseclib0.3.8.zip/download)
+* [Download (0.3.9)](http://sourceforge.net/projects/phpseclib/files/phpseclib0.3.9.zip/download)
 * [Browse Git](https://github.com/phpseclib/phpseclib)
 * [Code Coverage Report](http://phpseclib.bantux.org/code_coverage/master/latest/)
 

From b1e66430321129ad88b44efae76f140f2707f4f3 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@php.net>
Date: Wed, 19 Nov 2014 22:38:19 -0600
Subject: [PATCH 8/8] SSH2: clarify exec() docblock comment

---
 phpseclib/Net/SSH2.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php
index 73259cdb..c904e678 100644
--- a/phpseclib/Net/SSH2.php
+++ b/phpseclib/Net/SSH2.php
@@ -2261,7 +2261,7 @@ class Net_SSH2
     /**
      * Execute Command
      *
-     * If $block is set to false then Net_SSH2::_get_channel_packet(NET_SSH2_CHANNEL_EXEC) will need to be called manually.
+     * If $callback is set to false then Net_SSH2::_get_channel_packet(NET_SSH2_CHANNEL_EXEC) will need to be called manually.
      * In all likelihood, this is not a feature you want to be taking advantage of.
      *
      * @param String $command