From 500e3225a839825f92033f9909794c55a8d0536c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 03:37:25 -0600 Subject: [PATCH] SSH2: logging enhancements --- phpseclib/Net/SSH2.php | 59 +++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 24 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 6208f38c..d22786b9 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1563,6 +1563,7 @@ class Net_SSH2 if (!$this->_send_binary_packet($packet)) { return false; } + $this->_updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); $response = $this->_get_binary_packet(); if ($response === false) { @@ -1578,6 +1579,7 @@ class Net_SSH2 user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); return false; } + $this->_updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); if (strlen($response) < 4) { return false; @@ -1666,6 +1668,9 @@ class Net_SSH2 user_error('Connection closed by server'); return false; } + if ($clientKexInitMessage == NET_SSH2_MSG_KEXDH_GEX_INIT) { + $this->_updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + } $response = $this->_get_binary_packet(); if ($response === false) { @@ -1679,9 +1684,15 @@ class Net_SSH2 extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != $serverKexReplyMessage) { - user_error('Expected SSH_MSG_KEXDH_REPLY'); + $expected = $serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY ? + 'SSH_MSG_KEXDH_GEX_REPLY' : + 'SSH_MSG_KEXDH_REPLY'; + user_error("Expected $expected"); return false; } + if ($serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY) { + $this->_updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + } if (strlen($response) < 4) { return false; @@ -2316,9 +2327,7 @@ class Net_SSH2 switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - if (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; - } + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); if (strlen($response) < 4) { return false; } @@ -2469,12 +2478,8 @@ class Net_SSH2 // see http://tools.ietf.org/html/rfc4256#section-3.2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; - } elseif (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', - $this->message_number_log[count($this->message_number_log) - 1] - ); + } else { + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); } if (!count($responses) && $num_prompts) { @@ -2497,13 +2502,7 @@ class Net_SSH2 return false; } - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); /* After receiving the response, the server MUST send either an @@ -2630,13 +2629,7 @@ class Net_SSH2 case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_PK_OK', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); } $packet = $part1 . chr(1) . $part2; @@ -5072,4 +5065,22 @@ class Net_SSH2 $this->windowColumns = $columns; $this->windowRows = $rows; } + + /** + * Update packet types in log history + * + * @param string $old + * @param string $new + * @access private + */ + function _updateLogHistory($old, $new) + { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + $old, + $new, + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + } }