mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-08 00:04:39 +00:00
Merge branch '3.0'
This commit is contained in:
commit
e7de3c1ca9
@ -1210,7 +1210,6 @@ class SSH2
|
|||||||
/**
|
/**
|
||||||
* Connect to an SSHv2 server
|
* Connect to an SSHv2 server
|
||||||
*
|
*
|
||||||
* @return bool
|
|
||||||
* @throws \UnexpectedValueException on receipt of unexpected packets
|
* @throws \UnexpectedValueException on receipt of unexpected packets
|
||||||
* @throws \RuntimeException on other errors
|
* @throws \RuntimeException on other errors
|
||||||
* @access private
|
* @access private
|
||||||
@ -1218,7 +1217,7 @@ class SSH2
|
|||||||
private function connect()
|
private function connect()
|
||||||
{
|
{
|
||||||
if ($this->bitmap & self::MASK_CONSTRUCTOR) {
|
if ($this->bitmap & self::MASK_CONSTRUCTOR) {
|
||||||
return false;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->bitmap |= self::MASK_CONSTRUCTOR;
|
$this->bitmap |= self::MASK_CONSTRUCTOR;
|
||||||
@ -1242,8 +1241,7 @@ class SSH2
|
|||||||
if ($this->curTimeout) {
|
if ($this->curTimeout) {
|
||||||
$this->curTimeout-= $elapsed;
|
$this->curTimeout-= $elapsed;
|
||||||
if ($this->curTimeout < 0) {
|
if ($this->curTimeout < 0) {
|
||||||
$this->is_timeout = true;
|
throw new \RuntimeException('Connection timed out whilst attempting to open socket connection');
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1267,8 +1265,7 @@ class SSH2
|
|||||||
while (true) {
|
while (true) {
|
||||||
if ($this->curTimeout) {
|
if ($this->curTimeout) {
|
||||||
if ($this->curTimeout < 0) {
|
if ($this->curTimeout < 0) {
|
||||||
$this->is_timeout = true;
|
throw new \RuntimeException('Connection timed out whilst receiving server identification string');
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
$read = [$this->fsock];
|
$read = [$this->fsock];
|
||||||
$write = $except = null;
|
$write = $except = null;
|
||||||
@ -1276,20 +1273,19 @@ class SSH2
|
|||||||
$sec = floor($this->curTimeout);
|
$sec = floor($this->curTimeout);
|
||||||
$usec = 1000000 * ($this->curTimeout - $sec);
|
$usec = 1000000 * ($this->curTimeout - $sec);
|
||||||
if (@stream_select($read, $write, $except, $sec, $usec) === false) {
|
if (@stream_select($read, $write, $except, $sec, $usec) === false) {
|
||||||
$this->is_timeout = true;
|
throw new \RuntimeException('Connection timed out whilst receiving server identification string');
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
$elapsed = microtime(true) - $start;
|
$elapsed = microtime(true) - $start;
|
||||||
$this->curTimeout-= $elapsed;
|
$this->curTimeout-= $elapsed;
|
||||||
}
|
}
|
||||||
|
|
||||||
$temp = stream_get_line($this->fsock, 255, "\n");
|
$temp = stream_get_line($this->fsock, 255, "\n");
|
||||||
|
if ($temp === false) {
|
||||||
|
throw new \RuntimeException('Error reading from socket');
|
||||||
|
}
|
||||||
if (strlen($temp) == 255) {
|
if (strlen($temp) == 255) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if ($temp === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$line.= "$temp\n";
|
$line.= "$temp\n";
|
||||||
|
|
||||||
@ -1337,23 +1333,17 @@ class SSH2
|
|||||||
|
|
||||||
if (!$this->send_kex_first) {
|
if (!$this->send_kex_first) {
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->bitmap = 0;
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
||||||
$this->bitmap = 0;
|
$this->bitmap = 0;
|
||||||
throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT');
|
throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->key_exchange($response)) {
|
$this->key_exchange($response);
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->send_kex_first && !$this->key_exchange()) {
|
if ($this->send_kex_first) {
|
||||||
return false;
|
$this->key_exchange();
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->bitmap|= self::MASK_CONNECTED;
|
$this->bitmap|= self::MASK_CONNECTED;
|
||||||
@ -1478,10 +1468,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($kexinit_payload_client);
|
$this->send_binary_packet($kexinit_payload_client);
|
||||||
|
|
||||||
$kexinit_payload_server = $this->get_binary_packet();
|
$kexinit_payload_server = $this->get_binary_packet();
|
||||||
if ($kexinit_payload_server === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!strlen($kexinit_payload_server) || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) {
|
if (!strlen($kexinit_payload_server) || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) {
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR);
|
$this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR);
|
||||||
@ -1621,10 +1607,6 @@ class SSH2
|
|||||||
$this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST');
|
$this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST');
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response);
|
list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response);
|
||||||
if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
|
if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
|
||||||
@ -1670,13 +1652,6 @@ class SSH2
|
|||||||
}
|
}
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
if (!strlen($response)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
list(
|
list(
|
||||||
$type,
|
$type,
|
||||||
@ -1699,12 +1674,12 @@ class SSH2
|
|||||||
|
|
||||||
$this->server_public_host_key = $server_public_host_key;
|
$this->server_public_host_key = $server_public_host_key;
|
||||||
list($public_key_format) = Strings::unpackSSH2('s', $server_public_host_key);
|
list($public_key_format) = Strings::unpackSSH2('s', $server_public_host_key);
|
||||||
|
|
||||||
if (strlen($this->signature) < 4) {
|
if (strlen($this->signature) < 4) {
|
||||||
return false;
|
throw new \LengthException('The signature needs at least four bytes');
|
||||||
}
|
}
|
||||||
$temp = unpack('Nlength', substr($this->signature, 0, 4));
|
$temp = unpack('Nlength', substr($this->signature, 0, 4));
|
||||||
$this->signature_format = substr($this->signature, 4, $temp['length']);
|
$this->signature_format = substr($this->signature, 4, $temp['length']);
|
||||||
|
|
||||||
$keyBytes = DH::computeSecret($ourPrivate, $theirPublicBytes);
|
$keyBytes = DH::computeSecret($ourPrivate, $theirPublicBytes);
|
||||||
if (($keyBytes & "\xFF\x80") === "\x00\x00") {
|
if (($keyBytes & "\xFF\x80") === "\x00\x00") {
|
||||||
$keyBytes = substr($keyBytes, 1);
|
$keyBytes = substr($keyBytes, 1);
|
||||||
@ -1747,7 +1722,7 @@ class SSH2
|
|||||||
case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512':
|
case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512':
|
||||||
case $this->signature_format != 'ssh-rsa':
|
case $this->signature_format != 'ssh-rsa':
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
|
$this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
|
||||||
throw new \RuntimeException('Server Host Key Algorithm Mismatch');
|
throw new \RuntimeException('Server Host Key Algorithm Mismatch (' . $this->signature_format . ' vs ' . $server_host_key_algorithm . ')');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2107,9 +2082,7 @@ class SSH2
|
|||||||
protected function sublogin($username, ...$args)
|
protected function sublogin($username, ...$args)
|
||||||
{
|
{
|
||||||
if (!($this->bitmap & self::MASK_CONSTRUCTOR)) {
|
if (!($this->bitmap & self::MASK_CONSTRUCTOR)) {
|
||||||
if (!$this->connect()) {
|
$this->connect();
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($args)) {
|
if (empty($args)) {
|
||||||
@ -2147,13 +2120,12 @@ class SSH2
|
|||||||
$packet = Strings::packSSH2('Cs', NET_SSH2_MSG_SERVICE_REQUEST, 'ssh-userauth');
|
$packet = Strings::packSSH2('Cs', NET_SSH2_MSG_SERVICE_REQUEST, 'ssh-userauth');
|
||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
|
||||||
|
try {
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
} catch (\Exception $e) {
|
||||||
if ($this->retry_connect) {
|
if ($this->retry_connect) {
|
||||||
$this->retry_connect = false;
|
$this->retry_connect = false;
|
||||||
if (!$this->connect()) {
|
$this->connect();
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return $this->login_helper($username, $password);
|
return $this->login_helper($username, $password);
|
||||||
}
|
}
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
||||||
@ -2200,10 +2172,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2250,10 +2218,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($packet, $logged);
|
$this->send_binary_packet($packet, $logged);
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2325,10 +2289,6 @@ class SSH2
|
|||||||
$response = $this->last_interactive_response;
|
$response = $this->last_interactive_response;
|
||||||
} else {
|
} else {
|
||||||
$orig = $response = $this->get_binary_packet();
|
$orig = $response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
@ -2519,10 +2479,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2555,10 +2511,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -2681,10 +2633,6 @@ class SSH2
|
|||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
|
||||||
$this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
|
||||||
throw new ConnectionClosedException('Connection closed by server');
|
|
||||||
}
|
|
||||||
|
|
||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
@ -3157,9 +3105,7 @@ class SSH2
|
|||||||
{
|
{
|
||||||
$this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
$this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST);
|
||||||
$this->retry_connect = true;
|
$this->retry_connect = true;
|
||||||
if (!$this->connect()) {
|
$this->connect();
|
||||||
return false;
|
|
||||||
}
|
|
||||||
foreach ($this->auth as $auth) {
|
foreach ($this->auth as $auth) {
|
||||||
$result = $this->login(...$auth);
|
$result = $this->login(...$auth);
|
||||||
}
|
}
|
||||||
@ -3500,6 +3446,10 @@ class SSH2
|
|||||||
|
|
||||||
// only called when we've already logged in
|
// only called when we've already logged in
|
||||||
if (($this->bitmap & self::MASK_CONNECTED) && $this->isAuthenticated()) {
|
if (($this->bitmap & self::MASK_CONNECTED) && $this->isAuthenticated()) {
|
||||||
|
if ($payload === true) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
switch (ord($payload[0])) {
|
switch (ord($payload[0])) {
|
||||||
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
||||||
if (strlen($payload) == 31) {
|
if (strlen($payload) == 31) {
|
||||||
@ -4762,9 +4712,7 @@ class SSH2
|
|||||||
public function getServerPublicHostKey()
|
public function getServerPublicHostKey()
|
||||||
{
|
{
|
||||||
if (!($this->bitmap & self::MASK_CONSTRUCTOR)) {
|
if (!($this->bitmap & self::MASK_CONSTRUCTOR)) {
|
||||||
if (!$this->connect()) {
|
$this->connect();
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$signature = $this->signature;
|
$signature = $this->signature;
|
||||||
|
Loading…
Reference in New Issue
Block a user