Currently, the call to "scp -t" or "scp -f" just uses naive quoting - i.e. a couple of quote marks are thrown in.
But, this can easily be escaped from - if the filename has a quote mark of its own in it, for example.
e.g. if the filename is as follows, then bad things will happen:
";rm -rf /
Instead, escapeshellarg should be used, to make sure it gets escaped properly.
Update development dependencies
* bantu/dev-deps-update:
Update squizlabs/php_codesniffer from 1.5.2 to 1.5.5
Update phpunit/phpunit to 4.3.*
Update sami/sami to 2.*
aside from the addition of OpenSSL support a few other changes have been included:
- setEngine(), as added by petrich, is depricated (not that it was ever in trunk to begin with)
it has been replaced with isValidEngine() and setPreferredEngine().
- replace _generate_xor() with increment_str()
_increment_str() had extra functionality that wasn't being used. ie. it could concatenate
multiple successive string increments to one another automatically. but not only was that
functionality not used - it also made the function less versatile. _increment_str() can be
used more easily for iterative brute forcing (for example)
- rename Crypt_Base::_stringShift to Crypt_Base::_string_shift (for consistency)
- more expansive unit test coverage
Sometimes SSH servers will null pad their RSA keys. this null padding
broke Net/SSH2.php's RSA implementation (Crypt/RSA.php's implementation
works just fine). Also, the -3 was counting the initial "\0" of $h
twice so adjust it to -2.
SFTP: Add truncate() to size() test for files larger than 4 GiB.
* bantu/sftp-large-files:
SFTP: Add truncate() to size() test for files larger than 4 GiB.
SFTP: Replace incorrect comment about filesize. There is no 4 GiB limit.
* bantu/sftp-large-file-comment:
SFTP: Replace incorrect comment about filesize. There is no 4 GiB limit.
Restore compatibility with PHP 5.6.1 by using explicit array index.
* bantu/fix-491:
Restore compatibility with PHP 5.6.1 by using explicit array indexes.
ASN1: fix issue with non-constructed context-specific tags
* terrafrost/asn1-fix:
ASN1: fix unit test
ASN1: add unit test for non-constructed context-specific change
ASN1: fix issue with non-constructed context-specific tags