From 88568b8020bd39fd83f50e460025c245a30f59cc Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 03:37:25 -0600 Subject: [PATCH 1/5] SSH2: logging enhancements --- phpseclib/Net/SSH2.php | 59 +++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 24 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 6208f38c..0362bf8f 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1563,6 +1563,7 @@ class Net_SSH2 if (!$this->_send_binary_packet($packet)) { return false; } + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); $response = $this->_get_binary_packet(); if ($response === false) { @@ -1578,6 +1579,7 @@ class Net_SSH2 user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); return false; } + $this->_updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); if (strlen($response) < 4) { return false; @@ -1666,6 +1668,9 @@ class Net_SSH2 user_error('Connection closed by server'); return false; } + if ($clientKexInitMessage == NET_SSH2_MSG_KEXDH_GEX_INIT) { + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + } $response = $this->_get_binary_packet(); if ($response === false) { @@ -1679,9 +1684,15 @@ class Net_SSH2 extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != $serverKexReplyMessage) { - user_error('Expected SSH_MSG_KEXDH_REPLY'); + $expected = $serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY ? + 'SSH_MSG_KEXDH_GEX_REPLY' : + 'SSH_MSG_KEXDH_REPLY'; + user_error("Expected $expected"); return false; } + if ($serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY) { + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + } if (strlen($response) < 4) { return false; @@ -2316,9 +2327,7 @@ class Net_SSH2 switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - if (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; - } + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); if (strlen($response) < 4) { return false; } @@ -2469,12 +2478,8 @@ class Net_SSH2 // see http://tools.ietf.org/html/rfc4256#section-3.2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; - } elseif (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', - $this->message_number_log[count($this->message_number_log) - 1] - ); + } else { + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); } if (!count($responses) && $num_prompts) { @@ -2497,13 +2502,7 @@ class Net_SSH2 return false; } - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); /* After receiving the response, the server MUST send either an @@ -2630,13 +2629,7 @@ class Net_SSH2 case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_PK_OK', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PK_OK'); } $packet = $part1 . chr(1) . $part2; @@ -5072,4 +5065,22 @@ class Net_SSH2 $this->windowColumns = $columns; $this->windowRows = $rows; } + + /** + * Update packet types in log history + * + * @param string $old + * @param string $new + * @access private + */ + function _updateLogHistory($old, $new) + { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + $old, + $new, + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + } } From 0a1c10386a2739f1ff20d690bbd008fe31a550d1 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 05:10:12 -0600 Subject: [PATCH 2/5] ... --- phpseclib/Net/SSH2.php | 1 + 1 file changed, 1 insertion(+) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 0cca1e48..b686cc42 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -4829,6 +4829,7 @@ class SSH2 return self::$connections; } + /* * Update packet types in log history * * @param string $old From f1772cbf7a0df7a022cad1c3aaae3ca4f0edbc36 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 05:42:29 -0600 Subject: [PATCH 3/5] ... --- phpseclib/Net/SSH2.php | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index b686cc42..1d5655a1 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1547,6 +1547,7 @@ class SSH2 $dh_group_sizes_packed ); $this->send_binary_packet($packet); + $this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); $response = $this->get_binary_packet(); if ($response === false) { @@ -1558,6 +1559,7 @@ class SSH2 if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP'); } + $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); $prime = new BigInteger($primeBytes, -256); $g = new BigInteger($gBytes, -256); @@ -1592,7 +1594,7 @@ class SSH2 $this->updateLogHistory('NET_SSH2_MSG_KEXDH_INIT', 'NET_SSH2_MSG_KEX_ECDH_INIT'); break; case 'NET_SSH2_MSG_KEXDH_GEX_INIT': - $this->updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + $this->updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); } $response = $this->get_binary_packet(); @@ -1614,6 +1616,13 @@ class SSH2 if ($type != constant($serverKexReplyMessage)) { throw new \UnexpectedValueException("Expected $serverKexReplyMessage"); } + switch ($serverKexReplyMessage) { + case 'NET_SSH2_MSG_KEX_ECDH_REPLY': + $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEX_ECDH_REPLY'); + break; + case 'NET_SSH2_MSG_KEXDH_GEX_REPLY': + $this->updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + } $this->server_public_host_key = $server_public_host_key; list($public_key_format) = Strings::unpackSSH2('s', $server_public_host_key); @@ -2192,7 +2201,7 @@ class SSH2 list($type) = Strings::unpackSSH2('C', $response); switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - $this->updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); list($message) = Strings::unpackSSH2('s', $response); $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $message; @@ -2303,7 +2312,7 @@ class SSH2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; } else { - $this->updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); } if (!count($responses) && $num_prompts) { @@ -2324,7 +2333,7 @@ class SSH2 $this->send_binary_packet($packet, $logged); - $this->updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); + $this->updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); /* After receiving the response, the server MUST send either an @@ -2458,7 +2467,7 @@ class SSH2 case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - $this->updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PK_OK'); + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); } $packet = $part1 . chr(1) . $part2; From 3f448d09046911c971937c1cc327a3fe68495428 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 05:54:42 -0600 Subject: [PATCH 4/5] ... --- phpseclib/Net/SSH2.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 0362bf8f..d22786b9 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1563,7 +1563,7 @@ class Net_SSH2 if (!$this->_send_binary_packet($packet)) { return false; } - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); + $this->_updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); $response = $this->_get_binary_packet(); if ($response === false) { @@ -1669,7 +1669,7 @@ class Net_SSH2 return false; } if ($clientKexInitMessage == NET_SSH2_MSG_KEXDH_GEX_INIT) { - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + $this->_updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); } $response = $this->_get_binary_packet(); @@ -1691,7 +1691,7 @@ class Net_SSH2 return false; } if ($serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY) { - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + $this->_updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); } if (strlen($response) < 4) { @@ -2327,7 +2327,7 @@ class Net_SSH2 switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); if (strlen($response) < 4) { return false; } @@ -2479,7 +2479,7 @@ class Net_SSH2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; } else { - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); } if (!count($responses) && $num_prompts) { @@ -2502,7 +2502,7 @@ class Net_SSH2 return false; } - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); + $this->_updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); /* After receiving the response, the server MUST send either an @@ -2629,7 +2629,7 @@ class Net_SSH2 case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - $this->_updateLogHistory('UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PK_OK'); + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); } $packet = $part1 . chr(1) . $part2; From 500e3225a839825f92033f9909794c55a8d0536c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 17 Jan 2020 03:37:25 -0600 Subject: [PATCH 5/5] SSH2: logging enhancements --- phpseclib/Net/SSH2.php | 59 +++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 24 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 6208f38c..d22786b9 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1563,6 +1563,7 @@ class Net_SSH2 if (!$this->_send_binary_packet($packet)) { return false; } + $this->_updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); $response = $this->_get_binary_packet(); if ($response === false) { @@ -1578,6 +1579,7 @@ class Net_SSH2 user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); return false; } + $this->_updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); if (strlen($response) < 4) { return false; @@ -1666,6 +1668,9 @@ class Net_SSH2 user_error('Connection closed by server'); return false; } + if ($clientKexInitMessage == NET_SSH2_MSG_KEXDH_GEX_INIT) { + $this->_updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + } $response = $this->_get_binary_packet(); if ($response === false) { @@ -1679,9 +1684,15 @@ class Net_SSH2 extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != $serverKexReplyMessage) { - user_error('Expected SSH_MSG_KEXDH_REPLY'); + $expected = $serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY ? + 'SSH_MSG_KEXDH_GEX_REPLY' : + 'SSH_MSG_KEXDH_REPLY'; + user_error("Expected $expected"); return false; } + if ($serverKexReplyMessage == NET_SSH2_MSG_KEXDH_GEX_REPLY) { + $this->_updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + } if (strlen($response) < 4) { return false; @@ -2316,9 +2327,7 @@ class Net_SSH2 switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - if (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; - } + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); if (strlen($response) < 4) { return false; } @@ -2469,12 +2478,8 @@ class Net_SSH2 // see http://tools.ietf.org/html/rfc4256#section-3.2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; - } elseif (defined('NET_SSH2_LOGGING')) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', - $this->message_number_log[count($this->message_number_log) - 1] - ); + } else { + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); } if (!count($responses) && $num_prompts) { @@ -2497,13 +2502,7 @@ class Net_SSH2 return false; } - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); /* After receiving the response, the server MUST send either an @@ -2630,13 +2629,7 @@ class Net_SSH2 case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - 'UNKNOWN', - 'NET_SSH2_MSG_USERAUTH_PK_OK', - $this->message_number_log[count($this->message_number_log) - 1] - ); - } + $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); } $packet = $part1 . chr(1) . $part2; @@ -5072,4 +5065,22 @@ class Net_SSH2 $this->windowColumns = $columns; $this->windowRows = $rows; } + + /** + * Update packet types in log history + * + * @param string $old + * @param string $new + * @access private + */ + function _updateLogHistory($old, $new) + { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + $old, + $new, + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + } }