mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-15 02:17:04 +01:00
Merge branch '3.0'
This commit is contained in:
commit
3efafb14b9
@ -1531,8 +1531,8 @@ class SSH2
|
|||||||
substr($this->kex_algorithm, 10);
|
substr($this->kex_algorithm, 10);
|
||||||
$ourPrivate = EC::createKey($curve);
|
$ourPrivate = EC::createKey($curve);
|
||||||
$ourPublicBytes = $ourPrivate->getPublicKey()->getEncodedCoordinates();
|
$ourPublicBytes = $ourPrivate->getPublicKey()->getEncodedCoordinates();
|
||||||
$clientKexInitMessage = NET_SSH2_MSG_KEX_ECDH_INIT;
|
$clientKexInitMessage = 'NET_SSH2_MSG_KEX_ECDH_INIT';
|
||||||
$serverKexReplyMessage = NET_SSH2_MSG_KEX_ECDH_REPLY;
|
$serverKexReplyMessage = 'NET_SSH2_MSG_KEX_ECDH_REPLY';
|
||||||
} else {
|
} else {
|
||||||
if (strpos($this->kex_algorithm, 'diffie-hellman-group-exchange') === 0) {
|
if (strpos($this->kex_algorithm, 'diffie-hellman-group-exchange') === 0) {
|
||||||
$dh_group_sizes_packed = pack(
|
$dh_group_sizes_packed = pack(
|
||||||
@ -1547,6 +1547,7 @@ class SSH2
|
|||||||
$dh_group_sizes_packed
|
$dh_group_sizes_packed
|
||||||
);
|
);
|
||||||
$this->send_binary_packet($packet);
|
$this->send_binary_packet($packet);
|
||||||
|
$this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST');
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
if ($response === false) {
|
||||||
@ -1558,6 +1559,7 @@ class SSH2
|
|||||||
if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
|
if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
|
||||||
throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP');
|
throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP');
|
||||||
}
|
}
|
||||||
|
$this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP');
|
||||||
$prime = new BigInteger($primeBytes, -256);
|
$prime = new BigInteger($primeBytes, -256);
|
||||||
$g = new BigInteger($gBytes, -256);
|
$g = new BigInteger($gBytes, -256);
|
||||||
|
|
||||||
@ -1568,12 +1570,12 @@ class SSH2
|
|||||||
);
|
);
|
||||||
|
|
||||||
$params = DH::createParameters($prime, $g);
|
$params = DH::createParameters($prime, $g);
|
||||||
$clientKexInitMessage = NET_SSH2_MSG_KEXDH_GEX_INIT;
|
$clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_GEX_INIT';
|
||||||
$serverKexReplyMessage = NET_SSH2_MSG_KEXDH_GEX_REPLY;
|
$serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_GEX_REPLY';
|
||||||
} else {
|
} else {
|
||||||
$params = DH::createParameters($this->kex_algorithm);
|
$params = DH::createParameters($this->kex_algorithm);
|
||||||
$clientKexInitMessage = NET_SSH2_MSG_KEXDH_INIT;
|
$clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_INIT';
|
||||||
$serverKexReplyMessage = NET_SSH2_MSG_KEXDH_REPLY;
|
$serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_REPLY';
|
||||||
}
|
}
|
||||||
|
|
||||||
$keyLength = min($kexHash->getLengthInBytes(), max($encryptKeyLength, $decryptKeyLength));
|
$keyLength = min($kexHash->getLengthInBytes(), max($encryptKeyLength, $decryptKeyLength));
|
||||||
@ -1583,10 +1585,18 @@ class SSH2
|
|||||||
$ourPublicBytes = $ourPublic->toBytes(true);
|
$ourPublicBytes = $ourPublic->toBytes(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = pack('CNa*', $clientKexInitMessage, strlen($ourPublicBytes), $ourPublicBytes);
|
$data = pack('CNa*', constant($clientKexInitMessage), strlen($ourPublicBytes), $ourPublicBytes);
|
||||||
|
|
||||||
$this->send_binary_packet($data);
|
$this->send_binary_packet($data);
|
||||||
|
|
||||||
|
switch ($clientKexInitMessage) {
|
||||||
|
case 'NET_SSH2_MSG_KEX_ECDH_INIT':
|
||||||
|
$this->updateLogHistory('NET_SSH2_MSG_KEXDH_INIT', 'NET_SSH2_MSG_KEX_ECDH_INIT');
|
||||||
|
break;
|
||||||
|
case 'NET_SSH2_MSG_KEXDH_GEX_INIT':
|
||||||
|
$this->updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT');
|
||||||
|
}
|
||||||
|
|
||||||
$response = $this->get_binary_packet();
|
$response = $this->get_binary_packet();
|
||||||
if ($response === false) {
|
if ($response === false) {
|
||||||
$this->bitmap = 0;
|
$this->bitmap = 0;
|
||||||
@ -1603,8 +1613,15 @@ class SSH2
|
|||||||
$this->signature
|
$this->signature
|
||||||
) = Strings::unpackSSH2('Csss', $response);
|
) = Strings::unpackSSH2('Csss', $response);
|
||||||
|
|
||||||
if ($type != $serverKexReplyMessage) {
|
if ($type != constant($serverKexReplyMessage)) {
|
||||||
throw new \UnexpectedValueException('Expected SSH_MSG_KEXDH_REPLY');
|
throw new \UnexpectedValueException("Expected $serverKexReplyMessage");
|
||||||
|
}
|
||||||
|
switch ($serverKexReplyMessage) {
|
||||||
|
case 'NET_SSH2_MSG_KEX_ECDH_REPLY':
|
||||||
|
$this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEX_ECDH_REPLY');
|
||||||
|
break;
|
||||||
|
case 'NET_SSH2_MSG_KEXDH_GEX_REPLY':
|
||||||
|
$this->updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY');
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->server_public_host_key = $server_public_host_key;
|
$this->server_public_host_key = $server_public_host_key;
|
||||||
@ -2184,9 +2201,7 @@ class SSH2
|
|||||||
list($type) = Strings::unpackSSH2('C', $response);
|
list($type) = Strings::unpackSSH2('C', $response);
|
||||||
switch ($type) {
|
switch ($type) {
|
||||||
case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed
|
case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed
|
||||||
if (defined('NET_SSH2_LOGGING')) {
|
$this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ');
|
||||||
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
|
|
||||||
}
|
|
||||||
|
|
||||||
list($message) = Strings::unpackSSH2('s', $response);
|
list($message) = Strings::unpackSSH2('s', $response);
|
||||||
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $message;
|
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $message;
|
||||||
@ -2296,12 +2311,8 @@ class SSH2
|
|||||||
// see http://tools.ietf.org/html/rfc4256#section-3.2
|
// see http://tools.ietf.org/html/rfc4256#section-3.2
|
||||||
if (strlen($this->last_interactive_response)) {
|
if (strlen($this->last_interactive_response)) {
|
||||||
$this->last_interactive_response = '';
|
$this->last_interactive_response = '';
|
||||||
} elseif (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) {
|
} else {
|
||||||
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
$this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST');
|
||||||
'UNKNOWN',
|
|
||||||
'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
|
|
||||||
$this->message_number_log[count($this->message_number_log) - 1]
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!count($responses) && $num_prompts) {
|
if (!count($responses) && $num_prompts) {
|
||||||
@ -2322,13 +2333,7 @@ class SSH2
|
|||||||
|
|
||||||
$this->send_binary_packet($packet, $logged);
|
$this->send_binary_packet($packet, $logged);
|
||||||
|
|
||||||
if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) {
|
$this->updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE');
|
||||||
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
|
||||||
'UNKNOWN',
|
|
||||||
'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE',
|
|
||||||
$this->message_number_log[count($this->message_number_log) - 1]
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
After receiving the response, the server MUST send either an
|
After receiving the response, the server MUST send either an
|
||||||
@ -2462,13 +2467,7 @@ class SSH2
|
|||||||
case NET_SSH2_MSG_USERAUTH_PK_OK:
|
case NET_SSH2_MSG_USERAUTH_PK_OK:
|
||||||
// we'll just take it on faith that the public key blob and the public key algorithm name are as
|
// we'll just take it on faith that the public key blob and the public key algorithm name are as
|
||||||
// they should be
|
// they should be
|
||||||
if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) {
|
$this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK');
|
||||||
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
|
||||||
'UNKNOWN',
|
|
||||||
'NET_SSH2_MSG_USERAUTH_PK_OK',
|
|
||||||
$this->message_number_log[count($this->message_number_log) - 1]
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$packet = $part1 . chr(1) . $part2;
|
$packet = $part1 . chr(1) . $part2;
|
||||||
@ -4838,4 +4837,22 @@ class SSH2
|
|||||||
{
|
{
|
||||||
return self::$connections;
|
return self::$connections;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Update packet types in log history
|
||||||
|
*
|
||||||
|
* @param string $old
|
||||||
|
* @param string $new
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
private function updateLogHistory($old, $new)
|
||||||
|
{
|
||||||
|
if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) {
|
||||||
|
$this->message_number_log[count($this->message_number_log) - 1] = str_replace(
|
||||||
|
$old,
|
||||||
|
$new,
|
||||||
|
$this->message_number_log[count($this->message_number_log) - 1]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user