danog/phpseclib
1
0
Fork 0
mirror of https://github.com/danog/phpseclib.git synced 2024-12-04 10:38:12 +01:00
Code Issues Projects Releases Wiki Activity

SSH2: if the server doesn't support multiple channels error out

Browse Source
This commit is contained in:
terrafrost 2023-03-29 03:52:00 -05:00
parent cecabb1fea
commit 5fb084b04c
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
phpseclib/Net/SSH2.php
View File

@ -1087,6 +1087,21 @@ class SSH2
*/ */
private $smartMFA = true; private $smartMFA = true;
/**
* How many channels are currently opened
*
* @var int
*/
private $channelCount = 0;
/**
* Does the server support multiple channels? If not then error out
* when multiple channels are attempted to be opened
*
* @var bool
*/
private $errorOnMultipleChannels;
/** /**
* Default Constructor. * Default Constructor.
* *
@ -1384,6 +1399,18 @@ class SSH2
throw new UnableToConnectException("Cannot connect to SSH $matches[3] servers"); throw new UnableToConnectException("Cannot connect to SSH $matches[3] servers");
} }
// Ubuntu's OpenSSH from 5.8 to 6.9 didn't work with multiple channels. see
// https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1334916 for more info.
// https://lists.ubuntu.com/archives/oneiric-changes/2011-July/005772.html discusses
// when consolekit was incorporated.
// https://marc.info/?l=openssh-unix-dev&m=163409903417589&w=2 discusses some of the
// issues with how Ubuntu incorporated consolekit
$pattern = '#^SSH-2\.0-OpenSSH_([\d.]+)[^ ]* Ubuntu-.*$#';
$match = preg_match($pattern, $this->server_identifier, $matches);
$match = $match && version_compare('5.8', $matches[1], '<=');
$match = $match && version_compare('6.9', $matches[1], '>=');
$this->errorOnMultipleChannels = $match;
if (!$this->send_id_string_first) { if (!$this->send_id_string_first) {
fputs($this->fsock, $this->identifier . "\r\n"); fputs($this->fsock, $this->identifier . "\r\n");
} }
@ -2813,9 +2840,17 @@ class SSH2
* Opens a channel * Opens a channel
* *
* @param string $channel * @param string $channel
* @param bool $skip_extended
* @return bool
*/ */
protected function openChannel($channel, $skip_extended = false) protected function openChannel($channel, $skip_extended = false)
{ {
$this->channelCount++;
if ($this->channelCount > 1 && $this->errorOnMultipleChannels) {
throw new \RuntimeException("Ubuntu's OpenSSH from 5.8 to 6.9 doesn't work with multiple channels");
}
// RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to
// be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but,
// honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway. // honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway.