mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-02 09:38:06 +01:00
Merge branch '1.0' into 2.0
This commit is contained in:
commit
6611c0b566
@ -273,6 +273,18 @@ class SSH2
|
||||
*/
|
||||
var $server_host_key_algorithms = false;
|
||||
|
||||
/**
|
||||
* Supported Private Key Algorithms
|
||||
*
|
||||
* In theory this should be the same as the Server Host Key Algorithms but, in practice,
|
||||
* some servers (eg. Azure) will support rsa-sha2-512 as a server host key algorithm but
|
||||
* not a private key algorithm
|
||||
*
|
||||
* @see self::privatekey_login()
|
||||
* @var array|false
|
||||
*/
|
||||
var $supported_private_key_algorithms = false;
|
||||
|
||||
/**
|
||||
* Encryption Algorithms: Client to Server
|
||||
*
|
||||
@ -1552,6 +1564,8 @@ class SSH2
|
||||
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
||||
$this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
||||
|
||||
$this->supported_private_key_algorithms = $this->server_host_key_algorithms;
|
||||
|
||||
if (strlen($response) < 4) {
|
||||
return false;
|
||||
}
|
||||
@ -2731,7 +2745,13 @@ class SSH2
|
||||
$publickey['n']
|
||||
);
|
||||
|
||||
switch ($this->signature_format) {
|
||||
$algos = ['rsa-sha2-256', 'rsa-sha2-512', 'ssh-rsa'];
|
||||
if (isset($this->preferred['hostkey'])) {
|
||||
$algos = array_intersect($this->preferred['hostkey'], $algos);
|
||||
}
|
||||
$algo = $this->_array_intersect_first($algos, $this->supported_private_key_algorithms);
|
||||
|
||||
switch ($algo) {
|
||||
case 'rsa-sha2-512':
|
||||
$hash = 'sha512';
|
||||
$signatureType = 'rsa-sha2-512';
|
||||
@ -2781,7 +2801,12 @@ class SSH2
|
||||
return false;
|
||||
}
|
||||
extract(unpack('Nmethodlistlen', $this->_string_shift($response, 4)));
|
||||
$this->auth_methods_to_continue = explode(',', $this->_string_shift($response, $methodlistlen));
|
||||
$auth_methods = explode(',', $this->_string_shift($response, $methodlistlen));
|
||||
if (in_array('publickey', $auth_methods) && substr($signatureType, 0, 9) == 'rsa-sha2-') {
|
||||
$this->supported_private_key_algorithms = array_diff($this->supported_private_key_algorithms, array('rsa-sha2-256', 'rsa-sha2-512'));
|
||||
return $this->_privatekey_login($username, $privatekey);
|
||||
}
|
||||
$this->auth_methods_to_continue = $auth_methods;
|
||||
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE';
|
||||
return false;
|
||||
case NET_SSH2_MSG_USERAUTH_PK_OK:
|
||||
|
Loading…
Reference in New Issue
Block a user