From d37dffdb8125a366156262af4f78ee7099f30e75 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 5 Apr 2020 10:29:57 -0500 Subject: [PATCH 1/2] SSH: use an anonymous function for logging callback --- phpseclib/Net/SSH2.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 5cc839ac..b1249d02 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -4190,7 +4190,9 @@ class SSH2 $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } $fragment = Strings::shift($current_log, $this->log_short_width); - $hex = substr(preg_replace_callback('#.#s', [$this, 'format_log_helper'], $fragment), strlen($this->log_boundary)); + $hex = substr(preg_replace_callback('#.#s', function ($matches) { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + }, $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers From ceff4cfbbc9f9882ac1cde8e4630626828d3a74c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 5 Apr 2020 10:56:30 -0500 Subject: [PATCH 2/2] rm call_user_func() calls --- phpseclib/Crypt/Common/Formats/Keys/PKCS8.php | 2 +- phpseclib/Crypt/Hash.php | 27 ++++++++++--------- phpseclib/Crypt/RC2.php | 2 +- phpseclib/File/ASN1.php | 8 +++--- phpseclib/Net/SFTP.php | 6 ++--- phpseclib/Net/SFTP/Stream.php | 2 +- phpseclib/Net/SSH2.php | 2 +- 7 files changed, 25 insertions(+), 24 deletions(-) diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php index f8c199de..b6f31561 100644 --- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -442,7 +442,7 @@ abstract class PKCS8 extends PKCS if (isset($keyLength)) { $params[] = (int) $keyLength->toString(); } - call_user_func_array([$cipher, 'setPassword'], $params); + $cipher->setPassword(...$params); $key = $cipher->decrypt($decrypted['encryptedData']); $decoded = ASN1::decodeBER($key); if (empty($decoded)) { diff --git a/phpseclib/Crypt/Hash.php b/phpseclib/Crypt/Hash.php index 6c91dcd1..e0b9e464 100644 --- a/phpseclib/Crypt/Hash.php +++ b/phpseclib/Crypt/Hash.php @@ -93,7 +93,7 @@ class Hash * @var string * @access private */ - private $hash; + private $algo; /** * Key @@ -268,9 +268,9 @@ class Hash return; } - $this->computedKey = is_array($this->hash) ? - call_user_func($this->hash, $this->key) : - hash($this->hash, $this->key, true); + $this->computedKey = is_array($this->algo) ? + call_user_func($this->algo, $this->key) : + hash($this->algo, $this->key, true); } /** @@ -302,7 +302,7 @@ class Hash case 'umac-128': $this->blockSize = 128; $this->length = abs(substr($hash, -3)) >> 3; - $this->hash = 'umac'; + $this->algo = 'umac'; return; case 'md2-96': case 'md5-96': @@ -439,7 +439,7 @@ class Hash $this->opad = str_repeat(chr(0x5C), $b); } - $this->hash = $hash; + $this->algo = $hash; $this->computeKey(); } @@ -785,7 +785,8 @@ class Hash */ public function hash($text) { - if ($this->hash == 'umac') { + $algo = $this->algo; + if ($algo == 'umac') { if ($this->recomputeAESKey) { if (!is_string($this->nonce)) { throw new InsufficientSetupException('No nonce has been set'); @@ -837,9 +838,9 @@ class Hash return $hashedmessage ^ $this->pad; } - if (is_array($this->hash)) { + if (is_array($algo)) { if (empty($this->key) || !is_string($this->key)) { - return substr(call_user_func($this->hash, $text, ...array_values($this->parameters)), 0, $this->length); + return substr($algo($text, ...array_values($this->parameters)), 0, $this->length); } // SHA3 HMACs are discussed at https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=30 @@ -847,17 +848,17 @@ class Hash $key = str_pad($this->computedKey, $b, chr(0)); $temp = $this->ipad ^ $key; $temp .= $text; - $temp = substr(call_user_func($this->hash, $temp, ...array_values($this->parameters)), 0, $this->length); + $temp = substr($algo($temp, ...array_values($this->parameters)), 0, $this->length); $output = $this->opad ^ $key; $output.= $temp; - $output = call_user_func($this->hash, $output, ...array_values($this->parameters)); + $output = $algo($output, ...array_values($this->parameters)); return substr($output, 0, $this->length); } $output = !empty($this->key) || is_string($this->key) ? - hash_hmac($this->hash, $text, $this->computedKey, true) : - hash($this->hash, $text, true); + hash_hmac($algo, $text, $this->computedKey, true) : + hash($algo, $text, true); return strlen($output) > $this->length ? substr($output, 0, $this->length) diff --git a/phpseclib/Crypt/RC2.php b/phpseclib/Crypt/RC2.php index 43f76c40..0e8ec502 100644 --- a/phpseclib/Crypt/RC2.php +++ b/phpseclib/Crypt/RC2.php @@ -393,7 +393,7 @@ class RC2 extends BlockCipher $l[0] = self::$invpitable[$l[0]]; array_unshift($l, 'C*'); - $this->key = call_user_func_array('pack', $l); + $this->key = pack(...$l); $this->key_length = strlen($this->key); $this->changed = $this->nonIVChanged = true; $this->setEngine(); diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index ac10661f..e566b41f 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -553,7 +553,7 @@ abstract class ASN1 } if (isset($value)) { if (isset($special[$key])) { - $value = call_user_func($special[$key], $value); + $value = $special[$key]($value); } return [$key => $value]; } @@ -637,7 +637,7 @@ abstract class ASN1 if ($maymatch) { // Got the match: use it. if (isset($special[$key])) { - $candidate = call_user_func($special[$key], $candidate); + $candidate = $special[$key]($candidate); } $map[$key] = $candidate; $i++; @@ -722,7 +722,7 @@ abstract class ASN1 // Got the match: use it. if (isset($special[$key])) { - $candidate = call_user_func($special[$key], $candidate); + $candidate = $special[$key]($candidate); } $map[$key] = $candidate; break; @@ -881,7 +881,7 @@ abstract class ASN1 if (isset($idx)) { if (isset($special[$idx])) { - $source = call_user_func($special[$idx], $source); + $source = $special[$idx]($source); } self::$location[] = $idx; } diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index cb648c04..75847962 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -1941,7 +1941,7 @@ class SFTP extends SSH2 $i = $j = 0; while ($dataCallback || ($size === 0 || $sent < $size)) { if ($dataCallback) { - $temp = call_user_func($dataCallback, $sftp_packet_size); + $temp = $dataCallback($sftp_packet_size); if (is_null($temp)) { break; } @@ -1962,7 +1962,7 @@ class SFTP extends SSH2 } $sent+= strlen($temp); if (is_callable($progressCallback)) { - call_user_func($progressCallback, $sent); + $progressCallback($sent); } $i++; @@ -2137,7 +2137,7 @@ class SFTP extends SSH2 $packet = null; $read+= $packet_size; if (is_callable($progressCallback)) { - call_user_func($progressCallback, $read); + $progressCallback($read); } $i++; } diff --git a/phpseclib/Net/SFTP/Stream.php b/phpseclib/Net/SFTP/Stream.php index 0c08266b..dca9b975 100644 --- a/phpseclib/Net/SFTP/Stream.php +++ b/phpseclib/Net/SFTP/Stream.php @@ -789,6 +789,6 @@ class Stream if (!method_exists($this, $name)) { return false; } - return call_user_func_array([$this, $name], $arguments); + return $this->$name(...$arguments); } } diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index b1249d02..8c0fbce7 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2675,7 +2675,7 @@ class SSH2 return false; default: if (is_callable($callback)) { - if (call_user_func($callback, $temp) === true) { + if ($callback($temp) === true) { $this->close_channel(self::CHANNEL_EXEC); return true; }