From 99a21278564d7a842e4029732847869fe2b5c68a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 17 Nov 2016 20:54:38 -0600 Subject: [PATCH 01/24] Hash: fix E_NOTICE with PHP4-style constructor --- phpseclib/Crypt/Hash.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Crypt/Hash.php b/phpseclib/Crypt/Hash.php index ca421ace..faa17c57 100644 --- a/phpseclib/Crypt/Hash.php +++ b/phpseclib/Crypt/Hash.php @@ -178,7 +178,7 @@ class Crypt_Hash */ function Crypt_Hash($hash = 'sha1') { - $this->__construct($mode); + $this->__construct($hash); } /** From 8b4208ee60407efe3d13753eb92d0a41dda613d5 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 18 Nov 2016 20:37:08 -0600 Subject: [PATCH 02/24] SFTP: logging didn't work correctly in 2.0 branch --- phpseclib/Net/SFTP.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index 053ad3b7..15aabc6d 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -2792,13 +2792,13 @@ class SFTP extends SSH2 if (defined('NET_SFTP_LOGGING')) { $packet_type = '-> ' . $this->packet_types[$type] . ' (' . round($stop - $start, 4) . 's)'; - if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { + if (NET_SFTP_LOGGING == self::LOG_REALTIME) { echo "
\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n
\r\n"; flush(); ob_flush(); } else { $this->packet_type_log[] = $packet_type; - if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) { + if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { $this->packet_log[] = $data; } } @@ -2868,13 +2868,13 @@ class SFTP extends SSH2 if (defined('NET_SFTP_LOGGING')) { $packet_type = '<- ' . $this->packet_types[$this->packet_type] . ' (' . round($stop - $start, 4) . 's)'; - if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { + if (NET_SFTP_LOGGING == self::LOG_REALTIME) { echo "
\r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n
\r\n"; flush(); ob_flush(); } else { $this->packet_type_log[] = $packet_type; - if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) { + if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { $this->packet_log[] = $packet; } } @@ -2898,10 +2898,10 @@ class SFTP extends SSH2 } switch (NET_SFTP_LOGGING) { - case NET_SFTP_LOG_COMPLEX: + case self::LOG_COMPLEX: return $this->_format_log($this->packet_log, $this->packet_type_log); break; - //case NET_SFTP_LOG_SIMPLE: + //case self::LOG_SIMPLE: default: return $this->packet_type_log; } @@ -2956,4 +2956,4 @@ class SFTP extends SSH2 $this->pwd = false; parent::_disconnect($reason); } -} +} \ No newline at end of file From 51bafdebe2529b09710451b8dda5dab78d6b5f11 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 18 Nov 2016 20:48:01 -0600 Subject: [PATCH 03/24] SFTP: CS adjustment --- phpseclib/Net/SFTP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index 15aabc6d..affabedc 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -2956,4 +2956,4 @@ class SFTP extends SSH2 $this->pwd = false; parent::_disconnect($reason); } -} \ No newline at end of file +} From b70cb8764179060dff71969b1a41f7df76f0b3b6 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 19 Nov 2016 20:39:05 -0600 Subject: [PATCH 04/24] SFTP: don't delete directory if $path is empty --- phpseclib/Net/SFTP.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index a279bdfb..d5404994 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -2237,6 +2237,10 @@ class Net_SFTP extends Net_SSH2 return false; } + if (empty($path)) { + return false; + } + $path = $this->_realpath($path); if ($path === false) { return false; From 48cf16599b4bda669ec3d69f16ffd2c3e4c52c3c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 22 Oct 2016 22:13:17 -0500 Subject: [PATCH 05/24] suppress unpack() PHP warnings --- phpseclib/Net/SCP.php | 3 + phpseclib/Net/SFTP.php | 90 +++++++++++++++++- phpseclib/Net/SSH1.php | 27 +++++- phpseclib/Net/SSH2.php | 203 ++++++++++++++++++++++++++++++++++++++++- 4 files changed, 320 insertions(+), 3 deletions(-) diff --git a/phpseclib/Net/SCP.php b/phpseclib/Net/SCP.php index 83ae5cc8..354acea1 100644 --- a/phpseclib/Net/SCP.php +++ b/phpseclib/Net/SCP.php @@ -335,6 +335,9 @@ class Net_SCP $response = $this->ssh->_get_binary_packet(); switch ($response[NET_SSH1_RESPONSE_TYPE]) { case NET_SSH1_SMSG_STDOUT_DATA: + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { + return false; + } extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA])); return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length); case NET_SSH1_SMSG_STDERR_DATA: diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index a279bdfb..776247bb 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -527,11 +527,20 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nversion', $this->_string_shift($response, 4))); $this->version = $version; while (!empty($response)) { + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $key = $this->_string_shift($response, $length); + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $value = $this->_string_shift($response, $length); $this->extensions[$key] = $value; @@ -642,12 +651,15 @@ class Net_SFTP extends Net_SSH2 function _logError($response, $status = -1) { if ($status == -1) { + if (strlen($response) < 4) { + return; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); } $error = $this->status_codes[$status]; - if ($this->version > 2) { + if ($this->version > 2 || strlen($response) < 4) { extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length); } else { @@ -696,6 +708,9 @@ class Net_SFTP extends Net_SSH2 // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks // at is the first part and that part is defined the same in SFTP versions 3 through 6. $this->_string_shift($response, 4); // skip over the count - it should be 1, anyway + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); return $this->_string_shift($response, $length); case NET_SFTP_STATUS: @@ -930,10 +945,19 @@ class Net_SFTP extends Net_SSH2 $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: + if (strlen($response) < 4) { + return false; + } extract(unpack('Ncount', $this->_string_shift($response, 4))); for ($i = 0; $i < $count; $i++) { + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $shortname = $this->_string_shift($response, $length); + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $longname = $this->_string_shift($response, $length); $attributes = $this->_parseAttributes($response); @@ -960,6 +984,9 @@ class Net_SFTP extends Net_SSH2 } break; case NET_SFTP_STATUS: + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_EOF) { $this->_logError($response, $status); @@ -1554,6 +1581,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -1666,12 +1696,18 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Ncount', $this->_string_shift($response, 4))); // the file isn't a symlink if (!$count) { return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); return $this->_string_shift($response, $length); } @@ -1706,6 +1742,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -1769,6 +1808,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -1806,6 +1848,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? @@ -2033,6 +2078,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -2064,6 +2112,9 @@ class Net_SFTP extends Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -2254,6 +2305,9 @@ class Net_SFTP extends Net_SSH2 } // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -2679,6 +2733,9 @@ class Net_SFTP extends Net_SSH2 } // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + if (strlen($response) < 4) { + return false; + } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); @@ -2706,6 +2763,10 @@ class Net_SFTP extends Net_SSH2 function _parseAttributes(&$response) { $attr = array(); + if (strlen($response) < 4) { + user_error('Malformed file attributes'); + return array(); + } extract(unpack('Nflags', $this->_string_shift($response, 4))); // SFTPv4+ have a type field (a byte) that follows the above flag field foreach ($this->attributes as $key => $value) { @@ -2720,9 +2781,17 @@ class Net_SFTP extends Net_SSH2 $attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8))); break; case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) + if (strlen($response) < 8) { + user_error('Malformed file attributes'); + return $attr; + } $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8)); break; case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 + if (strlen($response) < 4) { + user_error('Malformed file attributes'); + return $attr; + } $attr+= unpack('Npermissions', $this->_string_shift($response, 4)); // mode == permissions; permissions was the original array key and is retained for bc purposes. // mode was added because that's the more industry standard terminology @@ -2733,13 +2802,29 @@ class Net_SFTP extends Net_SSH2 } break; case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 + if (strlen($response) < 8) { + user_error('Malformed file attributes'); + return $attr; + } $attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8)); break; case NET_SFTP_ATTR_EXTENDED: // 0x80000000 + if (strlen($response) < 4) { + user_error('Malformed file attributes'); + return $attr; + } extract(unpack('Ncount', $this->_string_shift($response, 4))); for ($i = 0; $i < $count; $i++) { + if (strlen($response) < 4) { + user_error('Malformed file attributes'); + return $attr; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $key = $this->_string_shift($response, $length); + if (strlen($response) < 4) { + user_error('Malformed file attributes'); + return $attr; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $attr[$key] = $this->_string_shift($response, $length); } @@ -2893,6 +2978,9 @@ class Net_SFTP extends Net_SSH2 } $this->packet_buffer.= $temp; } + if (strlen($this->packet_buffer) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4))); $tempLength = $length; $tempLength-= strlen($this->packet_buffer); diff --git a/phpseclib/Net/SSH1.php b/phpseclib/Net/SSH1.php index fb23daa6..55473d08 100644 --- a/phpseclib/Net/SSH1.php +++ b/phpseclib/Net/SSH1.php @@ -614,20 +614,32 @@ class Net_SSH1 $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { + return false; + } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $server_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->server_key_public_exponent = $server_key_public_exponent; + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { + return false; + } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $server_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->server_key_public_modulus = $server_key_public_modulus; $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { + return false; + } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $host_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->host_key_public_exponent = $host_key_public_exponent; + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { + return false; + } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $host_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->host_key_public_modulus = $host_key_public_modulus; @@ -635,6 +647,9 @@ class Net_SSH1 $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); // get a list of the supported ciphers + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { + return false; + } extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4))); foreach ($this->supported_ciphers as $mask => $name) { if (($supported_ciphers_mask & (1 << $mask)) == 0) { @@ -643,6 +658,9 @@ class Net_SSH1 } // get a list of the supported authentications + if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { + return false; + } extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4))); foreach ($this->supported_authentications as $mask => $name) { if (($supported_authentications_mask & (1 << $mask)) == 0) { @@ -1139,7 +1157,11 @@ class Net_SSH1 } $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 - $temp = unpack('Nlength', fread($this->fsock, 4)); + $data = fread($this->fsock, 4); + if (strlen($data) < 4) { + return false; + } + $temp = unpack('Nlength', $data); $padding_length = 8 - ($temp['length'] & 7); $length = $temp['length'] + $padding_length; @@ -1160,6 +1182,9 @@ class Net_SSH1 $type = $raw[$padding_length]; $data = substr($raw, $padding_length + 1, -4); + if (strlen($raw) < 4) { + return false; + } $temp = unpack('Ncrc', substr($raw, -4)); //if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) { diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 8281e73a..14bcf9a5 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1124,7 +1124,7 @@ class Net_SSH2 return false; } - if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) { + if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { user_error('Expected SSH_MSG_KEXINIT'); return false; } @@ -1313,36 +1313,69 @@ class Net_SSH2 $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) $server_cookie = $this->_string_shift($response, 16); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + if (!strlen($response)) { + return false; + } extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1))); $first_kex_packet_follows = $first_kex_packet_follows != 0; @@ -1426,16 +1459,25 @@ class Net_SSH2 user_error('Connection closed by server'); return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('NprimeLength', $this->_string_shift($response, 4))); $primeBytes = $this->_string_shift($response, $primeLength); $prime = new Math_BigInteger($primeBytes, -256); + if (strlen($response) < 4) { + return false; + } extract(unpack('NgLength', $this->_string_shift($response, 4))); $gBytes = $this->_string_shift($response, $gLength); $g = new Math_BigInteger($gBytes, -256); @@ -1518,6 +1560,9 @@ class Net_SSH2 user_error('Connection closed by server'); return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != $serverKexReplyMessage) { @@ -1525,19 +1570,34 @@ class Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $public_key_format = $this->_string_shift($server_public_host_key, $temp['length']); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $fBytes = $this->_string_shift($response, $temp['length']); $f = new Math_BigInteger($fBytes, -256); + if (strlen($response) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->signature = $this->_string_shift($response, $temp['length']); + if (strlen($this->signature) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($this->signature, 4)); $this->signature_format = $this->_string_shift($this->signature, $temp['length']); @@ -1598,6 +1658,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_NEWKEYS) { @@ -2030,6 +2093,9 @@ class Net_SSH2 return false; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) { @@ -2083,6 +2149,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { @@ -2138,6 +2207,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { @@ -2145,14 +2217,23 @@ class Net_SSH2 if (defined('NET_SSH2_LOGGING')) { $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; } + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length)); return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); case NET_SSH2_MSG_USERAUTH_FAILURE: // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees // multi-factor authentication + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $auth_methods = explode(',', $this->_string_shift($response, $length)); + if (!strlen($response)) { + return false; + } extract(unpack('Cpartial_success', $this->_string_shift($response, 1))); $partial_success = $partial_success != 0; @@ -2227,16 +2308,31 @@ class Net_SSH2 } } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // name; may be empty + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // instruction; may be empty + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // language tag; may be empty + if (strlen($response) < 4) { + return false; + } extract(unpack('Nnum_prompts', $this->_string_shift($response, 4))); for ($i = 0; $i < count($responses); $i++) { @@ -2251,6 +2347,9 @@ class Net_SSH2 if (isset($this->keyboard_requests_responses)) { for ($i = 0; $i < $num_prompts; $i++) { + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); // prompt - ie. "Password: "; must not be empty $prompt = $this->_string_shift($response, $length); @@ -2396,10 +2495,16 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_FAILURE: + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length); return false; @@ -2431,6 +2536,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { @@ -2549,6 +2657,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } list(, $type) = unpack('C', $this->_string_shift($response, 1)); switch ($type) { @@ -2686,6 +2797,9 @@ class Net_SSH2 return false; } + if (!strlen($response)) { + return false; + } list(, $type) = unpack('C', $this->_string_shift($response, 1)); switch ($type) { @@ -3021,6 +3135,9 @@ class Net_SSH2 return false; } + if (strlen($raw) < 5) { + return false; + } extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5))); $remaining_length = $packet_length + 4 - $this->decrypt_block_size; @@ -3096,6 +3213,9 @@ class Net_SSH2 switch (ord($payload[0])) { case NET_SSH2_MSG_DISCONNECT: $this->_string_shift($payload, 1); + if (strlen($payload) < 8) { + return false; + } extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8))); $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length)); $this->bitmap = 0; @@ -3105,6 +3225,9 @@ class Net_SSH2 break; case NET_SSH2_MSG_DEBUG: $this->_string_shift($payload, 2); + if (strlen($payload) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length)); $payload = $this->_get_binary_packet(); @@ -3124,6 +3247,9 @@ class Net_SSH2 // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { $this->_string_shift($payload, 1); + if (strlen($payload) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->banner_message = utf8_decode($this->_string_shift($payload, $length)); $payload = $this->_get_binary_packet(); @@ -3133,6 +3259,9 @@ class Net_SSH2 if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) { switch (ord($payload[0])) { case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 + if (strlen($payload) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length); @@ -3144,8 +3273,14 @@ class Net_SSH2 break; case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 $this->_string_shift($payload, 1); + if (strlen($payload) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $data = $this->_string_shift($payload, $length); + if (strlen($payload) < 4) { + return false; + } extract(unpack('Nserver_channel', $this->_string_shift($payload, 4))); switch ($data) { case 'auth-agent': @@ -3153,6 +3288,9 @@ class Net_SSH2 if (isset($this->agent)) { $new_channel = NET_SSH2_CHANNEL_AGENT_FORWARD; + if (strlen($payload) < 8) { + return false; + } extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4))); extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4))); @@ -3198,6 +3336,9 @@ class Net_SSH2 break; case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: $this->_string_shift($payload, 1); + if (strlen($payload) < 8) { + return false; + } extract(unpack('Nchannel', $this->_string_shift($payload, 4))); extract(unpack('Nwindow_size', $this->_string_shift($payload, 4))); $this->window_size_client_to_server[$channel]+= $window_size; @@ -3330,8 +3471,14 @@ class Net_SSH2 return ''; } + if (!strlen($response)) { + return false; + } extract(unpack('Ctype', $this->_string_shift($response, 1))); + if (strlen($response) < 4) { + return false; + } if ($type == NET_SSH2_MSG_CHANNEL_OPEN) { extract(unpack('Nlength', $this->_string_shift($response, 4))); } else { @@ -3355,14 +3502,23 @@ class Net_SSH2 case NET_SSH2_MSG_CHANNEL_OPEN: switch ($type) { case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: + if (strlen($response) < 4) { + return false; + } extract(unpack('Nserver_channel', $this->_string_shift($response, 4))); $this->server_channels[$channel] = $server_channel; + if (strlen($response) < 4) { + return false; + } extract(unpack('Nwindow_size', $this->_string_shift($response, 4))); if ($window_size < 0) { $window_size&= 0x7FFFFFFF; $window_size+= 0x80000000; } $this->window_size_client_to_server[$channel] = $window_size; + if (strlen($response) < 4) { + return false; + } $temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4)); $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; $result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); @@ -3402,6 +3558,9 @@ class Net_SSH2 $this->_send_channel_packet($channel, chr(0)); } */ + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $data = $this->_string_shift($response, $length); @@ -3428,6 +3587,9 @@ class Net_SSH2 } */ // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR + if (strlen($response) < 8) { + return false; + } extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8))); $data = $this->_string_shift($response, $length); $this->stdErrorLog.= $data; @@ -3443,14 +3605,23 @@ class Net_SSH2 $this->channel_buffers[$channel][] = $data; break; case NET_SSH2_MSG_CHANNEL_REQUEST: + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $value = $this->_string_shift($response, $length); switch ($value) { case 'exit-signal': $this->_string_shift($response, 1); + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length); $this->_string_shift($response, 1); + if (strlen($response) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($response, 4))); if ($length) { $this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length); @@ -3463,6 +3634,9 @@ class Net_SSH2 break; case 'exit-status': + if (strlen($response) < 5) { + return false; + } extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); $this->exit_status = $exit_status; @@ -4091,6 +4265,9 @@ class Net_SSH2 $signature = $this->signature; $server_public_host_key = $this->server_public_host_key; + if (strlen($server_public_host_key) < 4) { + return false; + } extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4))); $this->_string_shift($server_public_host_key, $length); @@ -4106,15 +4283,27 @@ class Net_SSH2 case 'ssh-dss': $zero = new Math_BigInteger(); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $q = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $g = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $y = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); @@ -4161,15 +4350,24 @@ class Net_SSH2 break; case 'ssh-rsa': + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + if (strlen($server_public_host_key) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $rawN = $this->_string_shift($server_public_host_key, $temp['length']); $n = new Math_BigInteger($rawN, -256); $nLength = strlen(ltrim($rawN, "\0")); /* + if (strlen($signature) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $signature = $this->_string_shift($signature, $temp['length']); @@ -4186,6 +4384,9 @@ class Net_SSH2 } */ + if (strlen($signature) < 4) { + return false; + } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $s = new Math_BigInteger($this->_string_shift($signature, $temp['length']), 256); From 7cb66ea56efd02bcf82c5933c84071a37121dcd5 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 20 Nov 2016 11:08:53 -0600 Subject: [PATCH 06/24] SSH2: don't use timeout value of 0 for fsockopen --- phpseclib/Net/SSH2.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 12741c73..712656bd 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1040,7 +1040,10 @@ class Net_SSH2 if (!is_resource($this->fsock)) { $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 - $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout); + // with stream_select a timeout of 0 means that no timeout takes place; + // with fsockopen a timeout of 0 means that you instantly timeout + // to resolve this incompatibility a timeout of 100,000 will be used for fsockopen if timeout is 0 + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout); if (!$this->fsock) { $host = $this->host . ':' . $this->port; user_error(rtrim("Cannot connect to $host. Error $errno. $errstr")); From a2d9622bf9644f85644546bb75504a2992756bb6 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 20 Nov 2016 18:03:01 -0600 Subject: [PATCH 07/24] SFTP: update directory deletion check (#1059) --- phpseclib/Net/SFTP.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index d5404994..43ad4f54 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -2237,7 +2237,12 @@ class Net_SFTP extends Net_SSH2 return false; } - if (empty($path)) { + if (is_object($path)) { + // It's an object. Cast it as string before we check anything else. + $path = (string) $path; + } + + if (!is_string($path) || $path == '') { return false; } From 6fb34887c5bf06f5757f35d341bd0e79f5a017d7 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 20 Nov 2016 18:13:01 -0600 Subject: [PATCH 08/24] SFTP: change queue size to 32 (max packet size is 32kb so 32*32=1M) --- phpseclib/Net/SFTP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index 43ad4f54..a3fc89f5 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -413,7 +413,7 @@ class Net_SFTP extends Net_SSH2 ); if (!defined('NET_SFTP_QUEUE_SIZE')) { - define('NET_SFTP_QUEUE_SIZE', 50); + define('NET_SFTP_QUEUE_SIZE', 32); } } From b26f14e5feab0f7181f44a7a94772a7b80bc8e0f Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 17 Dec 2016 16:09:48 -0600 Subject: [PATCH 09/24] SSH2: make it so disabling PTY closes exec() channel if it's open --- phpseclib/Net/SSH2.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 8bf9a805..68de7fbc 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2601,6 +2601,11 @@ class Net_SSH2 return false; } + if ($this->in_request_pty_exec) { + user_error('If you want to run multiple exec()\'s you will need to disable (and re-enable if appropriate) a PTY for each one.'); + return false; + } + // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, // honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway. @@ -3408,6 +3413,10 @@ class Net_SSH2 */ function disablePTY() { + if ($this->in_request_pty_exec) { + $this->_close_channel(NET_SSH2_CHANNEL_EXEC); + $this->in_request_pty_exec = false; + } $this->request_pty = false; } From d80794b1d9d152b8840ab425ccfe8ccea9b6418e Mon Sep 17 00:00:00 2001 From: vladimirghetau Date: Fri, 16 Dec 2016 16:27:56 +0000 Subject: [PATCH 10/24] exec authentication, code reuse --- phpseclib/Net/SSH2.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 8bf9a805..87206dfb 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2597,7 +2597,7 @@ class Net_SSH2 $this->is_timeout = false; $this->stdErrorLog = ''; - if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { + if (!$this->isAuthenticated()) { return false; } @@ -2896,7 +2896,7 @@ class Net_SSH2 $this->curTimeout = $this->timeout; $this->is_timeout = false; - if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { + if (!$this->isAuthenticated()) { user_error('Operation disallowed prior to login()'); return false; } @@ -2938,7 +2938,7 @@ class Net_SSH2 */ function write($cmd) { - if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { + if (!$this->isAuthenticated()) { user_error('Operation disallowed prior to login()'); return false; } @@ -3248,7 +3248,7 @@ class Net_SSH2 } // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in - if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { + if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !$this->isAuthenticated() && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { $this->_string_shift($payload, 1); if (strlen($payload) < 4) { return false; @@ -3259,7 +3259,7 @@ class Net_SSH2 } // only called when we've already logged in - if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) { + if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && $this->isAuthenticated()) { switch (ord($payload[0])) { case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 if (strlen($payload) < 4) { From da6e5211df61196a370d943b0f44f4d1fda488ef Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 17 Dec 2016 17:41:56 -0600 Subject: [PATCH 11/24] X509: ignore certificate transparency extension --- phpseclib/File/X509.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 040551f0..932262a0 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -1939,6 +1939,9 @@ class File_X509 // "SET Secure Electronic Transaction Specification" // http://www.maithean.com/docs/set_bk3.pdf case '2.23.42.7.0': // id-set-hashedRootKey + // "Certificate Transparency" + // https://tools.ietf.org/html/rfc6962 + case '1.3.6.1.4.1.11129.2.4.2': return true; // CSR attributes From 3cebd4ec5918927563dad08621a9cc942e891910 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 18 Dec 2016 10:32:35 +0100 Subject: [PATCH 12/24] README: Update Coverage and API URLs. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 75089a01..64dcc711 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 * [Download (1.0.5)](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.5.zip/download) * [Browse Git](https://github.com/phpseclib/phpseclib) -* [Code Coverage Report](http://phpseclib.bantux.org/code_coverage/1.0/latest/) +* [Code Coverage Report](https://coverage.phpseclib.org/1.0/latest/) PEAR Channel PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm) @@ -16,7 +16,7 @@ PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear. ## Documentation * [Documentation / Manual](http://phpseclib.sourceforge.net/) -* [API Documentation](http://phpseclib.bantux.org/api/1.0/) (generated by Sami) +* [API Documentation](https://api.phpseclib.org/1.0/) (generated by Sami) ## Support From d0d26cd29fb1e769a2af1bad6107d99bdff8bcb8 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 18 Dec 2016 10:38:28 +0100 Subject: [PATCH 13/24] README: Remove pipe into php. --- README.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 64dcc711..b265fd35 100644 --- a/README.md +++ b/README.md @@ -30,17 +30,12 @@ Need Support? Dependencies are managed via Composer. -1. Download the [`composer.phar`](https://getcomposer.org/composer.phar) executable as per the - [Composer Download Instructions](https://getcomposer.org/download/), e.g. by running - - ``` sh - curl -sS https://getcomposer.org/installer | php - ``` +1. Install Composer (see [Composer Download Instructions](https://getcomposer.org/download/)) 2. Install Dependencies ``` sh - php composer.phar install + composer install ``` ## Contributing From bd5b8809e8b270c8f8f76780dcf885c7578e32ce Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 18 Dec 2016 10:40:24 +0100 Subject: [PATCH 14/24] README: Merge 'Installing Development Dependencies' into 'Contributing'. --- README.md | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index b265fd35..e510e437 100644 --- a/README.md +++ b/README.md @@ -26,35 +26,29 @@ Need Support? * [Create a Support Ticket on GitHub](https://github.com/phpseclib/phpseclib/issues/new) * [Browse the Support Forum](http://www.frostjedi.com/phpbb/viewforum.php?f=46) (no longer in use) -## Installing Development Dependencies +## Contributing -Dependencies are managed via Composer. +1. Fork the Project -1. Install Composer (see [Composer Download Instructions](https://getcomposer.org/download/)) +2. Ensure you have Composer installed (see [Composer Download Instructions](https://getcomposer.org/download/)) -2. Install Dependencies +3. Install Development Dependencies ``` sh composer install ``` -## Contributing +4. Create a Feature Branch -1. Fork the Project - -2. Install Development Dependencies - -3. Create a Feature Branch - -4. (Recommended) Run the Test Suite +5. (Recommended) Run the Test Suite ``` sh vendor/bin/phpunit ``` -5. (Recommended) Check whether your code conforms to our Coding Standards by running +6. (Recommended) Check whether your code conforms to our Coding Standards by running ``` sh vendor/bin/phing -f build/build.xml sniff ``` -6. Send us a Pull Request +7. Send us a Pull Request From 804cade3c08f3bd0ce8e03fa427fb560c04c4239 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 18 Dec 2016 11:02:41 +0100 Subject: [PATCH 15/24] README: Add branches section. --- README.md | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e510e437..dfaa909d 100644 --- a/README.md +++ b/README.md @@ -6,18 +6,38 @@ MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 -* [Download (1.0.5)](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.5.zip/download) * [Browse Git](https://github.com/phpseclib/phpseclib) * [Code Coverage Report](https://coverage.phpseclib.org/1.0/latest/) -PEAR Channel -PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm) - ## Documentation * [Documentation / Manual](http://phpseclib.sourceforge.net/) * [API Documentation](https://api.phpseclib.org/1.0/) (generated by Sami) +## Branches + +### master + +* Development Branch +* Unstable API +* Do not use in production + +### 2.0 + +* Modernized version of 1.0 +* Minimum PHP version: 5.3.3 +* PSR-4 autoloading with namespace rooted at `\phpseclib` +* Install via Composer: `composer requite phpseclib/phpseclib ~2.0` + +### 1.0 + +* Long term support (LTS) release +* PHP4 compatible +* Composer compatible (PSR-0 autoloading) +* Install via Composer: `composer require phpseclib/phpseclib ~1.0` +* PEAR Channel PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm) +* [Download 1.0.5 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.5.zip/download) + ## Support Need Support? From c7390e26f509d0659f555ccad3909bd808342992 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 18 Dec 2016 11:08:04 +0100 Subject: [PATCH 16/24] README: Reword 1.0 PEAR installation instructions. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index dfaa909d..bf35a206 100644 --- a/README.md +++ b/README.md @@ -34,8 +34,8 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 * Long term support (LTS) release * PHP4 compatible * Composer compatible (PSR-0 autoloading) -* Install via Composer: `composer require phpseclib/phpseclib ~1.0` -* PEAR Channel PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm) +* Install using Composer: `composer require phpseclib/phpseclib ~1.0` +' Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm) * [Download 1.0.5 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.5.zip/download) ## Support From 95335f95608a152c1490e3c3e3086eaa86eb93e5 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 24 Dec 2016 21:20:13 -0600 Subject: [PATCH 17/24] SSH2: update PTY changes for 2.0 branch --- phpseclib/Net/SSH2.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index ed506c29..b6aed420 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -3312,7 +3312,7 @@ class SSH2 function disablePTY() { if ($this->in_request_pty_exec) { - $this->_close_channel(NET_SSH2_CHANNEL_EXEC); + $this->_close_channel(self::CHANNEL_EXEC); $this->in_request_pty_exec = false; } $this->request_pty = false; From a0e6bd87f237ef2d5f7e9c8af73ec88d8c6b044e Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 25 Dec 2016 16:09:17 +0100 Subject: [PATCH 18/24] README: Fix typos. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bf35a206..305c1c3e 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 * Modernized version of 1.0 * Minimum PHP version: 5.3.3 * PSR-4 autoloading with namespace rooted at `\phpseclib` -* Install via Composer: `composer requite phpseclib/phpseclib ~2.0` +* Install via Composer: `composer require phpseclib/phpseclib ~2.0` ### 1.0 @@ -35,7 +35,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 * PHP4 compatible * Composer compatible (PSR-0 autoloading) * Install using Composer: `composer require phpseclib/phpseclib ~1.0` -' Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm) +* Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm) * [Download 1.0.5 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.5.zip/download) ## Support From fae358cc3cc793d73668ba76fbfba1b7d890a588 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Wed, 4 Jan 2017 15:33:10 -0600 Subject: [PATCH 19/24] BigInteger: use public / private / protected --- phpseclib/Math/BigInteger.php | 178 ++++++++++---------- tests/PhpseclibTestCase.php | 8 + tests/Unit/Math/BigInteger/InternalTest.php | 3 +- 3 files changed, 99 insertions(+), 90 deletions(-) diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php index f25a2f09..81d3593e 100644 --- a/phpseclib/Math/BigInteger.php +++ b/phpseclib/Math/BigInteger.php @@ -167,23 +167,23 @@ class BigInteger * * @see __construct() */ - protected static $base; - protected static $baseFull; - protected static $maxDigit; - protected static $msb; + private static $base; + private static $baseFull; + private static $maxDigit; + private static $msb; /** * $max10 in greatest $max10Len satisfying * $max10 = 10**$max10Len <= 2**$base. */ - protected static $max10; + private static $max10; /** * $max10Len in greatest $max10Len satisfying * $max10 = 10**$max10Len <= 2**$base. */ - protected static $max10Len; - protected static $maxDigit2; + private static $max10Len; + private static $maxDigit2; /**#@-*/ /** @@ -192,7 +192,7 @@ class BigInteger * @var array * @access private */ - var $value; + private $value; /** * Holds the BigInteger's magnitude. @@ -200,7 +200,7 @@ class BigInteger * @var bool * @access private */ - var $is_negative = false; + private $is_negative = false; /** * Precision @@ -208,7 +208,7 @@ class BigInteger * @see self::setPrecision() * @access private */ - var $precision = -1; + private $precision = -1; /** * Precision Bitmask @@ -216,7 +216,7 @@ class BigInteger * @see self::setPrecision() * @access private */ - var $bitmask = false; + private $bitmask = false; /** * Mode independent value used for serialization. @@ -230,7 +230,7 @@ class BigInteger * @var string * @access private */ - var $hex; + private $hex; /** * Converts base-2, base-10, base-16, and binary strings (base-256) to BigIntegers. @@ -252,7 +252,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function __construct($x = 0, $base = 10) + public function __construct($x = 0, $base = 10) { if (!defined('MATH_BIGINTEGER_MODE')) { switch (true) { @@ -491,7 +491,7 @@ class BigInteger * @access public * @internal Converts a base-2**26 number to base-2**8 */ - function toBytes($twos_compliment = false) + public function toBytes($twos_compliment = false) { if ($twos_compliment) { $comparison = $this->compare(new static()); @@ -584,7 +584,7 @@ class BigInteger * @access public * @internal Converts a base-2**26 number to base-2**8 */ - function toHex($twos_compliment = false) + public function toHex($twos_compliment = false) { return Hex::encode($this->toBytes($twos_compliment)); } @@ -609,7 +609,7 @@ class BigInteger * @access public * @internal Converts a base-2**26 number to base-2**2 */ - function toBits($twos_compliment = false) + public function toBits($twos_compliment = false) { $hex = $this->toHex($twos_compliment); $bits = ''; @@ -644,7 +644,7 @@ class BigInteger * @access public * @internal Converts a base-2**26 number to base-10**7 (which is pretty much base-10) */ - function toString() + public function toString() { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -692,7 +692,7 @@ class BigInteger * @access public * @internal Implemented per a suggestion by Techie-Michael - thanks! */ - function __toString() + public function __toString() { return $this->toString(); } @@ -705,7 +705,7 @@ class BigInteger * @see self::__wakeup() * @access public */ - function __sleep() + public function __sleep() { $this->hex = $this->toHex(true); $vars = ['hex']; @@ -723,7 +723,7 @@ class BigInteger * @see self::__sleep() * @access public */ - function __wakeup() + public function __wakeup() { $temp = new static($this->hex, -16); $this->value = $temp->value; @@ -741,7 +741,7 @@ class BigInteger * * @access public */ - function __debugInfo() + public function __debugInfo() { $opts = []; switch (MATH_BIGINTEGER_MODE) { @@ -787,7 +787,7 @@ class BigInteger * @access public * @internal Performs base-2**52 addition */ - function add(BigInteger $y) + public function add(BigInteger $y) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -821,7 +821,7 @@ class BigInteger * @return array * @access private */ - static function _add($x_value, $x_negative, $y_value, $y_negative) + private static function _add($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); @@ -916,7 +916,7 @@ class BigInteger * @access public * @internal Performs base-2**52 subtraction */ - function subtract(BigInteger $y) + public function subtract(BigInteger $y) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -950,7 +950,7 @@ class BigInteger * @return array * @access private */ - static function _subtract($x_value, $x_negative, $y_value, $y_negative) + private static function _subtract($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); @@ -1049,7 +1049,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function multiply(BigInteger $x) + public function multiply(BigInteger $x) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -1083,7 +1083,7 @@ class BigInteger * @return array * @access private */ - static function _multiply($x_value, $x_negative, $y_value, $y_negative) + private static function _multiply($x_value, $x_negative, $y_value, $y_negative) { //if ( $x_value == $y_value ) { // return [ @@ -1120,7 +1120,7 @@ class BigInteger * @return array * @access private */ - static function _regularMultiply($x_value, $y_value) + private static function _regularMultiply($x_value, $y_value) { $x_length = count($x_value); $y_length = count($y_value); @@ -1184,7 +1184,7 @@ class BigInteger * @return array * @access private */ - static function _karatsuba($x_value, $y_value) + private static function _karatsuba($x_value, $y_value) { $m = min(count($x_value) >> 1, count($y_value) >> 1); @@ -1222,7 +1222,7 @@ class BigInteger * @return array * @access private */ - static function _square($x = false) + private static function _square($x = false) { return count($x) < 2 * self::KARATSUBA_CUTOFF ? self::_trim(self::_baseSquare($x)) : @@ -1240,7 +1240,7 @@ class BigInteger * @return array * @access private */ - static function _baseSquare($value) + private static function _baseSquare($value) { if (empty($value)) { return []; @@ -1279,7 +1279,7 @@ class BigInteger * @return array * @access private */ - static function _karatsubaSquare($value) + private static function _karatsubaSquare($value) { $m = count($value) >> 1; @@ -1334,7 +1334,7 @@ class BigInteger * @access public * @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. */ - function divide(BigInteger $y) + public function divide(BigInteger $y) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -1515,7 +1515,7 @@ class BigInteger * @return array * @access private */ - static function _divide_digit($dividend, $divisor) + private static function _divide_digit($dividend, $divisor) { $carry = 0; $result = []; @@ -1569,7 +1569,7 @@ class BigInteger * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. */ - function modPow(BigInteger $e, BigInteger $n) + public function modPow(BigInteger $e, BigInteger $n) { $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); @@ -1720,7 +1720,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function powMod(BigInteger $e, BigInteger $n) + public function powMod(BigInteger $e, BigInteger $n) { return $this->modPow($e, $n); } @@ -1739,7 +1739,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access private */ - function _slidingWindow($e, $n, $mode) + private function _slidingWindow($e, $n, $mode) { static $window_ranges = [7, 25, 81, 241, 673, 1793]; // from BigInteger.java's oddModPow function //static $window_ranges = [0, 7, 36, 140, 450, 1303, 3529]; // from MPM 7.3.1 @@ -1816,7 +1816,7 @@ class BigInteger * @param int $mode * @return array */ - static function _reduce($x, $n, $mode) + private static function _reduce($x, $n, $mode) { switch ($mode) { case self::MONTGOMERY: @@ -1853,7 +1853,7 @@ class BigInteger * @param int $mode * @return array */ - static function _prepareReduce($x, $n, $mode) + private static function _prepareReduce($x, $n, $mode) { if ($mode == self::MONTGOMERY) { return self::_prepMontgomery($x, $n); @@ -1872,7 +1872,7 @@ class BigInteger * @param int $mode * @return array */ - static function _multiplyReduce($x, $y, $n, $mode) + private static function _multiplyReduce($x, $y, $n, $mode) { if ($mode == self::MONTGOMERY) { return self::_montgomeryMultiply($x, $y, $n); @@ -1891,7 +1891,7 @@ class BigInteger * @param int $mode * @return array */ - static function _squareReduce($x, $n, $mode) + private static function _squareReduce($x, $n, $mode) { if ($mode == self::MONTGOMERY) { return self::_montgomeryMultiply($x, $x, $n); @@ -1910,7 +1910,7 @@ class BigInteger * @param \phpseclib\Math\BigInteger * @return \phpseclib\Math\BigInteger */ - function _mod2($n) + private function _mod2($n) { $temp = new static(); $temp->value = [1]; @@ -1941,7 +1941,7 @@ class BigInteger * @param array $m * @return array */ - static function _barrett($n, $m) + private static function _barrett($n, $m) { static $cache = [ self::VARIABLE => [], @@ -2038,7 +2038,7 @@ class BigInteger * @param array $n * @return array */ - static function _regularBarrett($x, $n) + private static function _regularBarrett($x, $n) { static $cache = [ self::VARIABLE => [], @@ -2112,7 +2112,7 @@ class BigInteger * @return array * @access private */ - static function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) + private static function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) { $x_length = count($x_value); $y_length = count($y_value); @@ -2191,7 +2191,7 @@ class BigInteger * @param array $n * @return array */ - static function _montgomery($x, $n) + private static function _montgomery($x, $n) { static $cache = [ self::VARIABLE => [], @@ -2239,7 +2239,7 @@ class BigInteger * @param array $m * @return array */ - static function _montgomeryMultiply($x, $y, $m) + private static function _montgomeryMultiply($x, $y, $m) { $temp = self::_multiply($x, false, $y, false); return self::_montgomery($temp[self::VALUE], $m); @@ -2290,7 +2290,7 @@ class BigInteger * @param array $n * @return array */ - static function _prepMontgomery($x, $n) + private static function _prepMontgomery($x, $n) { $lhs = new static(); $lhs->value = array_merge(self::_array_repeat(0, count($n)), $x); @@ -2327,7 +2327,7 @@ class BigInteger * @param array $x * @return int */ - function _modInverse67108864($x) // 2**26 == 67,108,864 + private function _modInverse67108864($x) // 2**26 == 67,108,864 { $x = -$x[0]; $result = $x & 0x3; // x**-1 mod 2**2 @@ -2365,7 +2365,7 @@ class BigInteger * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information. */ - function modInverse(BigInteger $n) + public function modInverse(BigInteger $n) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2429,7 +2429,7 @@ class BigInteger * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes, * the more traditional algorithim requires "relatively costly multiple-precision divisions". */ - function extendedGCD(BigInteger $n) + public function extendedGCD(BigInteger $n) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2558,7 +2558,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function gcd(BigInteger $n) + public function gcd(BigInteger $n) { extract($this->extendedGCD($n)); return $gcd; @@ -2570,7 +2570,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function abs() + public function abs() { $temp = new static(); @@ -2606,7 +2606,7 @@ class BigInteger * @see self::equals() * @internal Could return $this->subtract($x), but that's not as fast as what we do do. */ - function compare(BigInteger $y) + public function compare(BigInteger $y) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2629,7 +2629,7 @@ class BigInteger * @see self::compare() * @access private */ - static function _compare($x_value, $x_negative, $y_value, $y_negative) + private static function _compare($x_value, $x_negative, $y_value, $y_negative) { if ($x_negative != $y_negative) { return (!$x_negative && $y_negative) ? 1 : -1; @@ -2664,7 +2664,7 @@ class BigInteger * @access public * @see self::compare() */ - function equals(BigInteger $x) + public function equals(BigInteger $x) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2683,7 +2683,7 @@ class BigInteger * @param int $bits * @access public */ - function setPrecision($bits) + public function setPrecision($bits) { if ($bits < 1) { $this->precision = -1; @@ -2709,7 +2709,7 @@ class BigInteger * @see self::setPrecision() * @access public */ - function getPrecision() + public function getPrecision() { return $this->precision; } @@ -2722,7 +2722,7 @@ class BigInteger * @internal Implemented per a request by Lluis Pamies i Juarez * @return \phpseclib\Math\BigInteger */ - function bitwise_and(BigInteger $x) + public function bitwise_and(BigInteger $x) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2763,7 +2763,7 @@ class BigInteger * @internal Implemented per a request by Lluis Pamies i Juarez * @return \phpseclib\Math\BigInteger */ - function bitwise_or(BigInteger $x) + public function bitwise_or(BigInteger $x) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2803,7 +2803,7 @@ class BigInteger * @internal Implemented per a request by Lluis Pamies i Juarez * @return \phpseclib\Math\BigInteger */ - function bitwise_xor(BigInteger $x) + public function bitwise_xor(BigInteger $x) { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -2842,7 +2842,7 @@ class BigInteger * @internal Implemented per a request by Lluis Pamies i Juarez * @return \phpseclib\Math\BigInteger */ - function bitwise_not() + public function bitwise_not() { // calculuate "not" without regard to $this->precision // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) @@ -2885,7 +2885,7 @@ class BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. */ - function bitwise_rightShift($shift) + public function bitwise_rightShift($shift) { $temp = new static(); @@ -2923,7 +2923,7 @@ class BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. */ - function bitwise_leftShift($shift) + public function bitwise_leftShift($shift) { $temp = new static(); @@ -2960,7 +2960,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function bitwise_leftRotate($shift) + public function bitwise_leftRotate($shift) { $bits = $this->toBytes(); @@ -3005,7 +3005,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - function bitwise_rightRotate($shift) + public function bitwise_rightRotate($shift) { return $this->bitwise_leftRotate(-$shift); } @@ -3017,7 +3017,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - static function minMaxBits($bits) + public static function minMaxBits($bits) { $bytes = $bits >> 3; $min = str_repeat(chr(0), $bytes); @@ -3044,7 +3044,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - static function random($size) + public static function random($size) { extract(self::minMaxBits($size)); return self::randomRange($min, $max); @@ -3064,7 +3064,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - static function randomRange(BigInteger $min, BigInteger $max) + public static function randomRange(BigInteger $min, BigInteger $max) { $compare = $max->compare($min); @@ -3130,7 +3130,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access public */ - static function randomPrime($size) + public static function randomPrime($size) { extract(self::minMaxBits($size)); return self::randomRangePrime($min, $max); @@ -3147,7 +3147,7 @@ class BigInteger * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}. */ - static function randomRangePrime(BigInteger $min, BigInteger $max) + public static function randomRangePrime(BigInteger $min, BigInteger $max) { $compare = $max->compare($min); @@ -3229,7 +3229,7 @@ class BigInteger * @see self::randomPrime() * @access private */ - function _make_odd() + private function _make_odd() { switch (MATH_BIGINTEGER_MODE) { case self::MODE_GMP: @@ -3259,7 +3259,7 @@ class BigInteger * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}. */ - function isPrime($t = false) + public function isPrime($t = false) { $length = strlen($this->toBytes()); @@ -3408,7 +3408,7 @@ class BigInteger * @param int $shift * @access private */ - function _lshift($shift) + private function _lshift($shift) { if ($shift == 0) { return; @@ -3443,7 +3443,7 @@ class BigInteger * @param int $shift * @access private */ - function _rshift($shift) + private function _rshift($shift) { if ($shift == 0) { return; @@ -3479,7 +3479,7 @@ class BigInteger * @see self::_trim() * @access private */ - function _normalize($result) + private function _normalize($result) { $result->precision = $this->precision; $result->bitmask = $this->bitmask; @@ -3528,7 +3528,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @access private */ - static function _trim($value) + private static function _trim($value) { for ($i = count($value) - 1; $i >= 0; --$i) { if ($value[$i]) { @@ -3548,7 +3548,7 @@ class BigInteger * @return array * @access private */ - static function _array_repeat($input, $multiplier) + private static function _array_repeat($input, $multiplier) { return ($multiplier) ? array_fill(0, $multiplier, $input) : []; } @@ -3563,7 +3563,7 @@ class BigInteger * @return string * @access private */ - static function _base256_lshift(&$x, $shift) + private static function _base256_lshift(&$x, $shift) { if ($shift == 0) { return; @@ -3592,7 +3592,7 @@ class BigInteger * @return string * @access private */ - static function _base256_rshift(&$x, $shift) + private static function _base256_rshift(&$x, $shift) { if ($shift == 0) { $x = ltrim($x, chr(0)); @@ -3633,7 +3633,7 @@ class BigInteger * @return string * @access private */ - static function _int2bytes($x) + private static function _int2bytes($x) { return ltrim(pack('N', $x), chr(0)); } @@ -3645,7 +3645,7 @@ class BigInteger * @return int * @access private */ - static function _bytes2int($x) + private static function _bytes2int($x) { $temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT)); return $temp['int']; @@ -3664,7 +3664,7 @@ class BigInteger * @param int $y * @return int */ - static function _safe_divide($x, $y) + private static function _safe_divide($x, $y) { if (self::$base === 26) { return (int) ($x / $y); @@ -3695,7 +3695,7 @@ class BigInteger * @return \phpseclib\Math\BigInteger * @internal This function is based off of {@link http://mathforum.org/library/drmath/view/52605.html this page} and {@link http://stackoverflow.com/questions/11242920/calculating-nth-root-with-bcmath-in-php this stackoverflow question}. */ - function root($n = null) + public function root($n = null) { static $zero, $one, $two; if (!isset($one)) { @@ -3777,7 +3777,7 @@ class BigInteger * @access public * @return \phpseclib\Math\BigInteger */ - function pow($n) + public function pow($n) { $zero = new static(0); if ($n->compare($zero) == 0) { @@ -3813,7 +3813,7 @@ class BigInteger * @access public * @return \phpseclib\Math\BigInteger */ - static function min() + public static function min() { $args = func_get_args(); if (count($args) == 1) { @@ -3833,7 +3833,7 @@ class BigInteger * @access public * @return \phpseclib\Math\BigInteger */ - static function max() + public static function max() { $args = func_get_args(); if (count($args) == 1) { @@ -3852,7 +3852,7 @@ class BigInteger * @access public * @return int */ - function getLength() + public function getLength() { return strlen($this->toBits()); } @@ -3863,7 +3863,7 @@ class BigInteger * @access public * @return int */ - function getLengthInBytes() + public function getLengthInBytes() { return strlen($this->toBytes()); } diff --git a/tests/PhpseclibTestCase.php b/tests/PhpseclibTestCase.php index 1a2a8e4a..6335128b 100644 --- a/tests/PhpseclibTestCase.php +++ b/tests/PhpseclibTestCase.php @@ -101,4 +101,12 @@ abstract class PhpseclibTestCase extends PHPUnit_Framework_TestCase } } } + + protected static function getVar($obj, $var) + { + $reflection = new ReflectionClass(get_class($obj)); + $prop = $reflection->getProperty($var); + $prop->setAccessible(true); + return $prop->getValue($obj); + } } diff --git a/tests/Unit/Math/BigInteger/InternalTest.php b/tests/Unit/Math/BigInteger/InternalTest.php index 599d94ae..fbc5fa77 100644 --- a/tests/Unit/Math/BigInteger/InternalTest.php +++ b/tests/Unit/Math/BigInteger/InternalTest.php @@ -19,6 +19,7 @@ class Unit_Math_BigInteger_InternalTest extends Unit_Math_BigInteger_TestCase { $x = new \phpseclib\Math\BigInteger('FFFFFFFFFFFFFFFFC90FDA', 16); $y = new \phpseclib\Math\BigInteger("$x"); - $this->assertSame($x->value, $y->value); + + $this->assertSame(self::getVar($x, 'value'), self::getVar($y, 'value')); } } From b9b4f67a0f347e727531f7d12606766ee85b566a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 7 Jan 2017 19:51:56 -0600 Subject: [PATCH 20/24] Net: add public / private / protected --- phpseclib/Common/Functions/Objects.php | 75 +++ phpseclib/Net/SCP.php | 61 +-- phpseclib/Net/SFTP.php | 563 +++++++++++----------- phpseclib/Net/SFTP/Stream.php | 88 ++-- phpseclib/Net/SSH1.php | 196 ++++---- phpseclib/Net/SSH2.php | 610 ++++++++++++------------ phpseclib/System/SSH/Agent.php | 65 ++- phpseclib/System/SSH/Agent/Identity.php | 18 +- tests/PhpseclibTestCase.php | 8 + tests/Unit/Net/SSH1Test.php | 2 +- tests/Unit/Net/SSH2Test.php | 4 +- 11 files changed, 896 insertions(+), 794 deletions(-) create mode 100644 phpseclib/Common/Functions/Objects.php diff --git a/phpseclib/Common/Functions/Objects.php b/phpseclib/Common/Functions/Objects.php new file mode 100644 index 00000000..4a386e4f --- /dev/null +++ b/phpseclib/Common/Functions/Objects.php @@ -0,0 +1,75 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Common\Functions; + +/** + * Common Object Functions + * + * @package Functions\Objects + * @author Jim Wigginton + */ +abstract class Objects +{ + /** + * Accesses a private variable from an object + * + * @param Object $obj + * @param string $var + * @return mixed + * @access private + */ + public static function getVar($obj, $var) + { + $reflection = new \ReflectionClass(get_class($obj)); + $prop = $reflection->getProperty($var); + $prop->setAccessible(true); + return $prop->getValue($obj); + } + + /** + * Sets the value of a private variable in an object + * + * @param Object $obj + * @param string $var + * @param mixed $val + * @return mixed + * @access private + */ + public static function setVar($obj, $var, $val) + { + $reflection = new \ReflectionClass(get_class($obj)); + $prop = $reflection->getProperty($var); + $prop->setAccessible(true); + return $prop->setValue($obj, $val); + } + + /** + * Accesses a private method from an object + * + * @param Object $obj + * @param string $func + * @param array $params + * @return mixed + * @access private + */ + public static function callFunc($obj, $func, $params = array()) + { + $reflection = new \ReflectionClass(get_class($obj)); + $method = $reflection->getMethod($func); + $method->setAccessible(true); + return $method->invokeArgs($obj, $params); + } +} diff --git a/phpseclib/Net/SCP.php b/phpseclib/Net/SCP.php index db1b2973..e1f31e3c 100755 --- a/phpseclib/Net/SCP.php +++ b/phpseclib/Net/SCP.php @@ -34,6 +34,7 @@ namespace phpseclib\Net; use phpseclib\Exception\FileNotFoundException; use phpseclib\Common\Functions\Strings; +use phpseclib\Common\Functions\Objects; /** * Pure-PHP implementations of SCP. @@ -79,7 +80,7 @@ class SCP * @var object * @access private */ - var $ssh; + private $ssh; /** * Packet Size @@ -87,7 +88,7 @@ class SCP * @var int * @access private */ - var $packet_size; + private $packet_size; /** * Mode @@ -95,7 +96,7 @@ class SCP * @var int * @access private */ - var $mode; + private $mode; /** * Default Constructor. @@ -106,7 +107,7 @@ class SCP * @return \phpseclib\Net\SCP * @access public */ - function __construct($ssh) + public function __construct($ssh) { if ($ssh instanceof SSH2) { $this->mode = self::MODE_SSH2; @@ -142,7 +143,7 @@ class SCP * @return bool * @access public */ - function put($remote_file, $data, $mode = self::SOURCE_STRING, $callback = null) + public function put($remote_file, $data, $mode = self::SOURCE_STRING, $callback = null) { if (!isset($this->ssh)) { return false; @@ -152,13 +153,13 @@ class SCP return false; } - $temp = $this->_receive(); + $temp = $this->receive(); if ($temp !== chr(0)) { return false; } if ($this->mode == self::MODE_SSH2) { - $this->packet_size = $this->ssh->packet_size_client_to_server[SSH2::CHANNEL_EXEC] - 4; + $this->packet_size = Objects::getVar($this->ssh, 'packet_size_client_to_server')[SSH2::CHANNEL_EXEC] - 4; } $remote_file = basename($remote_file); @@ -177,9 +178,9 @@ class SCP $size = filesize($data); } - $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); + $this->send('C0644 ' . $size . ' ' . $remote_file . "\n"); - $temp = $this->_receive(); + $temp = $this->receive(); if ($temp !== chr(0)) { return false; } @@ -187,14 +188,14 @@ class SCP $sent = 0; while ($sent < $size) { $temp = $mode & self::SOURCE_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); - $this->_send($temp); + $this->send($temp); $sent+= strlen($temp); if (is_callable($callback)) { call_user_func($callback, $sent); } } - $this->_close(); + $this->close(); if ($mode != self::SOURCE_STRING) { fclose($fp); @@ -215,7 +216,7 @@ class SCP * @return mixed * @access public */ - function get($remote_file, $local_file = false) + public function get($remote_file, $local_file = false) { if (!isset($this->ssh)) { return false; @@ -225,13 +226,13 @@ class SCP return false; } - $this->_send("\0"); + $this->send("\0"); - if (!preg_match('#(?[^ ]+) (?\d+) (?.+)#', rtrim($this->_receive()), $info)) { + if (!preg_match('#(?[^ ]+) (?\d+) (?.+)#', rtrim($this->receive()), $info)) { return false; } - $this->_send("\0"); + $this->send("\0"); $size = 0; @@ -244,7 +245,7 @@ class SCP $content = ''; while ($size < $info['size']) { - $data = $this->_receive(); + $data = $this->receive(); // SCP usually seems to split stuff out into 16k chunks $size+= strlen($data); @@ -255,7 +256,7 @@ class SCP } } - $this->_close(); + $this->close(); if ($local_file !== false) { fclose($fp); @@ -271,15 +272,15 @@ class SCP * @param string $data * @access private */ - function _send($data) + private function send($data) { switch ($this->mode) { case self::MODE_SSH2: - $this->ssh->_send_channel_packet(SSH2::CHANNEL_EXEC, $data); + Objects::callFunc($this->ssh, 'send_channel_packet', [SSH2::CHANNEL_EXEC, $data]); break; case self::MODE_SSH1: $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data); - $this->ssh->_send_binary_packet($data); + Objects::callFunc($this->ssh, 'send_binary_packet', [$data]); } } @@ -290,17 +291,17 @@ class SCP * @throws \UnexpectedValueException on receipt of an unexpected packet * @access private */ - function _receive() + private function receive() { switch ($this->mode) { case self::MODE_SSH2: - return $this->ssh->_get_channel_packet(SSH2::CHANNEL_EXEC, true); + return Objects::callFunc($this->ssh, 'get_channel_packet', [SSH2::CHANNEL_EXEC, true]); case self::MODE_SSH1: - if (!$this->ssh->bitmap) { + if (!Objects::getVar($this->ssh, 'bitmap')) { return false; } while (true) { - $response = $this->ssh->_get_binary_packet(); + $response = Objects::getFunc($this->ssh, 'get_binary_packet'); switch ($response[SSH1::RESPONSE_TYPE]) { case NET_SSH1_SMSG_STDOUT_DATA: extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA])); @@ -308,9 +309,9 @@ class SCP case NET_SSH1_SMSG_STDERR_DATA: break; case NET_SSH1_SMSG_EXITSTATUS: - $this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)); - fclose($this->ssh->fsock); - $this->ssh->bitmap = 0; + Objects::callFunc($this->ssh, 'send_binary_packet', [chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)]); + fclose(Objects::getVar($this->ssh, 'fsock')); + Objects::setVar($this->ssh, 'bitmap', 0); return false; default: throw new \UnexpectedValueException('Unknown packet received'); @@ -324,14 +325,14 @@ class SCP * * @access private */ - function _close() + private function close() { switch ($this->mode) { case self::MODE_SSH2: - $this->ssh->_close_channel(SSH2::CHANNEL_EXEC, true); + Objects::callFunc($this->ssh, 'close_channel', [SSH2::CHANNEL_EXEC, true]); break; case self::MODE_SSH1: - $this->ssh->disconnect(); + Objects::callFunc($this->ssh, 'disconnect'); } } } diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index cc90d5f8..7d41893e 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -96,7 +96,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $packet_types = []; + private $packet_types = []; /** * Status Codes @@ -105,7 +105,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $status_codes = []; + private $status_codes = []; /** * The Request ID @@ -117,7 +117,7 @@ class SFTP extends SSH2 * @see self::_send_sftp_packet() * @access private */ - var $request_id = false; + private $request_id = false; /** * The Packet Type @@ -129,7 +129,7 @@ class SFTP extends SSH2 * @see self::_get_sftp_packet() * @access private */ - var $packet_type = -1; + private $packet_type = -1; /** * Packet Buffer @@ -138,7 +138,7 @@ class SFTP extends SSH2 * @see self::_get_sftp_packet() * @access private */ - var $packet_buffer = ''; + private $packet_buffer = ''; /** * Extensions supported by the server @@ -147,7 +147,7 @@ class SFTP extends SSH2 * @see self::_initChannel() * @access private */ - var $extensions = []; + private $extensions = []; /** * Server SFTP version @@ -156,7 +156,7 @@ class SFTP extends SSH2 * @see self::_initChannel() * @access private */ - var $version; + private $version; /** * Current working directory @@ -166,7 +166,7 @@ class SFTP extends SSH2 * @see self::chdir() * @access private */ - var $pwd = false; + private $pwd = false; /** * Packet Type Log @@ -175,7 +175,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $packet_type_log = []; + private $packet_type_log = []; /** * Packet Log @@ -184,7 +184,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $packet_log = []; + private $packet_log = []; /** * Error information @@ -194,7 +194,7 @@ class SFTP extends SSH2 * @var string * @access private */ - var $sftp_errors = []; + private $sftp_errors = []; /** * Stat Cache @@ -208,7 +208,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $stat_cache = []; + private $stat_cache = []; /** * Max SFTP Packet Size @@ -218,7 +218,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $max_sftp_packet; + private $max_sftp_packet; /** * Stat Cache Flag @@ -228,7 +228,7 @@ class SFTP extends SSH2 * @var bool * @access private */ - var $use_stat_cache = true; + private $use_stat_cache = true; /** * Sort Options @@ -238,7 +238,7 @@ class SFTP extends SSH2 * @var array * @access private */ - var $sortOptions = []; + private $sortOptions = []; /** * Default Constructor. @@ -251,7 +251,7 @@ class SFTP extends SSH2 * @return \phpseclib\Net\SFTP * @access public */ - function __construct($host, $port = 22, $timeout = 10) + public function __construct($host, $port = 22, $timeout = 10) { parent::__construct($host, $port, $timeout); @@ -367,7 +367,7 @@ class SFTP extends SSH2 8 => 'NET_SFTP_TYPE_BLOCK_DEVICE', 9 => 'NET_SFTP_TYPE_FIFO' ]; - $this->_define_array( + $this->define_array( $this->packet_types, $this->status_codes, $this->attributes, @@ -389,10 +389,10 @@ class SFTP extends SSH2 * @return bool * @access public */ - function login($username) + public function login($username) { $args = func_get_args(); - if (!call_user_func_array(array(&$this, '_login'), $args)) { + if (!call_user_func_array(array(&$this, 'sublogin'), $args)) { return false; } @@ -408,13 +408,13 @@ class SFTP extends SSH2 0x4000 ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN; - $response = $this->_get_channel_packet(self::CHANNEL); + $response = $this->get_channel_packet(self::CHANNEL); if ($response === false) { return false; } @@ -429,13 +429,13 @@ class SFTP extends SSH2 strlen('sftp'), 'sftp' ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; - $response = $this->_get_channel_packet(self::CHANNEL); + $response = $this->get_channel_packet(self::CHANNEL); if ($response === false) { // from PuTTY's psftp.exe $command = "test -x /usr/lib/sftp-server && exec /usr/lib/sftp-server\n" . @@ -453,13 +453,13 @@ class SFTP extends SSH2 strlen($command), $command ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; - $response = $this->_get_channel_packet(self::CHANNEL); + $response = $this->get_channel_packet(self::CHANNEL); if ($response === false) { return false; } @@ -467,11 +467,11 @@ class SFTP extends SSH2 $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA; - if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) { + if (!$this->send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_VERSION) { throw new \UnexpectedValueException('Expected SSH_FXP_VERSION'); } @@ -533,9 +533,9 @@ class SFTP extends SSH2 return false; } - $this->pwd = $this->_realpath('.'); + $this->pwd = $this->realpath('.'); - $this->_update_stat_cache($this->pwd, []); + $this->update_stat_cache($this->pwd, []); return true; } @@ -555,7 +555,7 @@ class SFTP extends SSH2 * * @access public */ - function enableStatCache() + public function enableStatCache() { $this->use_stat_cache = true; } @@ -565,7 +565,7 @@ class SFTP extends SSH2 * * @access public */ - function clearStatCache() + public function clearStatCache() { $this->stat_cache = []; } @@ -576,7 +576,7 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function pwd() + public function pwd() { return $this->pwd; } @@ -586,9 +586,9 @@ class SFTP extends SSH2 * * @param string $response * @param int $status - * @access public + * @access private */ - function _logError($response, $status = -1) + private function logError($response, $status = -1) { if ($status == -1) { extract(unpack('Nstatus', Strings::shift($response, 4))); @@ -604,21 +604,6 @@ class SFTP extends SSH2 } } - /** - * Returns canonicalized absolute pathname - * - * realpath() expands all symbolic links and resolves references to '/./', '/../' and extra '/' characters in the input - * path and returns the canonicalized absolute pathname. - * - * @param string $path - * @return mixed - * @access public - */ - function realpath($path) - { - return $this->_realpath($path); - } - /** * Canonicalize the Server-Side Path Name * @@ -629,17 +614,17 @@ class SFTP extends SSH2 * @param string $path * @throws \UnexpectedValueException on receipt of unexpected packets * @return mixed - * @access private + * @access public */ - function _realpath($path) + public function realpath($path) { if ($this->pwd === false) { // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9 - if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($path), $path))) { + if (!$this->send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($path), $path))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following @@ -649,7 +634,7 @@ class SFTP extends SSH2 extract(unpack('Nlength', Strings::shift($response, 4))); return Strings::shift($response, $length); case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); @@ -687,7 +672,7 @@ class SFTP extends SSH2 * @return bool * @access public */ - function chdir($dir) + public function chdir($dir) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; @@ -701,10 +686,10 @@ class SFTP extends SSH2 $dir.= '/'; } - $dir = $this->_realpath($dir); + $dir = $this->realpath($dir); // confirm that $dir is, in fact, a valid directory - if ($this->use_stat_cache && is_array($this->_query_stat_cache($dir))) { + if ($this->use_stat_cache && is_array($this->query_stat_cache($dir))) { $this->pwd = $dir; return true; } @@ -714,28 +699,28 @@ class SFTP extends SSH2 // the file's uid / gid match the currently logged in user's uid / gid but how there's no easy // way to get those with SFTP - if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { + if (!$this->send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { return false; } // see \phpseclib\Net\SFTP::nlist() for a more thorough explanation of the following - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); } - if (!$this->_close_handle($handle)) { + if (!$this->close_handle($handle)) { return false; } - $this->_update_stat_cache($dir, []); + $this->update_stat_cache($dir, []); $this->pwd = $dir; return true; @@ -749,9 +734,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function nlist($dir = '.', $recursive = false) + public function nlist($dir = '.', $recursive = false) { - return $this->_nlist_helper($dir, $recursive, ''); + return $this->nlist_helper($dir, $recursive, ''); } /** @@ -763,9 +748,9 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _nlist_helper($dir, $recursive, $relativeDir) + private function nlist_helper($dir, $recursive, $relativeDir) { - $files = $this->_list($dir, false); + $files = $this->readlist($dir, false); if (!$recursive || $files === false) { return $files; @@ -779,8 +764,8 @@ class SFTP extends SSH2 } continue; } - if (is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $value)))) { - $temp = $this->_nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); + if (is_array($this->query_stat_cache($this->realpath($dir . '/' . $value)))) { + $temp = $this->nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); $result = array_merge($result, $temp); } else { $result[] = $relativeDir . $value; @@ -798,9 +783,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function rawlist($dir = '.', $recursive = false) + public function rawlist($dir = '.', $recursive = false) { - $files = $this->_list($dir, true); + $files = $this->readlist($dir, true); if (!$recursive || $files === false) { return $files; } @@ -812,7 +797,7 @@ class SFTP extends SSH2 unset($files[$key]); continue; } - if ($key != '.' && $key != '..' && is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $key)))) { + if ($key != '.' && $key != '..' && is_array($this->query_stat_cache($this->realpath($dir . '/' . $key)))) { $depth++; $files[$key] = $this->rawlist($dir . '/' . $key, true); $depth--; @@ -833,23 +818,23 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access private */ - function _list($dir, $raw = true) + private function readlist($dir, $raw = true) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $dir = $this->_realpath($dir . '/'); + $dir = $this->realpath($dir . '/'); if ($dir === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2 - if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { + if (!$this->send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2 @@ -859,24 +844,24 @@ class SFTP extends SSH2 break; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); } - $this->_update_stat_cache($dir, []); + $this->update_stat_cache($dir, []); $contents = []; while (true) { // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2 // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many // SSH_MSG_CHANNEL_DATA messages is not known to me. - if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) { + if (!$this->send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: extract(unpack('Ncount', Strings::shift($response, 4))); @@ -885,9 +870,9 @@ class SFTP extends SSH2 $shortname = Strings::shift($response, $length); extract(unpack('Nlength', Strings::shift($response, 4))); $longname = Strings::shift($response, $length); - $attributes = $this->_parseAttributes($response); + $attributes = $this->parseAttributes($response); if (!isset($attributes['type'])) { - $fileType = $this->_parseLongname($longname); + $fileType = $this->parseLongname($longname); if ($fileType) { $attributes['type'] = $fileType; } @@ -895,14 +880,14 @@ class SFTP extends SSH2 $contents[$shortname] = $attributes + ['filename' => $shortname]; if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { - $this->_update_stat_cache($dir . '/' . $shortname, []); + $this->update_stat_cache($dir . '/' . $shortname, []); } else { if ($shortname == '..') { - $temp = $this->_realpath($dir . '/..') . '/.'; + $temp = $this->realpath($dir . '/..') . '/.'; } else { $temp = $dir . '/' . $shortname; } - $this->_update_stat_cache($temp, (object) ['lstat' => $attributes]); + $this->update_stat_cache($temp, (object) ['lstat' => $attributes]); } // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the // final SSH_FXP_STATUS packet should tell us that, already. @@ -911,7 +896,7 @@ class SFTP extends SSH2 case NET_SFTP_STATUS: extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_EOF) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } break 2; @@ -920,12 +905,12 @@ class SFTP extends SSH2 } } - if (!$this->_close_handle($handle)) { + if (!$this->close_handle($handle)) { return false; } if (count($this->sortOptions)) { - uasort($contents, [&$this, '_comparator']); + uasort($contents, [&$this, 'comparator']); } return $raw ? $contents : array_keys($contents); @@ -941,7 +926,7 @@ class SFTP extends SSH2 * @return int * @access private */ - function _comparator($a, $b) + private function comparator($a, $b) { switch (true) { case $a['filename'] === '.' || $b['filename'] === '.': @@ -1015,7 +1000,7 @@ class SFTP extends SSH2 * * @access public */ - function setListOrder() + public function setListOrder() { $this->sortOptions = []; $args = func_get_args(); @@ -1040,7 +1025,7 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function size($filename) + public function size($filename) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; @@ -1060,7 +1045,7 @@ class SFTP extends SSH2 * @param mixed $value * @access private */ - function _update_stat_cache($path, $value) + private function update_stat_cache($path, $value) { if ($this->use_stat_cache === false) { return; @@ -1104,7 +1089,7 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _remove_from_stat_cache($path) + private function remove_from_stat_cache($path) { $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); @@ -1131,7 +1116,7 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _query_stat_cache($path) + private function query_stat_cache($path) { $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); @@ -1154,19 +1139,19 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function stat($filename) + public function stat($filename) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $filename = $this->_realpath($filename); + $filename = $this->realpath($filename); if ($filename === false) { return false; } if ($this->use_stat_cache) { - $result = $this->_query_stat_cache($filename); + $result = $this->query_stat_cache($filename); if (is_array($result) && isset($result['.']) && isset($result['.']->stat)) { return $result['.']->stat; } @@ -1175,16 +1160,16 @@ class SFTP extends SSH2 } } - $stat = $this->_stat($filename, NET_SFTP_STAT); + $stat = $this->stat_helper($filename, NET_SFTP_STAT); if ($stat === false) { - $this->_remove_from_stat_cache($filename); + $this->remove_from_stat_cache($filename); return false; } if (isset($stat['type'])) { if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } - $this->_update_stat_cache($filename, (object) ['stat' => $stat]); + $this->update_stat_cache($filename, (object) ['stat' => $stat]); return $stat; } @@ -1197,7 +1182,7 @@ class SFTP extends SSH2 if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } - $this->_update_stat_cache($filename, (object) ['stat' => $stat]); + $this->update_stat_cache($filename, (object) ['stat' => $stat]); return $stat; } @@ -1211,19 +1196,19 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function lstat($filename) + public function lstat($filename) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $filename = $this->_realpath($filename); + $filename = $this->realpath($filename); if ($filename === false) { return false; } if ($this->use_stat_cache) { - $result = $this->_query_stat_cache($filename); + $result = $this->query_stat_cache($filename); if (is_array($result) && isset($result['.']) && isset($result['.']->lstat)) { return $result['.']->lstat; } @@ -1232,24 +1217,24 @@ class SFTP extends SSH2 } } - $lstat = $this->_stat($filename, NET_SFTP_LSTAT); + $lstat = $this->stat_helper($filename, NET_SFTP_LSTAT); if ($lstat === false) { - $this->_remove_from_stat_cache($filename); + $this->remove_from_stat_cache($filename); return false; } if (isset($lstat['type'])) { if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } - $this->_update_stat_cache($filename, (object) ['lstat' => $lstat]); + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); return $lstat; } - $stat = $this->_stat($filename, NET_SFTP_STAT); + $stat = $this->stat_helper($filename, NET_SFTP_STAT); if ($lstat != $stat) { $lstat = array_merge($lstat, ['type' => NET_SFTP_TYPE_SYMLINK]); - $this->_update_stat_cache($filename, (object) ['lstat' => $lstat]); + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); return $stat; } @@ -1262,7 +1247,7 @@ class SFTP extends SSH2 if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } - $this->_update_stat_cache($filename, (object) ['lstat' => $lstat]); + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); return $lstat; } @@ -1279,20 +1264,20 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _stat($filename, $type) + private function stat_helper($filename, $type) { // SFTPv4+ adds an additional 32-bit integer field - flags - to the following: $packet = pack('Na*', strlen($filename), $filename); - if (!$this->_send_sftp_packet($type, $packet)) { + if (!$this->send_sftp_packet($type, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_ATTRS: - return $this->_parseAttributes($response); + return $this->parseAttributes($response); case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; } @@ -1307,11 +1292,11 @@ class SFTP extends SSH2 * @return bool * @access public */ - function truncate($filename, $new_size) + public function truncate($filename, $new_size) { $attr = pack('N3', NET_SFTP_ATTR_SIZE, $new_size / 4294967296, $new_size); // 4294967296 == 0x100000000 == 1<<32 - return $this->_setstat($filename, $attr, false); + return $this->setstat($filename, $attr, false); } /** @@ -1326,13 +1311,13 @@ class SFTP extends SSH2 * @return bool * @access public */ - function touch($filename, $time = null, $atime = null) + public function touch($filename, $time = null, $atime = null) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $filename = $this->_realpath($filename); + $filename = $this->realpath($filename); if ($filename === false) { return false; } @@ -1347,22 +1332,22 @@ class SFTP extends SSH2 $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL; $attr = pack('N3', NET_SFTP_ATTR_ACCESSTIME, $time, $atime); $packet = pack('Na*Na*', strlen($filename), $filename, $flags, $attr); - if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: - return $this->_close_handle(substr($response, 4)); + return $this->close_handle(substr($response, 4)); case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); break; default: throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); } - return $this->_setstat($filename, $attr, false); + return $this->setstat($filename, $attr, false); } /** @@ -1376,13 +1361,13 @@ class SFTP extends SSH2 * @return bool * @access public */ - function chown($filename, $uid, $recursive = false) + public function chown($filename, $uid, $recursive = false) { // quoting from , // "if the owner or group is specified as -1, then that ID is not changed" $attr = pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1); - return $this->_setstat($filename, $attr, $recursive); + return $this->setstat($filename, $attr, $recursive); } /** @@ -1396,11 +1381,11 @@ class SFTP extends SSH2 * @return bool * @access public */ - function chgrp($filename, $gid, $recursive = false) + public function chgrp($filename, $gid, $recursive = false) { $attr = pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid); - return $this->_setstat($filename, $attr, $recursive); + return $this->setstat($filename, $attr, $recursive); } /** @@ -1416,7 +1401,7 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function chmod($mode, $filename, $recursive = false) + public function chmod($mode, $filename, $recursive = false) { if (is_string($mode) && is_int($filename)) { $temp = $mode; @@ -1425,29 +1410,29 @@ class SFTP extends SSH2 } $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); - if (!$this->_setstat($filename, $attr, $recursive)) { + if (!$this->setstat($filename, $attr, $recursive)) { return false; } if ($recursive) { return true; } - $filename = $this->_realPath($filename); + $filename = $this->realPath($filename); // rather than return what the permissions *should* be, we'll return what they actually are. this will also // tell us if the file actually exists. // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following: $packet = pack('Na*', strlen($filename), $filename); - if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_STAT, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_ATTRS: - $attrs = $this->_parseAttributes($response); + $attrs = $this->parseAttributes($response); return $attrs['permissions']; case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; } @@ -1464,29 +1449,29 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _setstat($filename, $attr, $recursive) + private function setstat($filename, $attr, $recursive) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $filename = $this->_realpath($filename); + $filename = $this->realpath($filename); if ($filename === false) { return false; } - $this->_remove_from_stat_cache($filename); + $this->remove_from_stat_cache($filename); if ($recursive) { $i = 0; - $result = $this->_setstat_recursive($filename, $attr, $i); - $this->_read_put_responses($i); + $result = $this->setstat_recursive($filename, $attr, $i); + $this->read_put_responses($i); return $result; } // SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to // SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT. - if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) { + if (!$this->send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) { return false; } @@ -1497,14 +1482,14 @@ class SFTP extends SSH2 -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6 */ - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } @@ -1522,16 +1507,16 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _setstat_recursive($path, $attr, &$i) + private function setstat_recursive($path, $attr, &$i) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; - $entries = $this->_list($path, true); + $entries = $this->readlist($path, true); if ($entries === false) { - return $this->_setstat($path, $attr, false); + return $this->setstat($path, $attr, false); } // normally $entries would have at least . and .. but it might not if the directories @@ -1548,18 +1533,18 @@ class SFTP extends SSH2 $temp = $path . '/' . $filename; if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { - if (!$this->_setstat_recursive($temp, $attr, $i)) { + if (!$this->setstat_recursive($temp, $attr, $i)) { return false; } } else { - if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($temp), $temp, $attr))) { + if (!$this->send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($temp), $temp, $attr))) { return false; } $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; @@ -1567,14 +1552,14 @@ class SFTP extends SSH2 } } - if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($path), $path, $attr))) { + if (!$this->send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($path), $path, $attr))) { return false; } $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; @@ -1591,24 +1576,24 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function readlink($link) + public function readlink($link) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $link = $this->_realpath($link); + $link = $this->realpath($link); - if (!$this->_send_sftp_packet(NET_SFTP_READLINK, pack('Na*', strlen($link), $link))) { + if (!$this->send_sftp_packet(NET_SFTP_READLINK, pack('Na*', strlen($link), $link))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: break; case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); @@ -1635,28 +1620,28 @@ class SFTP extends SSH2 * @return bool * @access public */ - function symlink($target, $link) + public function symlink($target, $link) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - //$target = $this->_realpath($target); - $link = $this->_realpath($link); + //$target = $this->realpath($target); + $link = $this->realpath($link); $packet = pack('Na*Na*', strlen($target), $target, strlen($link), $link); - if (!$this->_send_sftp_packet(NET_SFTP_SYMLINK, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_SYMLINK, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } @@ -1670,13 +1655,13 @@ class SFTP extends SSH2 * @return bool * @access public */ - function mkdir($dir, $mode = -1, $recursive = false) + public function mkdir($dir, $mode = -1, $recursive = false) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $dir = $this->_realpath($dir); + $dir = $this->realpath($dir); // by not providing any permissions, hopefully the server will use the logged in users umask - their // default permissions. $attr = $mode == -1 ? "\0\0\0\0" : pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); @@ -1690,12 +1675,12 @@ class SFTP extends SSH2 for ($i = 0; $i < count($dirs); $i++) { $temp = array_slice($dirs, 0, $i + 1); $temp = implode('/', $temp); - $result = $this->_mkdir_helper($temp, $attr); + $result = $this->mkdir_helper($temp, $attr); } return $result; } - return $this->_mkdir_helper($dir, $attr); + return $this->mkdir_helper($dir, $attr); } /** @@ -1706,20 +1691,20 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access private */ - function _mkdir_helper($dir, $attr) + private function mkdir_helper($dir, $attr) { - if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Na*a*', strlen($dir), $dir, $attr))) { + if (!$this->send_sftp_packet(NET_SFTP_MKDIR, pack('Na*a*', strlen($dir), $dir, $attr))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } @@ -1734,22 +1719,22 @@ class SFTP extends SSH2 * @return bool * @access public */ - function rmdir($dir) + public function rmdir($dir) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $dir = $this->_realpath($dir); + $dir = $this->realpath($dir); if ($dir === false) { return false; } - if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) { + if (!$this->send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } @@ -1757,15 +1742,15 @@ class SFTP extends SSH2 extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? - $this->_logError($response, $status); + $this->logError($response, $status); return false; } - $this->_remove_from_stat_cache($dir); + $this->remove_from_stat_cache($dir); // the following will do a soft delete, which would be useful if you deleted a file // and then tried to do a stat on the deleted file. the above, in contrast, does // a hard delete - //$this->_update_stat_cache($dir, false); + //$this->update_stat_cache($dir, false); return true; } @@ -1818,18 +1803,18 @@ class SFTP extends SSH2 * @access public * @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - \phpseclib\Net\SFTP::setMode(). */ - function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) + public function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $remote_file = $this->_realpath($remote_file); + $remote_file = $this->realpath($remote_file); if ($remote_file === false) { return false; } - $this->_remove_from_stat_cache($remote_file); + $this->remove_from_stat_cache($remote_file); $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." @@ -1848,17 +1833,17 @@ class SFTP extends SSH2 } $packet = pack('Na*N2', strlen($remote_file), $remote_file, $flags, 0); - if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); @@ -1924,7 +1909,7 @@ class SFTP extends SSH2 $subtemp = $offset + $sent; $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); - if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_WRITE, $packet)) { if ($mode & self::SOURCE_LOCAL_FILE) { fclose($fp); } @@ -1938,7 +1923,7 @@ class SFTP extends SSH2 $i++; if ($i == NET_SFTP_QUEUE_SIZE) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { $i = 0; break; } @@ -1946,11 +1931,11 @@ class SFTP extends SSH2 } } - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { if ($mode & self::SOURCE_LOCAL_FILE) { fclose($fp); } - $this->_close_handle($handle); + $this->close_handle($handle); return false; } @@ -1958,7 +1943,7 @@ class SFTP extends SSH2 fclose($fp); } - return $this->_close_handle($handle); + return $this->close_handle($handle); } /** @@ -1972,17 +1957,17 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access private */ - function _read_put_responses($i) + private function read_put_responses($i) { while ($i--) { - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); break; } } @@ -1998,22 +1983,22 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access private */ - function _close_handle($handle) + private function close_handle($handle) { - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { + if (!$this->send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { return false; } // "The client MUST release all resources associated with the handle regardless of the status." // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } @@ -2037,29 +2022,29 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function get($remote_file, $local_file = false, $offset = 0, $length = -1) + public function get($remote_file, $local_file = false, $offset = 0, $length = -1) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $remote_file = $this->_realpath($remote_file); + $remote_file = $this->realpath($remote_file); if ($remote_file === false) { return false; } $packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0); - if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - $this->_logError($response); + $this->logError($response); return false; default: throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); @@ -2094,7 +2079,7 @@ class SFTP extends SSH2 $packet_size = $length > 0 ? min($this->max_sftp_packet, $length - $read) : $this->max_sftp_packet; $packet = pack('Na*N3', strlen($handle), $handle, $tempoffset / 4294967296, $tempoffset, $packet_size); - if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_READ, $packet)) { if ($fclose_check) { fclose($fp); } @@ -2114,10 +2099,10 @@ class SFTP extends SSH2 $i--; if ($clear_responses) { - $this->_get_sftp_packet(); + $this->get_sftp_packet(); continue; } else { - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); } switch ($this->packet_type) { @@ -2133,7 +2118,7 @@ class SFTP extends SSH2 break; case NET_SFTP_STATUS: // could, in theory, return false if !strlen($content) but we'll hold off for the time being - $this->_logError($response); + $this->logError($response); $clear_responses = true; // don't break out of the loop yet, so we can read the remaining responses break; default: @@ -2162,7 +2147,7 @@ class SFTP extends SSH2 fclose($fp); } - if (!$this->_close_handle($handle)) { + if (!$this->close_handle($handle)) { return false; } @@ -2179,23 +2164,23 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access public */ - function delete($path, $recursive = true) + public function delete($path, $recursive = true) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $path = $this->_realpath($path); + $path = $this->realpath($path); if ($path === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 - if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) { + if (!$this->send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } @@ -2203,17 +2188,17 @@ class SFTP extends SSH2 // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); if (!$recursive) { return false; } $i = 0; - $result = $this->_delete_recursive($path, $i); - $this->_read_put_responses($i); + $result = $this->delete_recursive($path, $i); + $this->read_put_responses($i); return $result; } - $this->_remove_from_stat_cache($path); + $this->remove_from_stat_cache($path); return true; } @@ -2228,13 +2213,13 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _delete_recursive($path, &$i) + private function delete_recursive($path, &$i) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; - $entries = $this->_list($path, true); + $entries = $this->readlist($path, true); // normally $entries would have at least . and .. but it might not if the directories // permissions didn't allow reading @@ -2250,19 +2235,19 @@ class SFTP extends SSH2 $temp = $path . '/' . $filename; if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { - if (!$this->_delete_recursive($temp, $i)) { + if (!$this->delete_recursive($temp, $i)) { return false; } } else { - if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($temp), $temp))) { + if (!$this->send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($temp), $temp))) { return false; } - $this->_remove_from_stat_cache($temp); + $this->remove_from_stat_cache($temp); $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; @@ -2270,15 +2255,15 @@ class SFTP extends SSH2 } } - if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($path), $path))) { + if (!$this->send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($path), $path))) { return false; } - $this->_remove_from_stat_cache($path); + $this->remove_from_stat_cache($path); $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->_read_put_responses($i)) { + if (!$this->read_put_responses($i)) { return false; } $i = 0; @@ -2294,12 +2279,12 @@ class SFTP extends SSH2 * @return bool * @access public */ - function file_exists($path) + public function file_exists($path) { if ($this->use_stat_cache) { - $path = $this->_realpath($path); + $path = $this->realpath($path); - $result = $this->_query_stat_cache($path); + $result = $this->query_stat_cache($path); if (isset($result)) { // return true if $result is an array or if it's an stdClass object @@ -2317,9 +2302,9 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_dir($path) + public function is_dir($path) { - $result = $this->_get_stat_cache_prop($path, 'type'); + $result = $this->get_stat_cache_prop($path, 'type'); if ($result === false) { return false; } @@ -2333,9 +2318,9 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_file($path) + public function is_file($path) { - $result = $this->_get_stat_cache_prop($path, 'type'); + $result = $this->get_stat_cache_prop($path, 'type'); if ($result === false) { return false; } @@ -2349,9 +2334,9 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_link($path) + public function is_link($path) { - $result = $this->_get_lstat_cache_prop($path, 'type'); + $result = $this->get_lstat_cache_prop($path, 'type'); if ($result === false) { return false; } @@ -2365,16 +2350,16 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_readable($path) + public function is_readable($path) { - $path = $this->_realpath($path); + $path = $this->realpath($path); $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_READ, 0); - if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: return true; @@ -2393,16 +2378,16 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_writable($path) + public function is_writable($path) { - $path = $this->_realpath($path); + $path = $this->realpath($path); $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_WRITE, 0); - if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: return true; @@ -2423,7 +2408,7 @@ class SFTP extends SSH2 * @return bool * @access public */ - function is_writeable($path) + public function is_writeable($path) { return $this->is_writable($path); } @@ -2435,9 +2420,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function fileatime($path) + public function fileatime($path) { - return $this->_get_stat_cache_prop($path, 'atime'); + return $this->get_stat_cache_prop($path, 'atime'); } /** @@ -2447,9 +2432,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function filemtime($path) + public function filemtime($path) { - return $this->_get_stat_cache_prop($path, 'mtime'); + return $this->get_stat_cache_prop($path, 'mtime'); } /** @@ -2459,9 +2444,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function fileperms($path) + public function fileperms($path) { - return $this->_get_stat_cache_prop($path, 'permissions'); + return $this->get_stat_cache_prop($path, 'permissions'); } /** @@ -2471,9 +2456,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function fileowner($path) + public function fileowner($path) { - return $this->_get_stat_cache_prop($path, 'uid'); + return $this->get_stat_cache_prop($path, 'uid'); } /** @@ -2483,9 +2468,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function filegroup($path) + public function filegroup($path) { - return $this->_get_stat_cache_prop($path, 'gid'); + return $this->get_stat_cache_prop($path, 'gid'); } /** @@ -2495,9 +2480,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function filesize($path) + public function filesize($path) { - return $this->_get_stat_cache_prop($path, 'size'); + return $this->get_stat_cache_prop($path, 'size'); } /** @@ -2507,9 +2492,9 @@ class SFTP extends SSH2 * @return mixed * @access public */ - function filetype($path) + public function filetype($path) { - $type = $this->_get_stat_cache_prop($path, 'type'); + $type = $this->get_stat_cache_prop($path, 'type'); if ($type === false) { return false; } @@ -2542,9 +2527,9 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _get_stat_cache_prop($path, $prop) + private function get_stat_cache_prop($path, $prop) { - return $this->_get_xstat_cache_prop($path, $prop, 'stat'); + return $this->get_xstat_cache_prop($path, $prop, 'stat'); } /** @@ -2557,9 +2542,9 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _get_lstat_cache_prop($path, $prop) + private function get_lstat_cache_prop($path, $prop) { - return $this->_get_xstat_cache_prop($path, $prop, 'lstat'); + return $this->get_xstat_cache_prop($path, $prop, 'lstat'); } /** @@ -2572,12 +2557,12 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _get_xstat_cache_prop($path, $prop, $type) + private function get_xstat_cache_prop($path, $prop, $type) { if ($this->use_stat_cache) { - $path = $this->_realpath($path); + $path = $this->realpath($path); - $result = $this->_query_stat_cache($path); + $result = $this->query_stat_cache($path); if (is_object($result) && isset($result->$type)) { return $result->{$type}[$prop]; @@ -2602,25 +2587,25 @@ class SFTP extends SSH2 * @throws \UnexpectedValueException on receipt of unexpected packets * @access public */ - function rename($oldname, $newname) + public function rename($oldname, $newname) { if (!($this->bitmap & SSH2::MASK_LOGIN)) { return false; } - $oldname = $this->_realpath($oldname); - $newname = $this->_realpath($newname); + $oldname = $this->realpath($oldname); + $newname = $this->realpath($newname); if ($oldname === false || $newname === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 $packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname); - if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) { + if (!$this->send_sftp_packet(NET_SFTP_RENAME, $packet)) { return false; } - $response = $this->_get_sftp_packet(); + $response = $this->get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); } @@ -2628,15 +2613,15 @@ class SFTP extends SSH2 // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED extract(unpack('Nstatus', Strings::shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + $this->logError($response, $status); return false; } // don't move the stat cache entry over since this operation could very well change the // atime and mtime attributes - //$this->_update_stat_cache($newname, $this->_query_stat_cache($oldname)); - $this->_remove_from_stat_cache($oldname); - $this->_remove_from_stat_cache($newname); + //$this->update_stat_cache($newname, $this->query_stat_cache($oldname)); + $this->remove_from_stat_cache($oldname); + $this->remove_from_stat_cache($newname); return true; } @@ -2650,7 +2635,7 @@ class SFTP extends SSH2 * @return array * @access private */ - function _parseAttributes(&$response) + private function parseAttributes(&$response) { $attr = []; extract(unpack('Nflags', Strings::shift($response, 4))); @@ -2674,7 +2659,7 @@ class SFTP extends SSH2 // mode == permissions; permissions was the original array key and is retained for bc purposes. // mode was added because that's the more industry standard terminology $attr+= ['mode' => $attr['permissions']]; - $fileType = $this->_parseMode($attr['permissions']); + $fileType = $this->parseMode($attr['permissions']); if ($fileType !== false) { $attr+= ['type' => $fileType]; } @@ -2704,7 +2689,7 @@ class SFTP extends SSH2 * @return int * @access private */ - function _parseMode($mode) + private function parseMode($mode) { // values come from http://lxr.free-electrons.com/source/include/uapi/linux/stat.h#L12 // see, also, http://linux.die.net/man/2/stat @@ -2751,7 +2736,7 @@ class SFTP extends SSH2 * @return mixed * @access private */ - function _parseLongname($longname) + private function parseLongname($longname) { // http://en.wikipedia.org/wiki/Unix_file_types // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions @@ -2783,21 +2768,21 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _send_sftp_packet($type, $data) + private function send_sftp_packet($type, $data) { $packet = $this->request_id !== false ? pack('NCNa*', strlen($data) + 5, $type, $this->request_id, $data) : pack('NCa*', strlen($data) + 1, $type, $data); $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 - $result = $this->_send_channel_packet(self::CHANNEL, $packet); + $result = $this->send_channel_packet(self::CHANNEL, $packet); $stop = strtok(microtime(), ' ') + strtok(''); if (defined('NET_SFTP_LOGGING')) { $packet_type = '-> ' . $this->packet_types[$type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == self::LOG_REALTIME) { - echo "
\r\n" . $this->_format_log([$data], [$packet_type]) . "\r\n
\r\n"; + echo "
\r\n" . $this->format_log([$data], [$packet_type]) . "\r\n
\r\n"; flush(); ob_flush(); } else { @@ -2824,7 +2809,7 @@ class SFTP extends SSH2 * @return string * @access private */ - function _get_sftp_packet() + private function get_sftp_packet() { $this->curTimeout = false; @@ -2832,7 +2817,7 @@ class SFTP extends SSH2 // SFTP packet length while (strlen($this->packet_buffer) < 4) { - $temp = $this->_get_channel_packet(self::CHANNEL); + $temp = $this->get_channel_packet(self::CHANNEL); if (is_bool($temp)) { $this->packet_type = false; $this->packet_buffer = ''; @@ -2846,7 +2831,7 @@ class SFTP extends SSH2 // SFTP packet type and data payload while ($tempLength > 0) { - $temp = $this->_get_channel_packet(self::CHANNEL); + $temp = $this->get_channel_packet(self::CHANNEL); if (is_bool($temp)) { $this->packet_type = false; $this->packet_buffer = ''; @@ -2873,7 +2858,7 @@ class SFTP extends SSH2 $packet_type = '<- ' . $this->packet_types[$this->packet_type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == self::LOG_REALTIME) { - echo "
\r\n" . $this->_format_log([$packet], [$packet_type]) . "\r\n
\r\n"; + echo "
\r\n" . $this->format_log([$packet], [$packet_type]) . "\r\n
\r\n"; flush(); ob_flush(); } else { @@ -2895,7 +2880,7 @@ class SFTP extends SSH2 * @access public * @return string or Array */ - function getSFTPLog() + public function getSFTPLog() { if (!defined('NET_SFTP_LOGGING')) { return false; @@ -2903,7 +2888,7 @@ class SFTP extends SSH2 switch (NET_SFTP_LOGGING) { case self::LOG_COMPLEX: - return $this->_format_log($this->packet_log, $this->packet_type_log); + return $this->format_log($this->packet_log, $this->packet_type_log); break; //case self::LOG_SIMPLE: default: @@ -2917,7 +2902,7 @@ class SFTP extends SSH2 * @return string * @access public */ - function getSFTPErrors() + public function getSFTPErrors() { return $this->sftp_errors; } @@ -2928,7 +2913,7 @@ class SFTP extends SSH2 * @return string * @access public */ - function getLastSFTPError() + public function getLastSFTPError() { return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : ''; } @@ -2939,7 +2924,7 @@ class SFTP extends SSH2 * @return array * @access public */ - function getSupportedVersions() + public function getSupportedVersions() { $temp = ['version' => $this->version]; if (isset($this->extensions['versions'])) { @@ -2955,9 +2940,9 @@ class SFTP extends SSH2 * @return bool * @access private */ - function _disconnect($reason) + private function disconnect_helper($reason) { $this->pwd = false; - parent::_disconnect($reason); + parent::disconnect_helper($reason); } } diff --git a/phpseclib/Net/SFTP/Stream.php b/phpseclib/Net/SFTP/Stream.php index 3ee95f76..a0c3bd3a 100644 --- a/phpseclib/Net/SFTP/Stream.php +++ b/phpseclib/Net/SFTP/Stream.php @@ -45,7 +45,7 @@ class Stream * @var object * @access private */ - var $sftp; + private $sftp; /** * Path @@ -53,7 +53,7 @@ class Stream * @var string * @access private */ - var $path; + private $path; /** * Mode @@ -61,7 +61,7 @@ class Stream * @var string * @access private */ - var $mode; + private $mode; /** * Position @@ -69,7 +69,7 @@ class Stream * @var int * @access private */ - var $pos; + private $pos; /** * Size @@ -77,7 +77,7 @@ class Stream * @var int * @access private */ - var $size; + private $size; /** * Directory entries @@ -85,7 +85,7 @@ class Stream * @var array * @access private */ - var $entries; + private $entries; /** * EOF flag @@ -93,7 +93,7 @@ class Stream * @var bool * @access private */ - var $eof; + private $eof; /** * Context resource @@ -103,7 +103,7 @@ class Stream * @var resource * @access public */ - var $context; + public $context; /** * Notification callback function @@ -111,7 +111,7 @@ class Stream * @var callable * @access public */ - var $notification; + private $notification; /** * Registers this class as a URL wrapper. @@ -120,7 +120,7 @@ class Stream * @return bool True on success, false otherwise. * @access public */ - static function register($protocol = 'sftp') + public static function register($protocol = 'sftp') { if (in_array($protocol, stream_get_wrappers(), true)) { return false; @@ -133,7 +133,7 @@ class Stream * * @access public */ - function __construct() + public function __construct() { if (defined('NET_SFTP_STREAM_LOGGING')) { echo "__construct()\r\n"; @@ -152,7 +152,7 @@ class Stream * @return string * @access private */ - function _parse_path($path) + private function parse_path($path) { $orig = $path; extract(parse_url($path) + ['port' => 22]); @@ -257,9 +257,9 @@ class Stream * @return bool * @access public */ - function _stream_open($path, $mode, $options, &$opened_path) + private function _stream_open($path, $mode, $options, &$opened_path) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; @@ -299,7 +299,7 @@ class Stream * @return mixed * @access public */ - function _stream_read($count) + private function _stream_read($count) { switch ($this->mode) { case 'w': @@ -341,7 +341,7 @@ class Stream * @return mixed * @access public */ - function _stream_write($data) + private function _stream_write($data) { switch ($this->mode) { case 'r': @@ -375,7 +375,7 @@ class Stream * @return int * @access public */ - function _stream_tell() + private function _stream_tell() { return $this->pos; } @@ -393,7 +393,7 @@ class Stream * @return bool * @access public */ - function _stream_eof() + private function _stream_eof() { return $this->eof; } @@ -406,7 +406,7 @@ class Stream * @return bool * @access public */ - function _stream_seek($offset, $whence) + private function _stream_seek($offset, $whence) { switch ($whence) { case SEEK_SET: @@ -435,9 +435,9 @@ class Stream * @return bool * @access public */ - function _stream_metadata($path, $option, $var) + private function _stream_metadata($path, $option, $var) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -467,7 +467,7 @@ class Stream * @return resource * @access public */ - function _stream_cast($cast_as) + private function _stream_cast($cast_as) { return $this->sftp->fsock; } @@ -479,7 +479,7 @@ class Stream * @return bool * @access public */ - function _stream_lock($operation) + private function _stream_lock($operation) { return false; } @@ -496,7 +496,7 @@ class Stream * @return bool * @access public */ - function _rename($path_from, $path_to) + private function _rename($path_from, $path_to) { $path1 = parse_url($path_from); $path2 = parse_url($path_to); @@ -505,7 +505,7 @@ class Stream return false; } - $path_from = $this->_parse_path($path_from); + $path_from = $this->parse_path($path_from); $path_to = parse_url($path_to); if ($path_from === false) { return false; @@ -548,9 +548,9 @@ class Stream * @return bool * @access public */ - function _dir_opendir($path, $options) + private function _dir_opendir($path, $options) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -565,7 +565,7 @@ class Stream * @return mixed * @access public */ - function _dir_readdir() + private function _dir_readdir() { if (isset($this->entries[$this->pos])) { return $this->entries[$this->pos++]; @@ -579,7 +579,7 @@ class Stream * @return bool * @access public */ - function _dir_rewinddir() + private function _dir_rewinddir() { $this->pos = 0; return true; @@ -591,7 +591,7 @@ class Stream * @return bool * @access public */ - function _dir_closedir() + private function _dir_closedir() { return true; } @@ -607,9 +607,9 @@ class Stream * @return bool * @access public */ - function _mkdir($path, $mode, $options) + private function _mkdir($path, $mode, $options) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -631,9 +631,9 @@ class Stream * @return bool * @access public */ - function _rmdir($path, $options) + private function _rmdir($path, $options) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -649,7 +649,7 @@ class Stream * @return bool * @access public */ - function _stream_flush() + private function _stream_flush() { return true; } @@ -660,7 +660,7 @@ class Stream * @return mixed * @access public */ - function _stream_stat() + private function _stream_stat() { $results = $this->sftp->stat($this->path); if ($results === false) { @@ -676,9 +676,9 @@ class Stream * @return bool * @access public */ - function _unlink($path) + private function _unlink($path) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -698,9 +698,9 @@ class Stream * @return mixed * @access public */ - function _url_stat($path, $flags) + private function _url_stat($path, $flags) { - $path = $this->_parse_path($path); + $path = $this->parse_path($path); if ($path === false) { return false; } @@ -720,7 +720,7 @@ class Stream * @return bool * @access public */ - function _stream_truncate($new_size) + private function _stream_truncate($new_size) { if (!$this->sftp->truncate($this->path, $new_size)) { return false; @@ -744,7 +744,7 @@ class Stream * @return bool * @access public */ - function _stream_set_option($option, $arg1, $arg2) + private function _stream_set_option($option, $arg1, $arg2) { return false; } @@ -754,7 +754,7 @@ class Stream * * @access public */ - function _stream_close() + private function _stream_close() { } @@ -773,7 +773,7 @@ class Stream * @return mixed * @access public */ - function __call($name, $arguments) + public function __call($name, $arguments) { if (defined('NET_SFTP_STREAM_LOGGING')) { echo $name . '('; diff --git a/phpseclib/Net/SSH1.php b/phpseclib/Net/SSH1.php index 0fb34906..4ea53369 100644 --- a/phpseclib/Net/SSH1.php +++ b/phpseclib/Net/SSH1.php @@ -229,7 +229,7 @@ class SSH1 * @var string * @access private */ - var $identifier = 'SSH-1.5-phpseclib'; + private $identifier = 'SSH-1.5-phpseclib'; /** * The Socket Object @@ -237,7 +237,7 @@ class SSH1 * @var object * @access private */ - var $fsock; + private $fsock; /** * The cryptography object @@ -245,7 +245,7 @@ class SSH1 * @var object * @access private */ - var $crypto = false; + private $crypto = false; /** * Execution Bitmap @@ -256,7 +256,7 @@ class SSH1 * @var int * @access private */ - var $bitmap = 0; + private $bitmap = 0; /** * The Server Key Public Exponent @@ -267,7 +267,7 @@ class SSH1 * @var string * @access private */ - var $server_key_public_exponent; + private $server_key_public_exponent; /** * The Server Key Public Modulus @@ -278,7 +278,7 @@ class SSH1 * @var string * @access private */ - var $server_key_public_modulus; + private $server_key_public_modulus; /** * The Host Key Public Exponent @@ -289,7 +289,7 @@ class SSH1 * @var string * @access private */ - var $host_key_public_exponent; + private $host_key_public_exponent; /** * The Host Key Public Modulus @@ -300,7 +300,7 @@ class SSH1 * @var string * @access private */ - var $host_key_public_modulus; + private $host_key_public_modulus; /** * Supported Ciphers @@ -311,7 +311,7 @@ class SSH1 * @var array * @access private */ - var $supported_ciphers = [ + private $supported_ciphers = [ self::CIPHER_NONE => 'No encryption', self::CIPHER_IDEA => 'IDEA in CFB mode', self::CIPHER_DES => 'DES in CBC mode', @@ -330,7 +330,7 @@ class SSH1 * @var array * @access private */ - var $supported_authentications = [ + private $supported_authentications = [ self::AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv', self::AUTH_RSA => 'pure RSA authentication', self::AUTH_PASSWORD => 'password authentication', @@ -344,7 +344,7 @@ class SSH1 * @var string * @access private */ - var $server_identification = ''; + private $server_identification = ''; /** * Protocol Flags @@ -353,7 +353,7 @@ class SSH1 * @var array * @access private */ - var $protocol_flags = []; + private $protocol_flags = []; /** * Protocol Flag Log @@ -362,7 +362,7 @@ class SSH1 * @var array * @access private */ - var $protocol_flag_log = []; + private $protocol_flag_log = []; /** * Message Log @@ -371,7 +371,7 @@ class SSH1 * @var array * @access private */ - var $message_log = []; + private $message_log = []; /** * Real-time log file pointer @@ -380,7 +380,7 @@ class SSH1 * @var resource * @access private */ - var $realtime_log_file; + private $realtime_log_file; /** * Real-time log file size @@ -389,7 +389,7 @@ class SSH1 * @var int * @access private */ - var $realtime_log_size; + private $realtime_log_size; /** * Real-time log file wrap boolean @@ -398,7 +398,7 @@ class SSH1 * @var bool * @access private */ - var $realtime_log_wrap; + private $realtime_log_wrap; /** * Interactive Buffer @@ -407,7 +407,7 @@ class SSH1 * @var array * @access private */ - var $interactiveBuffer = ''; + private $interactiveBuffer = ''; /** * Timeout @@ -415,7 +415,7 @@ class SSH1 * @see self::setTimeout() * @access private */ - var $timeout; + private $timeout; /** * Current Timeout @@ -423,7 +423,7 @@ class SSH1 * @see self::_get_channel_packet() * @access private */ - var $curTimeout; + private $curTimeout; /** * Log Boundary @@ -431,7 +431,7 @@ class SSH1 * @see self::_format_log() * @access private */ - var $log_boundary = ':'; + private $log_boundary = ':'; /** * Log Long Width @@ -439,7 +439,7 @@ class SSH1 * @see self::_format_log() * @access private */ - var $log_long_width = 65; + private $log_long_width = 65; /** * Log Short Width @@ -447,7 +447,7 @@ class SSH1 * @see self::_format_log() * @access private */ - var $log_short_width = 16; + private $log_short_width = 16; /** * Hostname @@ -457,7 +457,7 @@ class SSH1 * @var string * @access private */ - var $host; + private $host; /** * Port Number @@ -467,7 +467,7 @@ class SSH1 * @var int * @access private */ - var $port; + private $port; /** * Timeout for initial connection @@ -482,7 +482,7 @@ class SSH1 * @var int * @access private */ - var $connectionTimeout; + private $connectionTimeout; /** * Default cipher @@ -492,7 +492,7 @@ class SSH1 * @var int * @access private */ - var $cipher; + private $cipher; /** * Default Constructor. @@ -506,7 +506,7 @@ class SSH1 * @return \phpseclib\Net\SSH1 * @access public */ - function __construct($host, $port = 22, $timeout = 10, $cipher = self::CIPHER_3DES) + public function __construct($host, $port = 22, $timeout = 10, $cipher = self::CIPHER_3DES) { $this->protocol_flags = [ 1 => 'NET_SSH1_MSG_DISCONNECT', @@ -527,7 +527,7 @@ class SSH1 33 => 'NET_SSH1_CMSG_EXIT_CONFIRMATION' ]; - $this->_define_array($this->protocol_flags); + $this->define_array($this->protocol_flags); $this->host = $host; $this->port = $port; @@ -543,7 +543,7 @@ class SSH1 * @throws \RuntimeException on other errors * @access private */ - function _connect() + private function connect() { $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->connectionTimeout); if (!$this->fsock) { @@ -553,8 +553,8 @@ class SSH1 $this->server_identification = $init_line = fgets($this->fsock, 255); if (defined('NET_SSH1_LOGGING')) { - $this->_append_log('<-', $this->server_identification); - $this->_append_log('->', $this->identifier . "\r\n"); + $this->append_log('<-', $this->server_identification); + $this->append_log('->', $this->identifier . "\r\n"); } if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) { @@ -566,7 +566,7 @@ class SSH1 fputs($this->fsock, $this->identifier."\r\n"); - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) { throw new \UnexpectedValueException('Expected SSH_SMSG_PUBLIC_KEY'); } @@ -617,14 +617,14 @@ class SSH1 $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) { - $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key = $this->rsa_crypt( $double_encrypted_session_key, [ $server_key_public_exponent, $server_key_public_modulus ] ); - $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key = $this->rsa_crypt( $double_encrypted_session_key, [ $host_key_public_exponent, @@ -632,14 +632,14 @@ class SSH1 ] ); } else { - $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key = $this->rsa_crypt( $double_encrypted_session_key, [ $host_key_public_exponent, $host_key_public_modulus ] ); - $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key = $this->rsa_crypt( $double_encrypted_session_key, [ $server_key_public_exponent, @@ -651,7 +651,7 @@ class SSH1 $cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : self::CIPHER_3DES; $data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_SESSION_KEY'); } @@ -682,7 +682,7 @@ class SSH1 // break; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { throw new \UnexpectedValueException('Expected SSH_SMSG_SUCCESS'); @@ -703,11 +703,11 @@ class SSH1 * @throws \RuntimeException on other errors * @access public */ - function login($username, $password = '') + public function login($username, $password = '') { if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { $this->bitmap |= self::MASK_CONSTRUCTOR; - if (!$this->_connect()) { + if (!$this->connect()) { return false; } } @@ -718,11 +718,11 @@ class SSH1 $data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_USER'); } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === true) { return false; @@ -736,7 +736,7 @@ class SSH1 $data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_AUTH_PASSWORD'); } @@ -746,7 +746,7 @@ class SSH1 $this->message_log[count($this->message_log) - 1] = $data; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === true) { return false; @@ -769,7 +769,7 @@ class SSH1 * * @param mixed $timeout */ - function setTimeout($timeout) + public function setTimeout($timeout) { $this->timeout = $this->curTimeout = $timeout; } @@ -795,7 +795,7 @@ class SSH1 * @throws \RuntimeException on error sending command * @access public */ - function exec($cmd, $block = true) + public function exec($cmd, $block = true) { if (!($this->bitmap & self::MASK_LOGIN)) { throw new \RuntimeException('Operation disallowed prior to login()'); @@ -803,7 +803,7 @@ class SSH1 $data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_EXEC_CMD'); } @@ -812,19 +812,19 @@ class SSH1 } $output = ''; - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response !== false) { do { $output.= substr($response[self::RESPONSE_DATA], 4); - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); } while (is_array($response) && $response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS); } $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION); // i don't think it's really all that important if this packet gets sent or not. - $this->_send_binary_packet($data); + $this->send_binary_packet($data); fclose($this->fsock); @@ -844,18 +844,18 @@ class SSH1 * @throws \RuntimeException on other errors * @access private */ - function _initShell() + private function initShell() { // connect using the sample parameters in protocol-1.5.txt. // according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text // terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell. $data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, self::TTY_OP_END); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_REQUEST_PTY'); } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === true) { return false; @@ -866,7 +866,7 @@ class SSH1 $data = pack('C', NET_SSH1_CMSG_EXEC_SHELL); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_EXEC_SHELL'); } @@ -885,7 +885,7 @@ class SSH1 * @return bool * @access public */ - function write($cmd) + public function write($cmd) { return $this->interactiveWrite($cmd); } @@ -903,13 +903,13 @@ class SSH1 * @throws \RuntimeException on connection error * @access public */ - function read($expect, $mode = self::READ__SIMPLE) + public function read($expect, $mode = self::READ__SIMPLE) { if (!($this->bitmap & self::MASK_LOGIN)) { throw new \RuntimeException('Operation disallowed prior to login()'); } - if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + if (!($this->bitmap & self::MASK_SHELL) && !$this->initShell()) { throw new \RuntimeException('Unable to initiate an interactive shell session'); } @@ -923,7 +923,7 @@ class SSH1 if ($pos !== false) { return Strings::shift($this->interactiveBuffer, $pos + strlen($match)); } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === true) { return Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); @@ -941,19 +941,19 @@ class SSH1 * @throws \RuntimeException on connection error * @access public */ - function interactiveWrite($cmd) + public function interactiveWrite($cmd) { if (!($this->bitmap & self::MASK_LOGIN)) { throw new \RuntimeException('Operation disallowed prior to login()'); } - if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + if (!($this->bitmap & self::MASK_SHELL) && !$this->initShell()) { throw new \RuntimeException('Unable to initiate an interactive shell session'); } $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Error sending SSH_CMSG_STDIN'); } @@ -974,20 +974,20 @@ class SSH1 * @throws \RuntimeException on connection error * @access public */ - function interactiveRead() + public function interactiveRead() { if (!($this->bitmap & self::MASK_LOGIN)) { throw new \RuntimeException('Operation disallowed prior to login()'); } - if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + if (!($this->bitmap & self::MASK_SHELL) && !$this->initShell()) { throw new \RuntimeException('Unable to initiate an interactive shell session'); } $read = [$this->fsock]; $write = $except = null; if (stream_select($read, $write, $except, 0)) { - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); return substr($response[self::RESPONSE_DATA], 4); } else { return ''; @@ -999,9 +999,9 @@ class SSH1 * * @access public */ - function disconnect() + public function disconnect() { - $this->_disconnect(); + $this->disconnect_helper(); } /** @@ -1012,9 +1012,9 @@ class SSH1 * * @access public */ - function __destruct() + public function __destruct() { - $this->_disconnect(); + $this->disconnect_helper(); } /** @@ -1023,13 +1023,13 @@ class SSH1 * @param string $msg * @access private */ - function _disconnect($msg = 'Client Quit') + private function disconnect_helper($msg = 'Client Quit') { if ($this->bitmap) { $data = pack('C', NET_SSH1_CMSG_EOF); - $this->_send_binary_packet($data); + $this->send_binary_packet($data); /* - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === true) { $response = [self::RESPONSE_TYPE => -1]; } @@ -1043,7 +1043,7 @@ class SSH1 */ $data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg); - $this->_send_binary_packet($data); + $this->send_binary_packet($data); fclose($this->fsock); $this->bitmap = 0; } @@ -1061,7 +1061,7 @@ class SSH1 * @return array * @access private */ - function _get_binary_packet() + private function get_binary_packet() { if (feof($this->fsock)) { //user_error('connection closed prematurely'); @@ -1077,7 +1077,7 @@ class SSH1 $usec = 1000000 * ($this->curTimeout - $sec); // on windows this returns a "Warning: Invalid CRT parameters detected" error if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { - //$this->_disconnect('Timeout'); + //$this->disconnect_helper('Timeout'); return true; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; @@ -1108,7 +1108,7 @@ class SSH1 $temp = unpack('Ncrc', substr($raw, -4)); - //if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) { + //if ( $temp['crc'] != $this->crc($padding . $type . $data) ) { // user_error('Bad CRC in packet from server'); // return false; //} @@ -1119,7 +1119,7 @@ class SSH1 $temp = isset($this->protocol_flags[$type]) ? $this->protocol_flags[$type] : 'UNKNOWN'; $temp = '<- ' . $temp . ' (' . round($stop - $start, 4) . 's)'; - $this->_append_log($temp, $data); + $this->append_log($temp, $data); } return [ @@ -1138,7 +1138,7 @@ class SSH1 * @return bool * @access private */ - function _send_binary_packet($data) + private function send_binary_packet($data) { if (feof($this->fsock)) { //user_error('connection closed prematurely'); @@ -1151,7 +1151,7 @@ class SSH1 $orig = $data; $data = $padding . $data; - $data.= pack('N', $this->_crc($data)); + $data.= pack('N', $this->crc($data)); if ($this->crypto !== false) { $data = $this->crypto->encrypt($data); @@ -1167,7 +1167,7 @@ class SSH1 $temp = isset($this->protocol_flags[ord($orig[0])]) ? $this->protocol_flags[ord($orig[0])] : 'UNKNOWN'; $temp = '-> ' . $temp . ' (' . round($stop - $start, 4) . 's)'; - $this->_append_log($temp, $orig); + $this->append_log($temp, $orig); } return $result; @@ -1186,7 +1186,7 @@ class SSH1 * @return int * @access private */ - function _crc($data) + private function crc($data) { static $crc_lookup_table = [ 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, @@ -1286,7 +1286,7 @@ class SSH1 * @return BigInteger * @access private */ - function _rsa_crypt($m, $key) + private function rsa_crypt($m, $key) { /* $rsa = new RSA(); @@ -1334,7 +1334,7 @@ class SSH1 * @param array $array * @access private */ - function _define_array() + private function define_array() { $args = func_get_args(); foreach ($args as $arg) { @@ -1356,7 +1356,7 @@ class SSH1 * @access public * @return array|false|string */ - function getLog() + public function getLog() { if (!defined('NET_SSH1_LOGGING')) { return false; @@ -1367,7 +1367,7 @@ class SSH1 return $this->message_number_log; break; case self::LOG_COMPLEX: - return $this->_format_log($this->message_log, $this->protocol_flags_log); + return $this->format_log($this->message_log, $this->protocol_flags_log); break; default: return false; @@ -1382,7 +1382,7 @@ class SSH1 * @access private * @return string */ - function _format_log($message_log, $message_number_log) + private function format_log($message_log, $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { @@ -1394,7 +1394,7 @@ class SSH1 $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } $fragment = Strings::shift($current_log, $this->log_short_width); - $hex = substr(preg_replace_callback('#.#s', [$this, '_format_log_helper'], $fragment), strlen($this->log_boundary)); + $hex = substr(preg_replace_callback('#.#s', [$this, 'format_log_helper'], $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers @@ -1417,7 +1417,7 @@ class SSH1 * @access private * @return string */ - function _format_log_helper($matches) + private function format_log_helper($matches) { return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); } @@ -1432,7 +1432,7 @@ class SSH1 * @return string * @access public */ - function getServerKeyPublicExponent($raw_output = false) + public function getServerKeyPublicExponent($raw_output = false) { return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString(); } @@ -1447,7 +1447,7 @@ class SSH1 * @return string * @access public */ - function getServerKeyPublicModulus($raw_output = false) + public function getServerKeyPublicModulus($raw_output = false) { return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString(); } @@ -1462,7 +1462,7 @@ class SSH1 * @return string * @access public */ - function getHostKeyPublicExponent($raw_output = false) + public function getHostKeyPublicExponent($raw_output = false) { return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString(); } @@ -1477,7 +1477,7 @@ class SSH1 * @return string * @access public */ - function getHostKeyPublicModulus($raw_output = false) + public function getHostKeyPublicModulus($raw_output = false) { return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString(); } @@ -1493,7 +1493,7 @@ class SSH1 * @return array * @access public */ - function getSupportedCiphers($raw_output = false) + public function getSupportedCiphers($raw_output = false) { return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers); } @@ -1509,7 +1509,7 @@ class SSH1 * @return array * @access public */ - function getSupportedAuthentications($raw_output = false) + public function getSupportedAuthentications($raw_output = false) { return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications); } @@ -1520,7 +1520,7 @@ class SSH1 * @return string * @access public */ - function getServerIdentification() + public function getServerIdentification() { return rtrim($this->server_identification); } @@ -1533,7 +1533,7 @@ class SSH1 * @param string $data * @access private */ - function _append_log($protocol_flags, $message) + private function append_log($protocol_flags, $message) { switch (NET_SSH1_LOGGING) { // useful for benchmarks @@ -1555,7 +1555,7 @@ class SSH1 // passwords won't be filtered out and select other packets may not be correctly // identified case self::LOG_REALTIME: - echo "
\r\n" . $this->_format_log([$message], [$protocol_flags]) . "\r\n
\r\n"; + echo "
\r\n" . $this->format_log([$message], [$protocol_flags]) . "\r\n
\r\n"; @flush(); @ob_flush(); break; @@ -1573,7 +1573,7 @@ class SSH1 if (!is_resource($this->realtime_log_file)) { break; } - $entry = $this->_format_log([$message], [$protocol_flags]); + $entry = $this->format_log([$message], [$protocol_flags]); if ($this->realtime_log_wrap) { $temp = "<<< START >>>\r\n"; $entry.= $temp; diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 19079661..9a38f561 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -63,6 +63,7 @@ use phpseclib\Math\BigInteger; // Used to do Diffie-Hellman key exchange and DSA use phpseclib\System\SSH\Agent; use phpseclib\Exception\NoSupportedAlgorithmsException; use phpseclib\Common\Functions\Strings; +use phpseclib\Common\Functions\Objects; /** * Pure-PHP implementation of SSHv2. @@ -155,7 +156,7 @@ class SSH2 * @var string * @access private */ - var $identifier; + private $identifier; /** * The Socket Object @@ -163,7 +164,7 @@ class SSH2 * @var object * @access private */ - var $fsock; + private $fsock; /** * Execution Bitmap @@ -174,17 +175,17 @@ class SSH2 * @var int * @access private */ - var $bitmap = 0; + protected $bitmap = 0; /** * Error information * * @see self::getErrors() * @see self::getLastError() - * @var string + * @var array * @access private */ - var $errors = []; + private $errors = []; /** * Server Identifier @@ -193,7 +194,7 @@ class SSH2 * @var array|false * @access private */ - var $server_identifier = false; + private $server_identifier = false; /** * Key Exchange Algorithms @@ -202,7 +203,7 @@ class SSH2 * @var array|false * @access private */ - var $kex_algorithms = false; + private $kex_algorithms = false; /** * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods @@ -211,7 +212,7 @@ class SSH2 * @var int * @access private */ - var $kex_dh_group_size_min = 1536; + private $kex_dh_group_size_min = 1536; /** * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods @@ -220,7 +221,7 @@ class SSH2 * @var int * @access private */ - var $kex_dh_group_size_preferred = 2048; + private $kex_dh_group_size_preferred = 2048; /** * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods @@ -229,7 +230,7 @@ class SSH2 * @var int * @access private */ - var $kex_dh_group_size_max = 4096; + private $kex_dh_group_size_max = 4096; /** * Server Host Key Algorithms @@ -238,7 +239,7 @@ class SSH2 * @var array|false * @access private */ - var $server_host_key_algorithms = false; + private $server_host_key_algorithms = false; /** * Encryption Algorithms: Client to Server @@ -247,7 +248,7 @@ class SSH2 * @var array|false * @access private */ - var $encryption_algorithms_client_to_server = false; + private $encryption_algorithms_client_to_server = false; /** * Encryption Algorithms: Server to Client @@ -256,7 +257,7 @@ class SSH2 * @var array|false * @access private */ - var $encryption_algorithms_server_to_client = false; + private $encryption_algorithms_server_to_client = false; /** * MAC Algorithms: Client to Server @@ -265,7 +266,7 @@ class SSH2 * @var array|false * @access private */ - var $mac_algorithms_client_to_server = false; + private $mac_algorithms_client_to_server = false; /** * MAC Algorithms: Server to Client @@ -274,7 +275,7 @@ class SSH2 * @var array|false * @access private */ - var $mac_algorithms_server_to_client = false; + private $mac_algorithms_server_to_client = false; /** * Compression Algorithms: Client to Server @@ -283,7 +284,7 @@ class SSH2 * @var array|false * @access private */ - var $compression_algorithms_client_to_server = false; + private $compression_algorithms_client_to_server = false; /** * Compression Algorithms: Server to Client @@ -292,7 +293,7 @@ class SSH2 * @var array|false * @access private */ - var $compression_algorithms_server_to_client = false; + private $compression_algorithms_server_to_client = false; /** * Languages: Server to Client @@ -301,7 +302,7 @@ class SSH2 * @var array|false * @access private */ - var $languages_server_to_client = false; + private $languages_server_to_client = false; /** * Languages: Client to Server @@ -310,7 +311,7 @@ class SSH2 * @var array|false * @access private */ - var $languages_client_to_server = false; + private $languages_client_to_server = false; /** * Block Size for Server to Client Encryption @@ -327,7 +328,7 @@ class SSH2 * @var int * @access private */ - var $encrypt_block_size = 8; + private $encrypt_block_size = 8; /** * Block Size for Client to Server Encryption @@ -337,7 +338,7 @@ class SSH2 * @var int * @access private */ - var $decrypt_block_size = 8; + private $decrypt_block_size = 8; /** * Server to Client Encryption Object @@ -346,7 +347,7 @@ class SSH2 * @var object * @access private */ - var $decrypt = false; + private $decrypt = false; /** * Client to Server Encryption Object @@ -355,7 +356,7 @@ class SSH2 * @var object * @access private */ - var $encrypt = false; + private $encrypt = false; /** * Client to Server HMAC Object @@ -364,7 +365,7 @@ class SSH2 * @var object * @access private */ - var $hmac_create = false; + private $hmac_create = false; /** * Server to Client HMAC Object @@ -373,7 +374,7 @@ class SSH2 * @var object * @access private */ - var $hmac_check = false; + private $hmac_check = false; /** * Size of server to client HMAC @@ -386,7 +387,7 @@ class SSH2 * @var int * @access private */ - var $hmac_size = false; + private $hmac_size = false; /** * Server Public Host Key @@ -395,7 +396,7 @@ class SSH2 * @var string * @access private */ - var $server_public_host_key; + private $server_public_host_key; /** * Session identifier @@ -410,7 +411,7 @@ class SSH2 * @var string * @access private */ - var $session_id = false; + private $session_id = false; /** * Exchange hash @@ -421,7 +422,7 @@ class SSH2 * @var string * @access private */ - var $exchange_hash = false; + private $exchange_hash = false; /** * Message Numbers @@ -430,7 +431,7 @@ class SSH2 * @var array * @access private */ - var $message_numbers = []; + private $message_numbers = []; /** * Disconnection Message 'reason codes' defined in RFC4253 @@ -439,7 +440,7 @@ class SSH2 * @var array * @access private */ - var $disconnect_reasons = []; + private $disconnect_reasons = []; /** * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254 @@ -448,7 +449,7 @@ class SSH2 * @var array * @access private */ - var $channel_open_failure_reasons = []; + private $channel_open_failure_reasons = []; /** * Terminal Modes @@ -458,7 +459,7 @@ class SSH2 * @var array * @access private */ - var $terminal_modes = []; + private $terminal_modes = []; /** * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes @@ -468,7 +469,7 @@ class SSH2 * @var array * @access private */ - var $channel_extended_data_type_codes = []; + private $channel_extended_data_type_codes = []; /** * Send Sequence Number @@ -479,7 +480,7 @@ class SSH2 * @var int * @access private */ - var $send_seq_no = 0; + private $send_seq_no = 0; /** * Get Sequence Number @@ -490,7 +491,7 @@ class SSH2 * @var int * @access private */ - var $get_seq_no = 0; + private $get_seq_no = 0; /** * Server Channels @@ -502,7 +503,7 @@ class SSH2 * @var array * @access private */ - var $server_channels = []; + protected $server_channels = []; /** * Channel Buffers @@ -515,7 +516,7 @@ class SSH2 * @var array * @access private */ - var $channel_buffers = []; + private $channel_buffers = []; /** * Channel Status @@ -526,7 +527,7 @@ class SSH2 * @var array * @access private */ - var $channel_status = []; + protected $channel_status = []; /** * Packet Size @@ -537,7 +538,7 @@ class SSH2 * @var array * @access private */ - var $packet_size_client_to_server = []; + private $packet_size_client_to_server = []; /** * Message Number Log @@ -546,7 +547,7 @@ class SSH2 * @var array * @access private */ - var $message_number_log = []; + private $message_number_log = []; /** * Message Log @@ -555,7 +556,7 @@ class SSH2 * @var array * @access private */ - var $message_log = []; + private $message_log = []; /** * The Window Size @@ -567,7 +568,7 @@ class SSH2 * @see self::exec() * @access private */ - var $window_size = 0x7FFFFFFF; + protected $window_size = 0x7FFFFFFF; /** * Window size, server to client @@ -578,7 +579,7 @@ class SSH2 * @var array * @access private */ - var $window_size_server_to_client = []; + protected $window_size_server_to_client = []; /** * Window size, client to server @@ -589,7 +590,7 @@ class SSH2 * @var array * @access private */ - var $window_size_client_to_server = []; + private $window_size_client_to_server = []; /** * Server signature @@ -600,7 +601,7 @@ class SSH2 * @var string * @access private */ - var $signature = ''; + private $signature = ''; /** * Server signature format @@ -611,7 +612,7 @@ class SSH2 * @var string * @access private */ - var $signature_format = ''; + private $signature_format = ''; /** * Interactive Buffer @@ -620,7 +621,7 @@ class SSH2 * @var array * @access private */ - var $interactiveBuffer = ''; + private $interactiveBuffer = ''; /** * Current log size @@ -632,7 +633,7 @@ class SSH2 * @var int * @access private */ - var $log_size; + private $log_size; /** * Timeout @@ -640,7 +641,7 @@ class SSH2 * @see self::setTimeout() * @access private */ - var $timeout; + private $timeout; /** * Current Timeout @@ -648,7 +649,7 @@ class SSH2 * @see self::_get_channel_packet() * @access private */ - var $curTimeout; + private $curTimeout; /** * Real-time log file pointer @@ -657,7 +658,7 @@ class SSH2 * @var resource * @access private */ - var $realtime_log_file; + private $realtime_log_file; /** * Real-time log file size @@ -666,7 +667,7 @@ class SSH2 * @var int * @access private */ - var $realtime_log_size; + private $realtime_log_size; /** * Has the signature been validated? @@ -675,7 +676,7 @@ class SSH2 * @var bool * @access private */ - var $signature_validated = false; + private $signature_validated = false; /** * Real-time log file wrap boolean @@ -683,7 +684,7 @@ class SSH2 * @see self::_append_log() * @access private */ - var $realtime_log_wrap; + private $realtime_log_wrap; /** * Flag to suppress stderr from output @@ -691,7 +692,7 @@ class SSH2 * @see self::enableQuietMode() * @access private */ - var $quiet_mode = false; + private $quiet_mode = false; /** * Time of first network activity @@ -699,7 +700,7 @@ class SSH2 * @var int * @access private */ - var $last_packet; + private $last_packet; /** * Exit status returned from ssh if any @@ -707,7 +708,7 @@ class SSH2 * @var int * @access private */ - var $exit_status; + private $exit_status; /** * Flag to request a PTY when using exec() @@ -716,7 +717,7 @@ class SSH2 * @see self::enablePTY() * @access private */ - var $request_pty = false; + private $request_pty = false; /** * Flag set while exec() is running when using enablePTY() @@ -724,7 +725,7 @@ class SSH2 * @var bool * @access private */ - var $in_request_pty_exec = false; + private $in_request_pty_exec = false; /** * Flag set after startSubsystem() is called @@ -732,7 +733,7 @@ class SSH2 * @var bool * @access private */ - var $in_subsystem; + private $in_subsystem; /** * Contents of stdError @@ -740,7 +741,7 @@ class SSH2 * @var string * @access private */ - var $stdErrorLog; + private $stdErrorLog; /** * The Last Interactive Response @@ -749,7 +750,7 @@ class SSH2 * @var string * @access private */ - var $last_interactive_response = ''; + private $last_interactive_response = ''; /** * Keyboard Interactive Request / Responses @@ -758,7 +759,7 @@ class SSH2 * @var array * @access private */ - var $keyboard_requests_responses = []; + private $keyboard_requests_responses = []; /** * Banner Message @@ -771,7 +772,7 @@ class SSH2 * @var string * @access private */ - var $banner_message = ''; + private $banner_message = ''; /** * Did read() timeout or return normally? @@ -780,7 +781,7 @@ class SSH2 * @var bool * @access private */ - var $is_timeout = false; + private $is_timeout = false; /** * Log Boundary @@ -789,7 +790,7 @@ class SSH2 * @var string * @access private */ - var $log_boundary = ':'; + private $log_boundary = ':'; /** * Log Long Width @@ -798,7 +799,7 @@ class SSH2 * @var int * @access private */ - var $log_long_width = 65; + private $log_long_width = 65; /** * Log Short Width @@ -807,7 +808,7 @@ class SSH2 * @var int * @access private */ - var $log_short_width = 16; + private $log_short_width = 16; /** * Hostname @@ -817,7 +818,7 @@ class SSH2 * @var string * @access private */ - var $host; + private $host; /** * Port Number @@ -827,7 +828,7 @@ class SSH2 * @var int * @access private */ - var $port; + private $port; /** * Number of columns for terminal window size @@ -838,7 +839,7 @@ class SSH2 * @var int * @access private */ - var $windowColumns = 80; + private $windowColumns = 80; /** * Number of columns for terminal window size @@ -849,7 +850,7 @@ class SSH2 * @var int * @access private */ - var $windowRows = 24; + private $windowRows = 24; /** * Crypto Engine @@ -859,7 +860,7 @@ class SSH2 * @var int * @access private */ - var $crypto_engine = false; + private $crypto_engine = false; /** * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario @@ -867,7 +868,7 @@ class SSH2 * @var System_SSH_Agent * @access private */ - var $agent; + private $agent; /** * Connection storage to replicates ssh2 extension functionality: @@ -875,7 +876,7 @@ class SSH2 * * @var SSH2[] */ - static $connections; + private static $connections; /** * Default Constructor. @@ -889,7 +890,7 @@ class SSH2 * @return \phpseclib\Net\SSH2 * @access public */ - function __construct($host, $port = 22, $timeout = 10) + public function __construct($host, $port = 22, $timeout = 10) { $this->message_numbers = [ 1 => 'NET_SSH2_MSG_DISCONNECT', @@ -949,7 +950,7 @@ class SSH2 1 => 'NET_SSH2_EXTENDED_DATA_STDERR' ]; - $this->_define_array( + $this->define_array( $this->message_numbers, $this->disconnect_reasons, $this->channel_open_failure_reasons, @@ -993,7 +994,7 @@ class SSH2 * @param int $engine * @access private */ - function setCryptoEngine($engine) + public function setCryptoEngine($engine) { $this->crypto_engine = $engine; } @@ -1006,7 +1007,7 @@ class SSH2 * @throws \RuntimeException on other errors * @access private */ - function _connect() + private function connect() { if ($this->bitmap & self::MASK_CONSTRUCTOR) { return false; @@ -1035,7 +1036,7 @@ class SSH2 } } - $this->identifier = $this->_generate_identifier(); + $this->identifier = $this->generate_identifier(); fputs($this->fsock, $this->identifier . "\r\n"); @@ -1100,8 +1101,8 @@ class SSH2 $extra = $matches[1]; if (defined('NET_SSH2_LOGGING')) { - $this->_append_log('<-', $matches[0]); - $this->_append_log('->', $this->identifier . "\r\n"); + $this->append_log('<-', $matches[0]); + $this->append_log('->', $this->identifier . "\r\n"); } $this->server_identifier = trim($temp, "\r\n"); @@ -1113,7 +1114,7 @@ class SSH2 throw new \RuntimeException("Cannot connect to SSH $matches[1] servers"); } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -1122,7 +1123,7 @@ class SSH2 throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); } - if (!$this->_key_exchange($response)) { + if (!$this->key_exchange($response)) { return false; } @@ -1139,7 +1140,7 @@ class SSH2 * @access protected * @return string */ - function _generate_identifier() + private function generate_identifier() { $identifier = 'SSH-2.0-phpseclib_2.0'; @@ -1176,7 +1177,7 @@ class SSH2 * @throws \phpseclib\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible * @access private */ - function _key_exchange($kexinit_payload_server) + private function key_exchange($kexinit_payload_server) { $kex_algorithms = [ // Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using @@ -1379,7 +1380,7 @@ class SSH2 0 ); - if (!$this->_send_binary_packet($kexinit_payload_client)) { + if (!$this->send_binary_packet($kexinit_payload_client)) { return false; } // here ends the second place. @@ -1388,24 +1389,24 @@ class SSH2 // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the // diffie-hellman key exchange as fast as possible - $decrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_server_to_client); - $decryptKeyLength = $this->_encryption_algorithm_to_key_size($decrypt); + $decrypt = $this->array_intersect_first($encryption_algorithms, $this->encryption_algorithms_server_to_client); + $decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt); if ($decryptKeyLength === null) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found'); } - $encrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_client_to_server); - $encryptKeyLength = $this->_encryption_algorithm_to_key_size($encrypt); + $encrypt = $this->array_intersect_first($encryption_algorithms, $this->encryption_algorithms_client_to_server); + $encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt); if ($encryptKeyLength === null) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found'); } // through diffie-hellman key exchange a symmetric key is obtained - $kex_algorithm = $this->_array_intersect_first($kex_algorithms, $this->kex_algorithms); + $kex_algorithm = $this->array_intersect_first($kex_algorithms, $this->kex_algorithms); if ($kex_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible key exchange algorithms found'); } @@ -1431,11 +1432,11 @@ class SSH2 NET_SSH2_MSG_KEXDH_GEX_REQUEST, $dh_group_sizes_packed ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { user_error('Connection closed by server'); return false; @@ -1522,11 +1523,11 @@ class SSH2 } $data = pack('CNa*', $clientKexInitMessage, strlen($eBytes), $eBytes); - if (!$this->_send_binary_packet($data)) { + if (!$this->send_binary_packet($data)) { throw new \RuntimeException('Connection closed by server'); } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -1591,14 +1592,14 @@ class SSH2 $this->session_id = $this->exchange_hash; } - $server_host_key_algorithm = $this->_array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); + $server_host_key_algorithm = $this->array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); if ($server_host_key_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible server host key algorithms found'); } if ($public_key_format != $server_host_key_algorithm || $this->signature_format != $server_host_key_algorithm) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Server Host Key Algorithm Mismatch'); } @@ -1607,11 +1608,11 @@ class SSH2 NET_SSH2_MSG_NEWKEYS ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); @@ -1625,7 +1626,7 @@ class SSH2 $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); - $this->encrypt = $this->_encryption_algorithm_to_crypt_instance($encrypt); + $this->encrypt = $this->encryption_algorithm_to_crypt_instance($encrypt); if ($this->encrypt) { if ($this->crypto_engine) { $this->encrypt->setEngine($this->crypto_engine); @@ -1651,7 +1652,7 @@ class SSH2 $this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); } - $this->decrypt = $this->_encryption_algorithm_to_crypt_instance($decrypt); + $this->decrypt = $this->encryption_algorithm_to_crypt_instance($decrypt); if ($this->decrypt) { if ($this->crypto_engine) { $this->decrypt->setEngine($this->crypto_engine); @@ -1691,9 +1692,9 @@ class SSH2 $this->decrypt->decrypt(str_repeat("\0", 1536)); } - $mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_client_to_server); + $mac_algorithm = $this->array_intersect_first($mac_algorithms, $this->mac_algorithms_client_to_server); if ($mac_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible client to server message authentication algorithms found'); } @@ -1720,9 +1721,9 @@ class SSH2 $createKeyLength = 16; } - $mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_server_to_client); + $mac_algorithm = $this->array_intersect_first($mac_algorithms, $this->mac_algorithms_server_to_client); if ($mac_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible server to client message authentication algorithms found'); } @@ -1767,16 +1768,16 @@ class SSH2 } $this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); - $compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_server_to_client); + $compression_algorithm = $this->array_intersect_first($compression_algorithms, $this->compression_algorithms_server_to_client); if ($compression_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible server to client compression algorithms found'); } $this->decompress = $compression_algorithm == 'zlib'; - $compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_client_to_server); + $compression_algorithm = $this->array_intersect_first($compression_algorithms, $this->compression_algorithms_client_to_server); if ($compression_algorithm === false) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible client to server compression algorithms found'); } $this->compress = $compression_algorithm == 'zlib'; @@ -1791,7 +1792,7 @@ class SSH2 * @return int|null Number of bytes as an integer or null for unknown * @access private */ - function _encryption_algorithm_to_key_size($algorithm) + private function encryption_algorithm_to_key_size($algorithm) { switch ($algorithm) { case 'none': @@ -1831,7 +1832,7 @@ class SSH2 * @return mixed Instance of \phpseclib\Crypt\Base or null for unknown * @access private */ - function _encryption_algorithm_to_crypt_instance($algorithm) + private function encryption_algorithm_to_crypt_instance($algorithm) { switch ($algorithm) { case '3des-cbc': @@ -1879,10 +1880,10 @@ class SSH2 * @see self::_login() * @access public */ - function login($username) + public function login($username) { $args = func_get_args(); - return call_user_func_array([&$this, '_login'], $args); + return call_user_func_array([&$this, 'sublogin'], $args); } /** @@ -1895,21 +1896,21 @@ class SSH2 * @see self::_login_helper() * @access private */ - function _login($username) + protected function sublogin($username) { if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { - if (!$this->_connect()) { + if (!$this->connect()) { return false; } } $args = array_slice(func_get_args(), 1); if (empty($args)) { - return $this->_login_helper($username); + return $this->login_helper($username); } foreach ($args as $arg) { - if ($this->_login_helper($username, $arg)) { + if ($this->login_helper($username, $arg)) { return true; } } @@ -1928,7 +1929,7 @@ class SSH2 * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} * by sending dummy SSH_MSG_IGNORE messages. */ - function _login_helper($username, $password = null) + private function login_helper($username, $password = null) { if (!($this->bitmap & self::MASK_CONNECTED)) { return false; @@ -1942,11 +1943,11 @@ class SSH2 'ssh-userauth' ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -1960,17 +1961,17 @@ class SSH2 } if (strlen($this->last_interactive_response)) { - return !is_string($password) && !is_array($password) ? false : $this->_keyboard_interactive_process($password); + return !is_string($password) && !is_array($password) ? false : $this->keyboard_interactive_process($password); } if ($password instanceof RSA) { - return $this->_privatekey_login($username, $password); + return $this->privatekey_login($username, $password); } elseif ($password instanceof Agent) { - return $this->_ssh_agent_login($username, $password); + return $this->ssh_agent_login($username, $password); } if (is_array($password)) { - if ($this->_keyboard_interactive_login($username, $password)) { + if ($this->keyboard_interactive_login($username, $password)) { $this->bitmap |= self::MASK_LOGIN; return true; } @@ -1989,11 +1990,11 @@ class SSH2 'none' ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2043,11 +2044,11 @@ class SSH2 ); } - if (!$this->_send_binary_packet($packet, $logged)) { + if (!$this->send_binary_packet($packet, $logged)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2061,7 +2062,7 @@ class SSH2 } extract(unpack('Nlength', Strings::shift($response, 4))); $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode(Strings::shift($response, $length)); - return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); + return $this->disconnect_helper(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); case NET_SSH2_MSG_USERAUTH_FAILURE: // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees // multi-factor authentication @@ -2071,7 +2072,7 @@ class SSH2 $partial_success = $partial_success != 0; if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { - if ($this->_keyboard_interactive_login($username, $password)) { + if ($this->keyboard_interactive_login($username, $password)) { $this->bitmap |= self::MASK_LOGIN; return true; } @@ -2096,7 +2097,7 @@ class SSH2 * @return bool * @access private */ - function _keyboard_interactive_login($username, $password) + private function keyboard_interactive_login($username, $password) { $packet = pack( 'CNa*Na*Na*Na*Na*', @@ -2113,11 +2114,11 @@ class SSH2 '' ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - return $this->_keyboard_interactive_process($password); + return $this->keyboard_interactive_process($password); } /** @@ -2128,14 +2129,14 @@ class SSH2 * @throws \RuntimeException on connection error * @access private */ - function _keyboard_interactive_process() + private function keyboard_interactive_process() { $responses = func_get_args(); if (strlen($this->last_interactive_response)) { $response = $this->last_interactive_response; } else { - $orig = $response = $this->_get_binary_packet(); + $orig = $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2205,7 +2206,7 @@ class SSH2 $logged.= pack('Na*', strlen('dummy-answer'), 'dummy-answer'); } - if (!$this->_send_binary_packet($packet, $logged)) { + if (!$this->send_binary_packet($packet, $logged)) { return false; } @@ -2224,7 +2225,7 @@ class SSH2 */ // maybe phpseclib should force close the connection after x request / responses? unless something like that is done // there could be an infinite loop of request / responses. - return $this->_keyboard_interactive_process(); + return $this->keyboard_interactive_process(); case NET_SSH2_MSG_USERAUTH_SUCCESS: return true; case NET_SSH2_MSG_USERAUTH_FAILURE: @@ -2242,12 +2243,12 @@ class SSH2 * @return bool * @access private */ - function _ssh_agent_login($username, $agent) + private function ssh_agent_login($username, $agent) { $this->agent = $agent; $keys = $agent->requestIdentities(); foreach ($keys as $key) { - if ($this->_privatekey_login($username, $key)) { + if ($this->privatekey_login($username, $key)) { return true; } } @@ -2266,7 +2267,7 @@ class SSH2 * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} * by sending dummy SSH_MSG_IGNORE messages. */ - function _privatekey_login($username, $privatekey) + private function privatekey_login($username, $privatekey) { // see http://tools.ietf.org/html/rfc4253#page-15 $publickey = $privatekey->getPublicKey('Raw'); @@ -2301,11 +2302,11 @@ class SSH2 $part2 = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey), $publickey); $packet = $part1 . chr(0) . $part2; - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2335,11 +2336,11 @@ class SSH2 $signature = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($signature), $signature); $packet.= pack('Na*', strlen($signature), $signature); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2367,7 +2368,7 @@ class SSH2 * @param mixed $timeout * @access public */ - function setTimeout($timeout) + public function setTimeout($timeout) { $this->timeout = $this->curTimeout = $timeout; } @@ -2377,7 +2378,7 @@ class SSH2 * * @access public */ - function getStdError() + public function getStdError() { return $this->stdErrorLog; } @@ -2394,7 +2395,7 @@ class SSH2 * @throws \RuntimeException on connection error * @access public */ - function exec($command, $callback = null) + public function exec($command, $callback = null) { $this->curTimeout = $this->timeout; $this->is_timeout = false; @@ -2423,13 +2424,13 @@ class SSH2 $packet_size ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_OPEN; - $response = $this->_get_channel_packet(self::CHANNEL_EXEC); + $response = $this->get_channel_packet(self::CHANNEL_EXEC); if ($response === false) { return false; } @@ -2453,11 +2454,11 @@ class SSH2 $terminal_modes ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2469,7 +2470,7 @@ class SSH2 break; case NET_SSH2_MSG_CHANNEL_FAILURE: default: - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); throw new \RuntimeException('Unable to request pseudo-terminal'); } $this->in_request_pty_exec = true; @@ -2494,13 +2495,13 @@ class SSH2 strlen($command), $command ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; - $response = $this->_get_channel_packet(self::CHANNEL_EXEC); + $response = $this->get_channel_packet(self::CHANNEL_EXEC); if ($response === false) { return false; } @@ -2513,7 +2514,7 @@ class SSH2 $output = ''; while (true) { - $temp = $this->_get_channel_packet(self::CHANNEL_EXEC); + $temp = $this->get_channel_packet(self::CHANNEL_EXEC); switch (true) { case $temp === true: return is_callable($callback) ? true : $output; @@ -2522,7 +2523,7 @@ class SSH2 default: if (is_callable($callback)) { if (call_user_func($callback, $temp) === true) { - $this->_close_channel(self::CHANNEL_EXEC); + $this->close_channel(self::CHANNEL_EXEC); return true; } } else { @@ -2542,7 +2543,7 @@ class SSH2 * @throws \RuntimeException on other errors * @access private */ - function _initShell() + private function initShell() { if ($this->in_request_pty_exec === true) { return true; @@ -2561,13 +2562,13 @@ class SSH2 $packet_size ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_OPEN; - $response = $this->_get_channel_packet(self::CHANNEL_SHELL); + $response = $this->get_channel_packet(self::CHANNEL_SHELL); if ($response === false) { return false; } @@ -2590,11 +2591,11 @@ class SSH2 $terminal_modes ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -2607,7 +2608,7 @@ class SSH2 case NET_SSH2_MSG_CHANNEL_FAILURE: break; default: - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); throw new \UnexpectedValueException('Unable to request pseudo-terminal'); } @@ -2619,13 +2620,13 @@ class SSH2 'shell', 1 ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; - $response = $this->_get_channel_packet(self::CHANNEL_SHELL); + $response = $this->get_channel_packet(self::CHANNEL_SHELL); if ($response === false) { return false; } @@ -2645,7 +2646,7 @@ class SSH2 * @return int * @access public */ - function _get_interactive_channel() + private function get_interactive_channel() { switch (true) { case $this->in_subsystem: @@ -2663,7 +2664,7 @@ class SSH2 * @return int * @access public */ - function _get_open_channel() + private function get_open_channel() { $channel = self::CHANNEL_EXEC; do { @@ -2688,7 +2689,7 @@ class SSH2 * @throws \RuntimeException on connection error * @access public */ - function read($expect = '', $mode = self::READ_SIMPLE) + public function read($expect = '', $mode = self::READ_SIMPLE) { $this->curTimeout = $this->timeout; $this->is_timeout = false; @@ -2697,11 +2698,11 @@ class SSH2 throw new \RuntimeException('Operation disallowed prior to login()'); } - if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + if (!($this->bitmap & self::MASK_SHELL) && !$this->initShell()) { throw new \RuntimeException('Unable to initiate an interactive shell session'); } - $channel = $this->_get_interactive_channel(); + $channel = $this->get_interactive_channel(); $match = $expect; while (true) { @@ -2713,7 +2714,7 @@ class SSH2 if ($pos !== false) { return Strings::shift($this->interactiveBuffer, $pos + strlen($match)); } - $response = $this->_get_channel_packet($channel); + $response = $this->get_channel_packet($channel); if (is_bool($response)) { $this->in_request_pty_exec = false; return $response ? Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false; @@ -2732,17 +2733,17 @@ class SSH2 * @throws \RuntimeException on connection error * @access public */ - function write($cmd) + public function write($cmd) { if (!($this->bitmap & self::MASK_LOGIN)) { throw new \RuntimeException('Operation disallowed prior to login()'); } - if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + if (!($this->bitmap & self::MASK_SHELL) && !$this->initShell()) { throw new \RuntimeException('Unable to initiate an interactive shell session'); } - return $this->_send_channel_packet($this->_get_interactive_channel(), $cmd); + return $this->send_channel_packet($this->get_interactive_channel(), $cmd); } /** @@ -2759,7 +2760,7 @@ class SSH2 * @return bool * @access public */ - function startSubsystem($subsystem) + public function startSubsystem($subsystem) { $this->window_size_server_to_client[self::CHANNEL_SUBSYSTEM] = $this->window_size; @@ -2773,13 +2774,13 @@ class SSH2 0x4000 ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_OPEN; - $response = $this->_get_channel_packet(self::CHANNEL_SUBSYSTEM); + $response = $this->get_channel_packet(self::CHANNEL_SUBSYSTEM); if ($response === false) { return false; } @@ -2794,13 +2795,13 @@ class SSH2 strlen($subsystem), $subsystem ); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; - $response = $this->_get_channel_packet(self::CHANNEL_SUBSYSTEM); + $response = $this->get_channel_packet(self::CHANNEL_SUBSYSTEM); if ($response === false) { return false; @@ -2821,10 +2822,10 @@ class SSH2 * @return bool * @access public */ - function stopSubsystem() + public function stopSubsystem() { $this->in_subsystem = false; - $this->_close_channel(self::CHANNEL_SUBSYSTEM); + $this->close_channel(self::CHANNEL_SUBSYSTEM); return true; } @@ -2835,9 +2836,9 @@ class SSH2 * * @access public */ - function reset() + public function reset() { - $this->_close_channel($this->_get_interactive_channel()); + $this->close_channel($this->get_interactive_channel()); } /** @@ -2847,7 +2848,7 @@ class SSH2 * * @access public */ - function isTimeout() + public function isTimeout() { return $this->is_timeout; } @@ -2857,9 +2858,9 @@ class SSH2 * * @access public */ - function disconnect() + public function disconnect() { - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) { fclose($this->realtime_log_file); } @@ -2874,7 +2875,7 @@ class SSH2 * * @access public */ - function __destruct() + public function __destruct() { $this->disconnect(); } @@ -2885,7 +2886,7 @@ class SSH2 * @return bool * @access public */ - function isConnected() + public function isConnected() { return (bool) ($this->bitmap & self::MASK_CONNECTED); } @@ -2896,7 +2897,7 @@ class SSH2 * @return bool * @access public */ - function isAuthenticated() + public function isAuthenticated() { return (bool) ($this->bitmap & self::MASK_LOGIN); } @@ -2911,7 +2912,7 @@ class SSH2 * @throws \RuntimeException on connection errors * @access private */ - function _get_binary_packet() + private function get_binary_packet() { if (!is_resource($this->fsock) || feof($this->fsock)) { $this->bitmap = 0; @@ -2979,11 +2980,11 @@ class SSH2 $message_number = isset($this->message_numbers[ord($payload[0])]) ? $this->message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; $message_number = '<- ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; - $this->_append_log($message_number, $payload); + $this->append_log($message_number, $payload); $this->last_packet = $current; } - return $this->_filter($payload); + return $this->filter($payload); } /** @@ -2995,7 +2996,7 @@ class SSH2 * @return string * @access private */ - function _filter($payload) + private function filter($payload) { switch (ord($payload[0])) { case NET_SSH2_MSG_DISCONNECT: @@ -3005,23 +3006,23 @@ class SSH2 $this->bitmap = 0; return false; case NET_SSH2_MSG_IGNORE: - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_DEBUG: Strings::shift($payload, 2); extract(unpack('Nlength', Strings::shift($payload, 4))); $this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode(Strings::shift($payload, $length)); - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_UNIMPLEMENTED: return false; case NET_SSH2_MSG_KEXINIT: if ($this->session_id !== false) { - if (!$this->_key_exchange($payload)) { + if (!$this->key_exchange($payload)) { $this->bitmap = 0; return false; } - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); } } @@ -3030,7 +3031,7 @@ class SSH2 Strings::shift($payload, 1); extract(unpack('Nlength', Strings::shift($payload, 4))); $this->banner_message = utf8_decode(Strings::shift($payload, $length)); - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); } // only called when we've already logged in @@ -3040,11 +3041,11 @@ class SSH2 extract(unpack('Nlength', Strings::shift($payload, 4))); $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . Strings::shift($payload, $length); - if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) { - return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + if (!$this->send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) { + return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); } - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 Strings::shift($payload, 1); @@ -3077,7 +3078,7 @@ class SSH2 $this->server_channels[$new_channel] = $server_channel; $this->channel_status[$new_channel] = NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION; - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } } @@ -3094,11 +3095,11 @@ class SSH2 '' ); - if (!$this->_send_binary_packet($packet)) { - return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + if (!$this->send_binary_packet($packet)) { + return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); } } - $payload = $this->_get_binary_packet(); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: Strings::shift($payload, 1); @@ -3106,7 +3107,7 @@ class SSH2 extract(unpack('Nwindow_size', Strings::shift($payload, 4))); $this->window_size_client_to_server[$channel]+= $window_size; - $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet(); + $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->get_binary_packet(); } } @@ -3120,7 +3121,7 @@ class SSH2 * * @access public */ - function enableQuietMode() + public function enableQuietMode() { $this->quiet_mode = true; } @@ -3132,7 +3133,7 @@ class SSH2 * * @access public */ - function disableQuietMode() + public function disableQuietMode() { $this->quiet_mode = false; } @@ -3145,7 +3146,7 @@ class SSH2 * @access public * @return bool */ - function isQuietModeEnabled() + public function isQuietModeEnabled() { return $this->quiet_mode; } @@ -3155,7 +3156,7 @@ class SSH2 * * @access public */ - function enablePTY() + public function enablePTY() { $this->request_pty = true; } @@ -3165,7 +3166,7 @@ class SSH2 * * @access public */ - function disablePTY() + public function disablePTY() { $this->request_pty = false; } @@ -3178,7 +3179,7 @@ class SSH2 * @access public * @return bool */ - function isPTYEnabled() + public function isPTYEnabled() { return $this->request_pty; } @@ -3193,7 +3194,7 @@ class SSH2 * @throws \RuntimeException on connection error * @access private */ - function _get_channel_packet($client_channel, $skip_extended = false) + protected function get_channel_packet($client_channel, $skip_extended = false) { if (!empty($this->channel_buffers[$client_channel])) { return array_shift($this->channel_buffers[$client_channel]); @@ -3221,7 +3222,7 @@ class SSH2 $this->curTimeout-= $elapsed; } - $response = $this->_get_binary_packet(); + $response = $this->get_binary_packet(); if ($response === false) { throw new \RuntimeException('Connection closed by server'); } @@ -3247,7 +3248,7 @@ class SSH2 // resize the window, if appropriate if ($this->window_size_server_to_client[$channel] < 0) { $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_size); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } $this->window_size_server_to_client[$channel]+= $this->window_size; @@ -3267,12 +3268,12 @@ class SSH2 $this->window_size_client_to_server[$channel] = $window_size; $temp = unpack('Npacket_size_client_to_server', Strings::shift($response, 4)); $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; - $result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); - $this->_on_channel_open(); + $result = $client_channel == $channel ? true : $this->get_channel_packet($client_channel, $skip_extended); + $this->on_channel_open(); return $result; //case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE: default: - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); throw new \RuntimeException('Unable to open channel'); } break; @@ -3283,11 +3284,11 @@ class SSH2 case NET_SSH2_MSG_CHANNEL_FAILURE: return false; default: - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); throw new \RuntimeException('Unable to fulfill channel request'); } case NET_SSH2_MSG_CHANNEL_CLOSE: - return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->_get_channel_packet($client_channel, $skip_extended); + return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->get_channel_packet($client_channel, $skip_extended); } } @@ -3301,16 +3302,16 @@ class SSH2 // this actually seems to make things twice as fast. more to the point, the message right after // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. // in OpenSSH it slows things down but only by a couple thousandths of a second. - $this->_send_channel_packet($channel, chr(0)); + $this->send_channel_packet($channel, chr(0)); } */ extract(unpack('Nlength', Strings::shift($response, 4))); $data = Strings::shift($response, $length); if ($channel == self::CHANNEL_AGENT_FORWARD) { - $agent_response = $this->agent->_forward_data($data); + $agent_response = Objects::callFunc($this->agent, 'forward_data', [$data]); if (!is_bool($agent_response)) { - $this->_send_channel_packet($channel, $agent_response); + $this->send_channel_packet($channel, $agent_response); } break; } @@ -3326,7 +3327,7 @@ class SSH2 case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: /* if ($client_channel == self::CHANNEL_EXEC) { - $this->_send_channel_packet($client_channel, chr(0)); + $this->send_channel_packet($client_channel, chr(0)); } */ // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR @@ -3358,8 +3359,8 @@ class SSH2 $this->errors[count($this->errors)].= "\r\n" . Strings::shift($response, $length); } - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; @@ -3385,7 +3386,7 @@ class SSH2 $this->bitmap&= ~self::MASK_SHELL; } if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); } $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; @@ -3395,7 +3396,7 @@ class SSH2 case NET_SSH2_MSG_CHANNEL_EOF: break; default: - $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); throw new \RuntimeException('Error reading channel data'); } } @@ -3412,7 +3413,7 @@ class SSH2 * @return bool * @access private */ - function _send_binary_packet($data, $logged = null) + protected function send_binary_packet($data, $logged = null) { if (!is_resource($this->fsock) || feof($this->fsock)) { $this->bitmap = 0; @@ -3454,7 +3455,7 @@ class SSH2 $message_number = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')'; $message_number = '-> ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; - $this->_append_log($message_number, isset($logged) ? $logged : $data); + $this->append_log($message_number, isset($logged) ? $logged : $data); $this->last_packet = $current; } @@ -3469,7 +3470,7 @@ class SSH2 * @param string $data * @access private */ - function _append_log($message_number, $message) + private function append_log($message_number, $message) { // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) if (strlen($message_number) > 2) { @@ -3503,7 +3504,7 @@ class SSH2 $start = '
';
                         $stop = '
'; } - echo $start . $this->_format_log([$message], [$message_number]) . $stop; + echo $start . $this->format_log([$message], [$message_number]) . $stop; @flush(); @ob_flush(); break; @@ -3521,7 +3522,7 @@ class SSH2 if (!is_resource($this->realtime_log_file)) { break; } - $entry = $this->_format_log([$message], [$message_number]); + $entry = $this->format_log([$message], [$message_number]); if ($this->realtime_log_wrap) { $temp = "<<< START >>>\r\n"; $entry.= $temp; @@ -3547,13 +3548,13 @@ class SSH2 * @return bool * @access private */ - function _send_channel_packet($client_channel, $data) + protected function send_channel_packet($client_channel, $data) { while (strlen($data)) { if (!$this->window_size_client_to_server[$client_channel]) { $this->bitmap^= self::MASK_WINDOW_ADJUST; // using an invalid channel will let the buffers be built up for the valid channels - $this->_get_channel_packet(-1); + $this->get_channel_packet(-1); $this->bitmap^= self::MASK_WINDOW_ADJUST; } @@ -3575,7 +3576,7 @@ class SSH2 $temp ); $this->window_size_client_to_server[$client_channel]-= strlen($temp); - if (!$this->_send_binary_packet($packet)) { + if (!$this->send_binary_packet($packet)) { return false; } } @@ -3595,25 +3596,25 @@ class SSH2 * @return bool * @access private */ - function _close_channel($client_channel, $want_reply = false) + private function close_channel($client_channel, $want_reply = false) { // see http://tools.ietf.org/html/rfc4254#section-5.3 - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); if (!$want_reply) { - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); } $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; $this->curTimeout = 0; - while (!is_bool($this->_get_channel_packet($client_channel))) { + while (!is_bool($this->get_channel_packet($client_channel))) { } if ($want_reply) { - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); } if ($this->bitmap & self::MASK_SHELL) { @@ -3628,11 +3629,11 @@ class SSH2 * @return bool * @access private */ - function _disconnect($reason) + private function disconnect_helper($reason) { if ($this->bitmap & self::MASK_CONNECTED) { $data = pack('CNNa*Na*', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, ''); - $this->_send_binary_packet($data); + $this->send_binary_packet($data); $this->bitmap = 0; fclose($this->fsock); return false; @@ -3649,7 +3650,7 @@ class SSH2 * @param array $array * @access private */ - function _define_array() + protected function define_array() { $args = func_get_args(); foreach ($args as $arg) { @@ -3671,7 +3672,7 @@ class SSH2 * @access public * @return array|false|string */ - function getLog() + public function getLog() { if (!defined('NET_SSH2_LOGGING')) { return false; @@ -3682,7 +3683,7 @@ class SSH2 return $this->message_number_log; break; case self::LOG_COMPLEX: - return $this->_format_log($this->message_log, $this->message_number_log); + return $this->format_log($this->message_log, $this->message_number_log); break; default: return false; @@ -3697,7 +3698,7 @@ class SSH2 * @access private * @return string */ - function _format_log($message_log, $message_number_log) + protected function format_log($message_log, $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { @@ -3709,7 +3710,7 @@ class SSH2 $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } $fragment = Strings::shift($current_log, $this->log_short_width); - $hex = substr(preg_replace_callback('#.#s', [$this, '_format_log_helper'], $fragment), strlen($this->log_boundary)); + $hex = substr(preg_replace_callback('#.#s', [$this, 'format_log_helper'], $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers @@ -3732,13 +3733,13 @@ class SSH2 * @access private * @return string */ - function _format_log_helper($matches) + private function format_log_helper($matches) { return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); } /** - * Helper function for agent->_on_channel_open() + * Helper function for agent->on_channel_open() * * Used when channels are created to inform agent * of said channel opening. Must be called after @@ -3746,10 +3747,10 @@ class SSH2 * * @access private */ - function _on_channel_open() + private function on_channel_open() { if (isset($this->agent)) { - $this->agent->_on_channel_open($this); + Objects::callFunc($this->agent, 'on_channel_open', [$this]); } } @@ -3762,7 +3763,7 @@ class SSH2 * @return mixed False if intersection is empty, else intersected value. * @access private */ - function _array_intersect_first($array1, $array2) + private function array_intersect_first($array1, $array2) { foreach ($array1 as $value) { if (in_array($value, $array2)) { @@ -3778,7 +3779,7 @@ class SSH2 * @return string[] * @access public */ - function getErrors() + public function getErrors() { return $this->errors; } @@ -3789,7 +3790,7 @@ class SSH2 * @return string * @access public */ - function getLastError() + public function getLastError() { $count = count($this->errors); @@ -3804,9 +3805,9 @@ class SSH2 * @return string * @access public */ - function getServerIdentification() + public function getServerIdentification() { - $this->_connect(); + $this->connect(); return $this->server_identifier; } @@ -3817,9 +3818,9 @@ class SSH2 * @return array * @access public */ - function getKexAlgorithms() + public function getKexAlgorithms() { - $this->_connect(); + $this->connect(); return $this->kex_algorithms; } @@ -3830,9 +3831,9 @@ class SSH2 * @return array * @access public */ - function getServerHostKeyAlgorithms() + public function getServerHostKeyAlgorithms() { - $this->_connect(); + $this->connect(); return $this->server_host_key_algorithms; } @@ -3843,9 +3844,9 @@ class SSH2 * @return array * @access public */ - function getEncryptionAlgorithmsClient2Server() + public function getEncryptionAlgorithmsClient2Server() { - $this->_connect(); + $this->connect(); return $this->encryption_algorithms_client_to_server; } @@ -3856,9 +3857,9 @@ class SSH2 * @return array * @access public */ - function getEncryptionAlgorithmsServer2Client() + public function getEncryptionAlgorithmsServer2Client() { - $this->_connect(); + $this->connect(); return $this->encryption_algorithms_server_to_client; } @@ -3869,9 +3870,9 @@ class SSH2 * @return array * @access public */ - function getMACAlgorithmsClient2Server() + public function getMACAlgorithmsClient2Server() { - $this->_connect(); + $this->connect(); return $this->mac_algorithms_client_to_server; } @@ -3882,9 +3883,9 @@ class SSH2 * @return array * @access public */ - function getMACAlgorithmsServer2Client() + public function getMACAlgorithmsServer2Client() { - $this->_connect(); + $this->connect(); return $this->mac_algorithms_server_to_client; } @@ -3895,9 +3896,9 @@ class SSH2 * @return array * @access public */ - function getCompressionAlgorithmsClient2Server() + public function getCompressionAlgorithmsClient2Server() { - $this->_connect(); + $this->connect(); return $this->compression_algorithms_client_to_server; } @@ -3908,9 +3909,9 @@ class SSH2 * @return array * @access public */ - function getCompressionAlgorithmsServer2Client() + public function getCompressionAlgorithmsServer2Client() { - $this->_connect(); + $this->connect(); return $this->compression_algorithms_server_to_client; } @@ -3921,9 +3922,9 @@ class SSH2 * @return array * @access public */ - function getLanguagesServer2Client() + public function getLanguagesServer2Client() { - $this->_connect(); + $this->connect(); return $this->languages_server_to_client; } @@ -3934,9 +3935,9 @@ class SSH2 * @return array * @access public */ - function getLanguagesClient2Server() + public function getLanguagesClient2Server() { - $this->_connect(); + $this->connect(); return $this->languages_client_to_server; } @@ -3950,7 +3951,7 @@ class SSH2 * @return string * @access public */ - function getBannerMessage() + public function getBannerMessage() { return $this->banner_message; } @@ -3966,10 +3967,10 @@ class SSH2 * @throws \phpseclib\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format * @access public */ - function getServerPublicHostKey() + public function getServerPublicHostKey() { if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { - if (!$this->_connect()) { + if (!$this->connect()) { return false; } } @@ -4009,7 +4010,7 @@ class SSH2 padding, unsigned, and in network byte order). */ $temp = unpack('Nlength', Strings::shift($signature, 4)); if ($temp['length'] != 40) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Invalid signature'); } @@ -4021,7 +4022,7 @@ class SSH2 case $r->compare($q) >= 0: case $s->equals($zero): case $s->compare($q) >= 0: - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnectHepler(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Invalid signature'); } @@ -4042,7 +4043,7 @@ class SSH2 if (!$v->equals($r)) { //user_error('Bad server signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + return $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; @@ -4064,7 +4065,7 @@ class SSH2 $rsa->setHash('sha1'); if (!$rsa->verify($this->exchange_hash, $signature, RSA::PADDING_PKCS1)) { //user_error('Bad server signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + return $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } */ @@ -4078,7 +4079,7 @@ class SSH2 // also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source. if ($s->compare(new BigInteger()) < 0 || $s->compare($n->subtract(new BigInteger(1))) > 0) { - $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Invalid signature'); } @@ -4090,11 +4091,11 @@ class SSH2 if ($s != $h) { //user_error('Bad server signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + return $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; default: - $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); throw new NoSupportedAlgorithmsException('Unsupported signature format'); } @@ -4107,7 +4108,7 @@ class SSH2 * @return false|int * @access public */ - function getExitStatus() + public function getExitStatus() { if (is_null($this->exit_status)) { return false; @@ -4121,7 +4122,7 @@ class SSH2 * @return int * @access public */ - function getWindowColumns() + public function getWindowColumns() { return $this->windowColumns; } @@ -4132,7 +4133,7 @@ class SSH2 * @return int * @access public */ - function getWindowRows() + public function getWindowRows() { return $this->windowRows; } @@ -4143,7 +4144,7 @@ class SSH2 * @param int $value * @access public */ - function setWindowColumns($value) + public function setWindowColumns($value) { $this->windowColumns = $value; } @@ -4154,7 +4155,7 @@ class SSH2 * @param int $value * @access public */ - function setWindowRows($value) + public function setWindowRows($value) { $this->windowRows = $value; } @@ -4166,21 +4167,26 @@ class SSH2 * @param int $rows * @access public */ - function setWindowSize($columns = 80, $rows = 24) + public function setWindowSize($columns = 80, $rows = 24) { $this->windowColumns = $columns; $this->windowRows = $rows; } /** + * To String Magic Method + * * @return string + * @access public */ - function __toString() + public function __toString() { return $this->getResourceId(); } /** + * Get Resource ID + * * We use {} because that symbols should not be in URL according to * {@link http://tools.ietf.org/html/rfc3986#section-2 RFC}. * It will safe us from any conflicts, because otherwise regexp will @@ -4188,7 +4194,7 @@ class SSH2 * * @return string */ - function getResourceId() + public function getResourceId() { return '{' . spl_object_hash($this) . '}'; } @@ -4200,7 +4206,7 @@ class SSH2 * * @return bool|SSH2 will return false if no such connection */ - static function getConnectionByResourceId($id) + public static function getConnectionByResourceId($id) { return isset(self::$connections[$id]) ? self::$connections[$id] : false; } @@ -4210,7 +4216,7 @@ class SSH2 * * @return SSH2[] */ - static function getConnections() + public static function getConnections() { return self::$connections; } diff --git a/phpseclib/System/SSH/Agent.php b/phpseclib/System/SSH/Agent.php index 2bf638d2..489364d6 100644 --- a/phpseclib/System/SSH/Agent.php +++ b/phpseclib/System/SSH/Agent.php @@ -37,6 +37,7 @@ use ParagonIE\ConstantTime\Base64; use phpseclib\Crypt\RSA; use phpseclib\Exception\BadConfigurationException; use phpseclib\System\SSH\Agent\Identity; +use phpseclib\Common\Functions\Objects; /** * Pure-PHP ssh-agent client identity factory @@ -88,30 +89,43 @@ class Agent * @var resource * @access private */ - var $fsock; + private $fsock; /** * Agent forwarding status * + * @var int * @access private */ - var $forward_status = self::FORWARD_NONE; + private $forward_status = self::FORWARD_NONE; /** * Buffer for accumulating forwarded authentication * agent data arriving on SSH data channel destined * for agent unix socket * + * @var string * @access private */ - var $socket_buffer = ''; + private $socket_buffer = ''; /** * Tracking the number of bytes we are expecting * to arrive for the agent socket on the SSH data * channel + * + * @var int + * @access private */ - var $expected_bytes = 0; + private $expected_bytes = 0; + + /** + * The current request channel + * + * @var int + * @access private + */ + private $request_channel; /** * Default Constructor @@ -121,7 +135,7 @@ class Agent * @throws \RuntimeException on connection errors * @access public */ - function __construct() + public function __construct() { switch (true) { case isset($_SERVER['SSH_AUTH_SOCK']): @@ -150,7 +164,7 @@ class Agent * @throws \RuntimeException on receipt of unexpected packets * @access public */ - function requestIdentities() + public function requestIdentities() { if (!$this->fsock) { return []; @@ -209,7 +223,7 @@ class Agent * @return bool * @access public */ - function startSSHForwarding($ssh) + public function startSSHForwarding($ssh) { if ($this->forward_status == self::FORWARD_NONE) { $this->forward_status = self::FORWARD_REQUEST; @@ -223,34 +237,33 @@ class Agent * @return bool * @access private */ - function _request_forwarding($ssh) + private function request_forwarding($ssh) { - $request_channel = $ssh->_get_open_channel(); - if ($request_channel === false) { + $this->request_channel = Objects::callFunc($ssh, 'get_open_channel'); + if ($this->request_channel === false) { return false; } $packet = pack( 'CNNa*C', NET_SSH2_MSG_CHANNEL_REQUEST, - $ssh->server_channels[$request_channel], + Objects::getVar($ssh, 'server_channels')[$this->request_channel], strlen('auth-agent-req@openssh.com'), 'auth-agent-req@openssh.com', 1 ); - $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST; - - if (!$ssh->_send_binary_packet($packet)) { + $this->update_channel_status($ssh, NET_SSH2_MSG_CHANNEL_REQUEST); + if (!Objects::callFunc($ssh, 'send_binary_packet', [$packet])) { return false; } - $response = $ssh->_get_channel_packet($request_channel); + $response = Objects::callFunc($ssh, 'get_channel_packet', [$this->request_channel]); if ($response === false) { return false; } - $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN; + $this->update_channel_status($ssh, NET_SSH2_MSG_CHANNEL_OPEN); $this->forward_status = self::FORWARD_ACTIVE; return true; @@ -266,10 +279,10 @@ class Agent * @param Net_SSH2 $ssh * @access private */ - function _on_channel_open($ssh) + public function on_channel_open($ssh) { if ($this->forward_status == self::FORWARD_REQUEST) { - $this->_request_forwarding($ssh); + $this->request_forwarding($ssh); } } @@ -281,7 +294,7 @@ class Agent * @throws \RuntimeException on connection errors * @access private */ - function _forward_data($data) + private function forward_data($data) { if ($this->expected_bytes > 0) { $this->socket_buffer.= $data; @@ -310,4 +323,18 @@ class Agent return pack('Na*', $agent_reply_bytes, $agent_reply_data); } + + /** + * Forward data to SSH Agent and return data reply + * + * @param \phpseclib\Net\SSH2 $ssh + * @param integer $status + * @access private + */ + private function update_channel_status($ssh, $status) + { + $temp = Objects::getVar($ssh, 'channel_status'); + $temp[$this->request_channel] = $status; + Objects::setVar($ssh, 'channel_status', $temp); + } } diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php index 5777b6ab..fd36fef3 100644 --- a/phpseclib/System/SSH/Agent/Identity.php +++ b/phpseclib/System/SSH/Agent/Identity.php @@ -42,7 +42,7 @@ class Identity * @access private * @see self::getPublicKey() */ - var $key; + private $key; /** * Key Blob @@ -51,7 +51,7 @@ class Identity * @access private * @see self::sign() */ - var $key_blob; + private $key_blob; /** * Socket Resource @@ -60,7 +60,7 @@ class Identity * @access private * @see self::sign() */ - var $fsock; + private $fsock; /** * Default Constructor. @@ -69,7 +69,7 @@ class Identity * @return \phpseclib\System\SSH\Agent\Identity * @access private */ - function __construct($fsock) + public function __construct($fsock) { $this->fsock = $fsock; } @@ -82,7 +82,7 @@ class Identity * @param \phpseclib\Crypt\RSA $key * @access private */ - function setPublicKey($key) + public function setPublicKey($key) { $this->key = $key; $this->key->setPublicKey(); @@ -97,7 +97,7 @@ class Identity * @param string $key_blob * @access private */ - function setPublicKeyBlob($key_blob) + public function setPublicKeyBlob($key_blob) { $this->key_blob = $key_blob; } @@ -111,7 +111,7 @@ class Identity * @return mixed * @access public */ - function getPublicKey($type = 'PKCS8') + public function getPublicKey($type = 'PKCS8') { return $this->key->getPublicKey($type); } @@ -125,7 +125,7 @@ class Identity * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported * @access public */ - function setHash($hash = 'sha1') + public function setHash($hash = 'sha1') { if ($hash != 'sha1') { throw new UnsupportedAlgorithmException('ssh-agent can only be used with the sha1 hash'); @@ -144,7 +144,7 @@ class Identity * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported * @access public */ - function sign($message, $padding = RSA::PADDING_PKCS1) + public function sign($message, $padding = RSA::PADDING_PKCS1) { if ($padding != RSA::PADDING_PKCS1 && $padding != RSA::PADDING_RELAXED_PKCS1) { throw new UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures'); diff --git a/tests/PhpseclibTestCase.php b/tests/PhpseclibTestCase.php index 6335128b..ec3dc885 100644 --- a/tests/PhpseclibTestCase.php +++ b/tests/PhpseclibTestCase.php @@ -109,4 +109,12 @@ abstract class PhpseclibTestCase extends PHPUnit_Framework_TestCase $prop->setAccessible(true); return $prop->getValue($obj); } + + public static function callFunc($obj, $func, $params = array()) + { + $reflection = new ReflectionClass(get_class($obj)); + $method = $reflection->getMethod($func); + $method->setAccessible(true); + return $method->invokeArgs($obj, $params); + } } diff --git a/tests/Unit/Net/SSH1Test.php b/tests/Unit/Net/SSH1Test.php index 6073e1ff..78526e7b 100644 --- a/tests/Unit/Net/SSH1Test.php +++ b/tests/Unit/Net/SSH1Test.php @@ -34,7 +34,7 @@ class Unit_Net_SSH1Test extends PhpseclibTestCase ->setMethods(null) ->getMock(); - $result = $ssh->_format_log($message_log, $message_number_log); + $result = self::callFunc($ssh, 'format_log', array($message_log, $message_number_log)); $this->assertEquals($expected, $result); } diff --git a/tests/Unit/Net/SSH2Test.php b/tests/Unit/Net/SSH2Test.php index 1d3c6439..e7057b67 100644 --- a/tests/Unit/Net/SSH2Test.php +++ b/tests/Unit/Net/SSH2Test.php @@ -32,13 +32,13 @@ class Unit_Net_SSH2Test extends PhpseclibTestCase { $ssh = $this->createSSHMock(); - $result = $ssh->_format_log($message_log, $message_number_log); + $result = self::callFunc($ssh, 'format_log', array($message_log, $message_number_log)); $this->assertEquals($expected, $result); } public function testGenerateIdentifier() { - $identifier = $this->createSSHMock()->_generate_identifier(); + $identifier = self::callFunc($this->createSSHMock(), 'generate_identifier'); $this->assertStringStartsWith('SSH-2.0-phpseclib_2.0', $identifier); if (extension_loaded('libsodium')) { From 8e446717661a7ba62f83ba6391db3826fb8b0bb1 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 21 Jan 2017 15:51:49 -0600 Subject: [PATCH 21/24] visibility fixes --- phpseclib/Common/Functions/Objects.php | 6 +++--- phpseclib/System/SSH/Agent.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/phpseclib/Common/Functions/Objects.php b/phpseclib/Common/Functions/Objects.php index 4a386e4f..cb87b1a7 100644 --- a/phpseclib/Common/Functions/Objects.php +++ b/phpseclib/Common/Functions/Objects.php @@ -29,7 +29,7 @@ abstract class Objects * @param Object $obj * @param string $var * @return mixed - * @access private + * @access public */ public static function getVar($obj, $var) { @@ -46,7 +46,7 @@ abstract class Objects * @param string $var * @param mixed $val * @return mixed - * @access private + * @access public */ public static function setVar($obj, $var, $val) { @@ -63,7 +63,7 @@ abstract class Objects * @param string $func * @param array $params * @return mixed - * @access private + * @access public */ public static function callFunc($obj, $func, $params = array()) { diff --git a/phpseclib/System/SSH/Agent.php b/phpseclib/System/SSH/Agent.php index 489364d6..29182d10 100644 --- a/phpseclib/System/SSH/Agent.php +++ b/phpseclib/System/SSH/Agent.php @@ -279,7 +279,7 @@ class Agent * @param Net_SSH2 $ssh * @access private */ - public function on_channel_open($ssh) + private function on_channel_open($ssh) { if ($this->forward_status == self::FORWARD_REQUEST) { $this->request_forwarding($ssh); From 1bde98fc422e7d7803500947e74eaa86783ea82e Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 24 Jan 2017 07:04:59 -0600 Subject: [PATCH 22/24] Crypt: OpenSSL apparently supports variable size keys --- phpseclib/Crypt/Blowfish.php | 2 +- phpseclib/Crypt/RC4.php | 17 ++---------- tests/Unit/Crypt/BlowfishTest.php | 44 +++++++++++++++++++++++++++++++ tests/Unit/Crypt/RC4Test.php | 39 +++++++++++++++++++++++++++ 4 files changed, 86 insertions(+), 16 deletions(-) diff --git a/phpseclib/Crypt/Blowfish.php b/phpseclib/Crypt/Blowfish.php index e610209b..5be5ce3a 100644 --- a/phpseclib/Crypt/Blowfish.php +++ b/phpseclib/Crypt/Blowfish.php @@ -390,7 +390,7 @@ class Crypt_Blowfish extends Crypt_Base function isValidEngine($engine) { if ($engine == CRYPT_ENGINE_OPENSSL) { - if ($this->key_length != 16) { + if ($this->key_length < 16) { return false; } $this->cipher_name_openssl_ecb = 'bf-ecb'; diff --git a/phpseclib/Crypt/RC4.php b/phpseclib/Crypt/RC4.php index ce29e6af..62145548 100644 --- a/phpseclib/Crypt/RC4.php +++ b/phpseclib/Crypt/RC4.php @@ -189,21 +189,8 @@ class Crypt_RC4 extends Crypt_Base */ function isValidEngine($engine) { - switch ($engine) { - case CRYPT_ENGINE_OPENSSL: - switch (strlen($this->key)) { - case 5: - $this->cipher_name_openssl = 'rc4-40'; - break; - case 8: - $this->cipher_name_openssl = 'rc4-64'; - break; - case 16: - $this->cipher_name_openssl = 'rc4'; - break; - default: - return false; - } + if ($engine == CRYPT_ENGINE_OPENSSL) { + $this->cipher_name_openssl = 'rc4-40'; } return parent::isValidEngine($engine); diff --git a/tests/Unit/Crypt/BlowfishTest.php b/tests/Unit/Crypt/BlowfishTest.php index 92553e25..87406c13 100644 --- a/tests/Unit/Crypt/BlowfishTest.php +++ b/tests/Unit/Crypt/BlowfishTest.php @@ -6,6 +6,7 @@ */ require_once 'Crypt/Blowfish.php'; +require_once 'Crypt/Random.php'; class Unit_Crypt_BlowfishTest extends PhpseclibTestCase { @@ -83,4 +84,47 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase $plaintext = bin2hex($plaintext); $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engineName engine"); } + + public function testKeySizes() + { + $objects = $engines = array(); + $temp = new Crypt_Blowfish(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_INTERNAL); + $objects[] = $temp; + $engines[] = 'internal'; + + if ($temp->isValidEngine(CRYPT_ENGINE_MCRYPT)) { + $temp = new Crypt_Blowfish(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_MCRYPT); + $objects[] = $temp; + $engines[] = 'mcrypt'; + } + + if ($temp->isValidEngine(CRYPT_ENGINE_OPENSSL)) { + $temp = new Crypt_Blowfish(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_OPENSSL); + $objects[] = $temp; + $engines[] = 'OpenSSL'; + } + + if (count($objects) < 2) { + self::markTestSkipped('Unable to initialize two or more engines'); + } + + for ($i = 0; $i < count($objects); $i++) { + $objects[$i]->setIV(str_repeat('x', $objects[$i]->getBlockLength() >> 3)); + } + + $plaintext = str_repeat('.', 100); + + for ($keyLen = 4; $keyLen <= 56; $keyLen++) { + $key = crypt_random_string($keyLen); + $objects[0]->setKey($key); + $ref = $objects[0]->encrypt($plaintext); + for ($i = 1; $i < count($objects); $i++) { + $objects[$i]->setKey($key); + $this->assertEquals($ref, $objects[$i]->encrypt($plaintext), "Failed asserting that {$engines[$i]} yields the same output as the internal engine with a key size of $keyLen"); + } + } + } } diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index a9c3ffdc..4ba34e3d 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -208,4 +208,43 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase $result = $rc4->encrypt(str_repeat("\0", $offset + 16)); $this->assertEquals(bin2hex(substr($result, -16)), $expected, "Failed asserting that key $key yielded expected output at offset $offset in $engineName engine"); } + + public function testKeySizes() + { + $objects = $engines = array(); + $temp = new Crypt_RC4(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_INTERNAL); + $objects[] = $temp; + $engines[] = 'internal'; + + if ($temp->isValidEngine(CRYPT_ENGINE_MCRYPT)) { + $temp = new Crypt_RC4(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_MCRYPT); + $objects[] = $temp; + $engines[] = 'mcrypt'; + } + + if ($temp->isValidEngine(CRYPT_ENGINE_OPENSSL)) { + $temp = new Crypt_RC4(CRYPT_MODE_CTR); + $temp->setPreferredEngine(CRYPT_ENGINE_OPENSSL); + $objects[] = $temp; + $engines[] = 'OpenSSL'; + } + + if (count($objects) < 2) { + self::markTestSkipped('Unable to initialize two or more engines'); + } + + $plaintext = str_repeat('.', 100); + + for ($keyLen = 5; $keyLen <= 256; $keyLen++) { + $key = crypt_random_string($keyLen); + $objects[0]->setKey($key); + $ref = $objects[0]->encrypt($plaintext); + for ($i = 1; $i < count($objects); $i++) { + $objects[$i]->setKey($key); + $this->assertEquals($ref, $objects[$i]->encrypt($plaintext), "Failed asserting that {$engines[$i]} yields the same output as the internal engine with a key size of $keyLen"); + } + } + } } From 062ee6b5b5bd9da3c6e8b441b68cae920f1e48fa Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 27 Jan 2017 12:29:00 -0600 Subject: [PATCH 23/24] Tests: crypt_random_string -> Random::string --- tests/Unit/Crypt/BlowfishTest.php | 3 ++- tests/Unit/Crypt/RC4Test.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/Unit/Crypt/BlowfishTest.php b/tests/Unit/Crypt/BlowfishTest.php index c523425d..e9bb4c86 100644 --- a/tests/Unit/Crypt/BlowfishTest.php +++ b/tests/Unit/Crypt/BlowfishTest.php @@ -7,6 +7,7 @@ use phpseclib\Crypt\Base; use phpseclib\Crypt\Blowfish; +use phpseclib\Crypt\Random; class Unit_Crypt_BlowfishTest extends PhpseclibTestCase { @@ -118,7 +119,7 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase $plaintext = str_repeat('.', 100); for ($keyLen = 4; $keyLen <= 56; $keyLen++) { - $key = crypt_random_string($keyLen); + $key = Random::string($keyLen); $objects[0]->setKey($key); $ref = $objects[0]->encrypt($plaintext); for ($i = 1; $i < count($objects); $i++) { diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index ce16b13f..cc0b4d5c 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -7,6 +7,7 @@ use phpseclib\Crypt\Base; use phpseclib\Crypt\RC4; +use phpseclib\Crypt\Random; class Unit_Crypt_RC4Test extends PhpseclibTestCase { @@ -239,7 +240,7 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase $plaintext = str_repeat('.', 100); for ($keyLen = 5; $keyLen <= 256; $keyLen++) { - $key = crypt_random_string($keyLen); + $key = Random::string($keyLen); $objects[0]->setKey($key); $ref = $objects[0]->encrypt($plaintext); for ($i = 1; $i < count($objects); $i++) { From 9220bcd49a1f981791ee45f8e8178658c8951ed2 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 27 Jan 2017 14:44:21 -0600 Subject: [PATCH 24/24] fix bad merge --- tests/Unit/Crypt/BlowfishTest.php | 16 ++++++++-------- tests/Unit/Crypt/RC4Test.php | 16 ++++++++-------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/Unit/Crypt/BlowfishTest.php b/tests/Unit/Crypt/BlowfishTest.php index a7b6a057..c516da25 100644 --- a/tests/Unit/Crypt/BlowfishTest.php +++ b/tests/Unit/Crypt/BlowfishTest.php @@ -90,21 +90,21 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase public function testKeySizes() { $objects = $engines = array(); - $temp = new Blowfish(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_INTERNAL); + $temp = new Blowfish(Blowfish::MODE_CTR); + $temp->setPreferredEngine(Blowfish::ENGINE_INTERNAL); $objects[] = $temp; $engines[] = 'internal'; - if ($temp->isValidEngine(Base::ENGINE_MCRYPT)) { - $temp = new Blowfish(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_MCRYPT); + if ($temp->isValidEngine(Blowfish::ENGINE_MCRYPT)) { + $temp = new Blowfish(Blowfish::MODE_CTR); + $temp->setPreferredEngine(Blowfish::ENGINE_MCRYPT); $objects[] = $temp; $engines[] = 'mcrypt'; } - if ($temp->isValidEngine(Base::ENGINE_OPENSSL)) { - $temp = new Blowfish(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_OPENSSL); + if ($temp->isValidEngine(Blowfish::ENGINE_OPENSSL)) { + $temp = new Blowfish(Blowfish::MODE_CTR); + $temp->setPreferredEngine(Blowfish::ENGINE_OPENSSL); $objects[] = $temp; $engines[] = 'OpenSSL'; } diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index b6a8760e..a8405354 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -214,21 +214,21 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase public function testKeySizes() { $objects = $engines = array(); - $temp = new RC4(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_INTERNAL); + $temp = new RC4(RC4::MODE_CTR); + $temp->setPreferredEngine(RC4::ENGINE_INTERNAL); $objects[] = $temp; $engines[] = 'internal'; - if ($temp->isValidEngine(Base::ENGINE_MCRYPT)) { - $temp = new RC4(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_MCRYPT); + if ($temp->isValidEngine(RC4::ENGINE_MCRYPT)) { + $temp = new RC4(RC4::MODE_CTR); + $temp->setPreferredEngine(RC4::ENGINE_MCRYPT); $objects[] = $temp; $engines[] = 'mcrypt'; } - if ($temp->isValidEngine(Base::ENGINE_OPENSSL)) { - $temp = new RC4(Base::MODE_CTR); - $temp->setPreferredEngine(Base::ENGINE_OPENSSL); + if ($temp->isValidEngine(RC4::ENGINE_OPENSSL)) { + $temp = new RC4(RC4::MODE_CTR); + $temp->setPreferredEngine(RC4::ENGINE_OPENSSL); $objects[] = $temp; $engines[] = 'OpenSSL'; }