mirror of
https://github.com/danog/tgseclib.git
synced 2025-01-22 05:51:20 +01:00
Merge pull request #308 from terrafrost/ssh2-connect-after-login
SSH2: connect to server in login() function * terrafrost/ssh2-connect-after-login: SSH2: move _connect() call to _login() from login() SSH2: phpdoc updates SSH: clarify role of constructor / connection timeout SSH1: do fsockopen() call when login has been called SSH2: != -> |= SSH2: phpdoc changes SSH2: syntax error SSH2: timeout set in constructor != timeout set by setTimeout() SSH2: add phpdoc header SSH2: connect to server in login() function
This commit is contained in:
commit
652788ac34
@ -182,8 +182,9 @@ define('NET_SSH1_RESPONSE_DATA', 2);
|
||||
* @access private
|
||||
*/
|
||||
define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001);
|
||||
define('NET_SSH1_MASK_LOGIN', 0x00000002);
|
||||
define('NET_SSH1_MASK_SHELL', 0x00000004);
|
||||
define('NET_SSH1_MASK_CONNECTED', 0x00000002);
|
||||
define('NET_SSH1_MASK_LOGIN', 0x00000004);
|
||||
define('NET_SSH1_MASK_SHELL', 0x00000008);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
@ -457,6 +458,51 @@ class Net_SSH1
|
||||
*/
|
||||
var $log_short_width = 16;
|
||||
|
||||
/**
|
||||
* Hostname
|
||||
*
|
||||
* @see Net_SSH1::Net_SSH1()
|
||||
* @see Net_SSH1::_connect()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $host;
|
||||
|
||||
/**
|
||||
* Port Number
|
||||
*
|
||||
* @see Net_SSH1::Net_SSH1()
|
||||
* @see Net_SSH1::_connect()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $port;
|
||||
|
||||
/**
|
||||
* Timeout for initial connection
|
||||
*
|
||||
* Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like
|
||||
* exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor,
|
||||
* however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be
|
||||
* 10 seconds. It is used by fsockopen() in that function.
|
||||
*
|
||||
* @see Net_SSH1::Net_SSH1()
|
||||
* @see Net_SSH1::_connect()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $connectionTimeout;
|
||||
|
||||
/**
|
||||
* Default cipher
|
||||
*
|
||||
* @see Net_SSH1::Net_SSH1()
|
||||
* @see Net_SSH1::_connect()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $cipher;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
@ -505,10 +551,24 @@ class Net_SSH1
|
||||
|
||||
$this->_define_array($this->protocol_flags);
|
||||
|
||||
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
||||
$this->host = $host;
|
||||
$this->port = $port;
|
||||
$this->connectionTimeout = $timeout;
|
||||
$this->cipher = $cipher;
|
||||
}
|
||||
|
||||
/**
|
||||
* Connect to an SSHv1 server
|
||||
*
|
||||
* @return Boolean
|
||||
* @access private
|
||||
*/
|
||||
function _connect()
|
||||
{
|
||||
$this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->connectionTimeout);
|
||||
if (!$this->fsock) {
|
||||
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
|
||||
return;
|
||||
user_error(rtrim("Cannot connect to {$this->host}:{$this->port}. Error $errno. $errstr"));
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->server_identification = $init_line = fgets($this->fsock, 255);
|
||||
@ -520,11 +580,11 @@ class Net_SSH1
|
||||
|
||||
if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) {
|
||||
user_error('Can only connect to SSH servers');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
if ($parts[1][0] != 1) {
|
||||
user_error("Cannot connect to SSH $parts[1] servers");
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
fputs($this->fsock, $this->identifier."\r\n");
|
||||
@ -532,7 +592,7 @@ class Net_SSH1
|
||||
$response = $this->_get_binary_packet();
|
||||
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) {
|
||||
user_error('Expected SSH_SMSG_PUBLIC_KEY');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
$anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8);
|
||||
@ -612,12 +672,12 @@ class Net_SSH1
|
||||
);
|
||||
}
|
||||
|
||||
$cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES;
|
||||
$cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : NET_SSH1_CIPHER_3DES;
|
||||
$data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0);
|
||||
|
||||
if (!$this->_send_binary_packet($data)) {
|
||||
user_error('Error sending SSH_CMSG_SESSION_KEY');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
switch ($cipher) {
|
||||
@ -656,10 +716,12 @@ class Net_SSH1
|
||||
|
||||
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
||||
user_error('Expected SSH_SMSG_SUCCESS');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->bitmap = NET_SSH1_MASK_CONSTRUCTOR;
|
||||
$this->bitmap = NET_SSH1_MASK_CONNECTED;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -673,6 +735,13 @@ class Net_SSH1
|
||||
function login($username, $password = '')
|
||||
{
|
||||
if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) {
|
||||
$this->bitmap |= NET_SSH1_MASK_CONSTRUCTOR;
|
||||
if (!$this->_connect()) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (!($this->bitmap & NET_SSH1_MASK_CONNECTED)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -73,10 +73,11 @@
|
||||
* @access private
|
||||
*/
|
||||
define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001);
|
||||
define('NET_SSH2_MASK_LOGIN_REQ', 0x00000002);
|
||||
define('NET_SSH2_MASK_LOGIN', 0x00000004);
|
||||
define('NET_SSH2_MASK_SHELL', 0x00000008);
|
||||
define('NET_SSH2_MASK_WINDOW_ADJUST', 0X00000010);
|
||||
define('NET_SSH2_MASK_CONNECTED', 0x00000002);
|
||||
define('NET_SSH2_MASK_LOGIN_REQ', 0x00000004);
|
||||
define('NET_SSH2_MASK_LOGIN', 0x00000008);
|
||||
define('NET_SSH2_MASK_SHELL', 0x00000010);
|
||||
define('NET_SSH2_MASK_WINDOW_ADJUST', 0X00000020);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
@ -669,6 +670,7 @@ class Net_SSH2
|
||||
/**
|
||||
* Time of first network activity
|
||||
*
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $last_packet;
|
||||
@ -684,6 +686,7 @@ class Net_SSH2
|
||||
/**
|
||||
* Flag to request a PTY when using exec()
|
||||
*
|
||||
* @var Boolean
|
||||
* @see Net_SSH2::enablePTY()
|
||||
* @access private
|
||||
*/
|
||||
@ -692,6 +695,7 @@ class Net_SSH2
|
||||
/**
|
||||
* Flag set while exec() is running when using enablePTY()
|
||||
*
|
||||
* @var Boolean
|
||||
* @access private
|
||||
*/
|
||||
var $in_request_pty_exec = false;
|
||||
@ -699,6 +703,7 @@ class Net_SSH2
|
||||
/**
|
||||
* Flag set after startSubsystem() is called
|
||||
*
|
||||
* @var Boolean
|
||||
* @access private
|
||||
*/
|
||||
var $in_subsystem;
|
||||
@ -706,6 +711,7 @@ class Net_SSH2
|
||||
/**
|
||||
* Contents of stdError
|
||||
*
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $stdErrorLog;
|
||||
@ -714,6 +720,7 @@ class Net_SSH2
|
||||
* The Last Interactive Response
|
||||
*
|
||||
* @see Net_SSH2::_keyboard_interactive_process()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $last_interactive_response = '';
|
||||
@ -722,6 +729,7 @@ class Net_SSH2
|
||||
* Keyboard Interactive Request / Responses
|
||||
*
|
||||
* @see Net_SSH2::_keyboard_interactive_process()
|
||||
* @var Array
|
||||
* @access private
|
||||
*/
|
||||
var $keyboard_requests_responses = array();
|
||||
@ -734,6 +742,7 @@ class Net_SSH2
|
||||
*
|
||||
* @see Net_SSH2::_filter()
|
||||
* @see Net_SSH2::getBannerMessage()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $banner_message = '';
|
||||
@ -741,7 +750,8 @@ class Net_SSH2
|
||||
/**
|
||||
* Did read() timeout or return normally?
|
||||
*
|
||||
* @see Net_SSH2::isTimeout
|
||||
* @see Net_SSH2::isTimeout()
|
||||
* @var Boolean
|
||||
* @access private
|
||||
*/
|
||||
var $is_timeout = false;
|
||||
@ -749,7 +759,8 @@ class Net_SSH2
|
||||
/**
|
||||
* Log Boundary
|
||||
*
|
||||
* @see Net_SSH2::_format_log
|
||||
* @see Net_SSH2::_format_log()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $log_boundary = ':';
|
||||
@ -757,7 +768,8 @@ class Net_SSH2
|
||||
/**
|
||||
* Log Long Width
|
||||
*
|
||||
* @see Net_SSH2::_format_log
|
||||
* @see Net_SSH2::_format_log()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $log_long_width = 65;
|
||||
@ -765,19 +777,54 @@ class Net_SSH2
|
||||
/**
|
||||
* Log Short Width
|
||||
*
|
||||
* @see Net_SSH2::_format_log
|
||||
* @see Net_SSH2::_format_log()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $log_short_width = 16;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
* Hostname
|
||||
*
|
||||
* Connects to an SSHv2 server
|
||||
* @see Net_SSH2::Net_SSH2()
|
||||
* @see Net_SSH2::_connect()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $host;
|
||||
|
||||
/**
|
||||
* Port Number
|
||||
*
|
||||
* @see Net_SSH2::Net_SSH2()
|
||||
* @see Net_SSH2::_connect()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $port;
|
||||
|
||||
/**
|
||||
* Timeout for initial connection
|
||||
*
|
||||
* Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like
|
||||
* exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor,
|
||||
* however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be
|
||||
* 10 seconds. It is used by fsockopen() and the initial stream_select in that function.
|
||||
*
|
||||
* @see Net_SSH2::Net_SSH2()
|
||||
* @see Net_SSH2::_connect()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $connectionTimeout;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @param String $host
|
||||
* @param optional Integer $port
|
||||
* @param optional Integer $timeout
|
||||
* @see Net_SSH2::login()
|
||||
* @return Net_SSH2
|
||||
* @access public
|
||||
*/
|
||||
@ -797,7 +844,6 @@ class Net_SSH2
|
||||
include_once 'Crypt/Hash.php';
|
||||
}
|
||||
|
||||
$this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5
|
||||
$this->message_numbers = array(
|
||||
1 => 'NET_SSH2_MSG_DISCONNECT',
|
||||
2 => 'NET_SSH2_MSG_IGNORE',
|
||||
@ -868,11 +914,29 @@ class Net_SSH2
|
||||
61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE')
|
||||
);
|
||||
|
||||
$this->host = $host;
|
||||
$this->port = $port;
|
||||
$this->connectionTimeout = $timeout;
|
||||
}
|
||||
|
||||
/**
|
||||
* Connect to an SSHv2 server
|
||||
*
|
||||
* @return Boolean
|
||||
* @access private
|
||||
*/
|
||||
function _connect()
|
||||
{
|
||||
$timeout = $this->connectionTimeout;
|
||||
$host = $this->host . ':' . $this->port;
|
||||
|
||||
$this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5
|
||||
|
||||
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
||||
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
||||
$this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $timeout);
|
||||
if (!$this->fsock) {
|
||||
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
$elapsed = strtok(microtime(), ' ') + strtok('') - $start;
|
||||
|
||||
@ -880,7 +944,7 @@ class Net_SSH2
|
||||
|
||||
if ($timeout <= 0) {
|
||||
user_error(rtrim("Cannot connect to $host. Timeout error"));
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
$read = array($this->fsock);
|
||||
@ -893,7 +957,7 @@ class Net_SSH2
|
||||
// the !count() is done as a workaround for <https://bugs.php.net/42682>
|
||||
if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) {
|
||||
user_error(rtrim("Cannot connect to $host. Banner timeout"));
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
/* According to the SSH2 specs,
|
||||
@ -932,7 +996,7 @@ class Net_SSH2
|
||||
|
||||
if ($matches[1] != '1.99' && $matches[1] != '2.0') {
|
||||
user_error("Cannot connect to SSH $matches[1] servers");
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
fputs($this->fsock, $this->identifier . "\r\n");
|
||||
@ -940,19 +1004,21 @@ class Net_SSH2
|
||||
$response = $this->_get_binary_packet();
|
||||
if ($response === false) {
|
||||
user_error('Connection closed by server');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
||||
user_error('Expected SSH_MSG_KEXINIT');
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->_key_exchange($response)) {
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->bitmap = NET_SSH2_MASK_CONSTRUCTOR;
|
||||
$this->bitmap = NET_SSH2_MASK_CONNECTED;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1710,6 +1776,13 @@ class Net_SSH2
|
||||
*/
|
||||
function _login($username)
|
||||
{
|
||||
if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) {
|
||||
$this->bitmap |= NET_SSH2_MASK_CONSTRUCTOR;
|
||||
if (!$this->_connect()) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$args = array_slice(func_get_args(), 1);
|
||||
if (empty($args)) {
|
||||
return $this->_login_helper($username);
|
||||
@ -1735,7 +1808,7 @@ class Net_SSH2
|
||||
*/
|
||||
function _login_helper($username, $password = null)
|
||||
{
|
||||
if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) {
|
||||
if (!($this->bitmap & NET_SSH2_MASK_CONNECTED)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -2687,7 +2760,7 @@ class Net_SSH2
|
||||
}
|
||||
|
||||
// see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
|
||||
if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
|
||||
if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
|
||||
$this->_string_shift($payload, 1);
|
||||
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
||||
$this->banner_message = utf8_decode($this->_string_shift($payload, $length));
|
||||
@ -2695,7 +2768,7 @@ class Net_SSH2
|
||||
}
|
||||
|
||||
// only called when we've already logged in
|
||||
if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
||||
if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
||||
switch (ord($payload[0])) {
|
||||
case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
|
||||
$this->_string_shift($payload, 1);
|
||||
@ -2907,7 +2980,7 @@ class Net_SSH2
|
||||
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
|
||||
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
|
||||
$data = $this->_string_shift($response, $length);
|
||||
$this->stdErrorLog .= $data;
|
||||
$this->stdErrorLog.= $data;
|
||||
if ($skip_extended || $this->quiet_mode) {
|
||||
break;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user