1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-11-27 04:34:45 +01:00

Revamp SSH1 logging and go back to using user_error

(_handle_error returned the line number in _handle_error - not the line number triggering the error)
This commit is contained in:
terrafrost 2013-01-08 22:09:27 -06:00
parent 10d9671601
commit e71fc97913
9 changed files with 235 additions and 290 deletions

View File

@ -939,7 +939,7 @@ class Crypt_DES {
if (($length & 7) == 0) {
return $text;
} else {
$this->_handle_error("The plaintext's length ($length) is not a multiple of the block size (8)");
user_error("The plaintext's length ($length) is not a multiple of the block size (8)");
$this->padding = true;
}
}
@ -1291,24 +1291,6 @@ class Crypt_DES {
$string = substr($string, $index);
return $substr;
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}
// vim: ts=4:sw=4:et:

View File

@ -1746,7 +1746,7 @@ class Crypt_RSA {
{
$x = $x->toBytes();
if (strlen($x) > $xLen) {
$this->_handle_error('Integer too large');
user_error('Integer too large');
return false;
}
return str_pad($x, $xLen, chr(0), STR_PAD_LEFT);
@ -1907,7 +1907,7 @@ class Crypt_RSA {
function _rsaep($m)
{
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
$this->_handle_error('Message representative out of range');
user_error('Message representative out of range');
return false;
}
return $this->_exponentiate($m);
@ -1925,7 +1925,7 @@ class Crypt_RSA {
function _rsadp($c)
{
if ($c->compare($this->zero) < 0 || $c->compare($this->modulus) > 0) {
$this->_handle_error('Ciphertext representative out of range');
user_error('Ciphertext representative out of range');
return false;
}
return $this->_exponentiate($c);
@ -1943,7 +1943,7 @@ class Crypt_RSA {
function _rsasp1($m)
{
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
$this->_handle_error('Message representative out of range');
user_error('Message representative out of range');
return false;
}
return $this->_exponentiate($m);
@ -1961,7 +1961,7 @@ class Crypt_RSA {
function _rsavp1($s)
{
if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) {
$this->_handle_error('Signature representative out of range');
user_error('Signature representative out of range');
return false;
}
return $this->_exponentiate($s);
@ -2012,7 +2012,7 @@ class Crypt_RSA {
// be output.
if ($mLen > $this->k - 2 * $this->hLen - 2) {
$this->_handle_error('Message too long');
user_error('Message too long');
return false;
}
@ -2073,7 +2073,7 @@ class Crypt_RSA {
// be output.
if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
@ -2082,7 +2082,7 @@ class Crypt_RSA {
$c = $this->_os2ip($c);
$m = $this->_rsadp($c);
if ($m === false) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
$em = $this->_i2osp($m, $this->k);
@ -2100,12 +2100,12 @@ class Crypt_RSA {
$lHash2 = substr($db, 0, $this->hLen);
$m = substr($db, $this->hLen);
if ($lHash != $lHash2) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
$m = ltrim($m, chr(0));
if (ord($m[0]) != 1) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
@ -2130,7 +2130,7 @@ class Crypt_RSA {
// Length checking
if ($mLen > $this->k - 11) {
$this->_handle_error('Message too long');
user_error('Message too long');
return false;
}
@ -2179,7 +2179,7 @@ class Crypt_RSA {
// Length checking
if (strlen($c) != $this->k) { // or if k < 11
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
@ -2189,7 +2189,7 @@ class Crypt_RSA {
$m = $this->_rsadp($c);
if ($m === false) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
$em = $this->_i2osp($m, $this->k);
@ -2197,7 +2197,7 @@ class Crypt_RSA {
// EME-PKCS1-v1_5 decoding
if (ord($em[0]) != 0 || ord($em[1]) > 2) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
@ -2205,7 +2205,7 @@ class Crypt_RSA {
$m = substr($em, strlen($ps) + 3);
if (strlen($ps) < 8) {
$this->_handle_error('Decryption error');
user_error('Decryption error');
return false;
}
@ -2233,7 +2233,7 @@ class Crypt_RSA {
$mHash = $this->hash->hash($m);
if ($emLen < $this->hLen + $sLen + 2) {
$this->_handle_error('Encoding error');
user_error('Encoding error');
return false;
}
@ -2338,7 +2338,7 @@ class Crypt_RSA {
// Length checking
if (strlen($s) != $this->k) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
@ -2349,12 +2349,12 @@ class Crypt_RSA {
$s2 = $this->_os2ip($s);
$m2 = $this->_rsavp1($s2);
if ($m2 === false) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
$em = $this->_i2osp($m2, $modBits >> 3);
if ($em === false) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
@ -2404,7 +2404,7 @@ class Crypt_RSA {
$tLen = strlen($t);
if ($emLen < $tLen + 11) {
$this->_handle_error('Intended encoded message length too short');
user_error('Intended encoded message length too short');
return false;
}
@ -2430,7 +2430,7 @@ class Crypt_RSA {
$em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
if ($em === false) {
$this->_handle_error('RSA modulus too short');
user_error('RSA modulus too short');
return false;
}
@ -2459,7 +2459,7 @@ class Crypt_RSA {
// Length checking
if (strlen($s) != $this->k) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
@ -2468,12 +2468,12 @@ class Crypt_RSA {
$s = $this->_os2ip($s);
$m2 = $this->_rsavp1($s);
if ($m2 === false) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
$em = $this->_i2osp($m2, $this->k);
if ($em === false) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return false;
}
@ -2481,7 +2481,7 @@ class Crypt_RSA {
$em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
if ($em2 === false) {
$this->_handle_error('RSA modulus too short');
user_error('RSA modulus too short');
return false;
}
@ -2643,22 +2643,4 @@ class Crypt_RSA {
return $this->_rsassa_pss_verify($message, $signature);
}
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}

View File

@ -1387,7 +1387,7 @@ class Crypt_Rijndael {
if ($length % $this->block_size == 0) {
return $text;
} else {
$this->_handle_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})");
user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})");
$this->padding = true;
}
}
@ -1496,24 +1496,6 @@ class Crypt_Rijndael {
$string = substr($string, $index);
return $substr;
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}
// vim: ts=4:sw=4:et:

View File

@ -409,7 +409,7 @@ class File_ANSI {
case 47: $back = 'white'; break;
default:
$this->_handle_error('Unsupported attribute: ' . $mod);
user_error('Unsupported attribute: ' . $mod);
$this->ansi = '';
break 2;
}
@ -537,22 +537,4 @@ class File_ANSI {
return '<pre style="color: white; background: black" width="' . ($this->max_x + 1) . '">' . $scrollback . '</pre>';
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}

View File

@ -959,7 +959,7 @@ class File_ASN1 {
case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
$oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids);
if ($oid === false) {
$this->_handle_error('Invalid OID');
user_error('Invalid OID');
return false;
}
$value = '';
@ -1012,7 +1012,7 @@ class File_ASN1 {
$filters = $filters[$part];
}
if ($filters === false) {
$this->_handle_error('No filters defined for ' . implode('/', $loc));
user_error('No filters defined for ' . implode('/', $loc));
return false;
}
return $this->_encode_der($source, $filters + $mapping);
@ -1036,7 +1036,7 @@ class File_ASN1 {
$value = $source ? "\xFF" : "\x00";
break;
default:
$this->_handle_error('Mapping provides no type definition for ' . implode('/', $this->location));
user_error('Mapping provides no type definition for ' . implode('/', $this->location));
return false;
}
@ -1274,22 +1274,4 @@ class File_ASN1 {
}
return $out;
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}

View File

@ -1647,7 +1647,7 @@ class File_X509 {
$map = $this->_getMapping($id);
if (is_bool($map)) {
if (!$map) {
$this->_handle_error($id . ' is not a currently supported extension');
user_error($id . ' is not a currently supported extension');
unset($extensions[$i]);
}
} else {
@ -4320,22 +4320,4 @@ class File_X509 {
return false;
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}

View File

@ -399,7 +399,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_VERSION) {
$this->_handle_error('Expected SSH_FXP_VERSION');
user_error('Expected SSH_FXP_VERSION');
return false;
}
@ -588,7 +588,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
return false;
default:
$this->_handle_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
return false;
}
@ -645,7 +645,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
return false;
default:
$this->_handle_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
return false;
}
@ -655,7 +655,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -736,7 +736,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
return false;
default:
$this->_handle_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
return false;
}
@ -785,7 +785,7 @@ class Net_SFTP extends Net_SSH2 {
}
break 2;
default:
$this->_handle_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
return false;
}
}
@ -798,7 +798,7 @@ class Net_SFTP extends Net_SSH2 {
// -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1001,7 +1001,7 @@ class Net_SFTP extends Net_SSH2 {
return false;
}
$this->_handle_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
return false;
}
@ -1094,7 +1094,7 @@ class Net_SFTP extends Net_SSH2 {
*/
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1121,7 +1121,7 @@ class Net_SFTP extends Net_SSH2 {
return false;
}
$this->_handle_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
return false;
}
@ -1254,7 +1254,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1293,7 +1293,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1370,7 +1370,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
return false;
default:
$this->_handle_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
return false;
}
@ -1379,7 +1379,7 @@ class Net_SFTP extends Net_SSH2 {
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3
if ($mode & NET_SFTP_LOCAL_FILE) {
if (!is_file($data)) {
$this->_handle_error("$data is not a valid file");
user_error("$data is not a valid file");
return false;
}
$fp = @fopen($data, 'rb');
@ -1430,7 +1430,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1458,7 +1458,7 @@ class Net_SFTP extends Net_SSH2 {
while ($i--) {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1509,7 +1509,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
return false;
default:
$this->_handle_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
return false;
}
@ -1548,7 +1548,7 @@ class Net_SFTP extends Net_SSH2 {
$this->_logError($response);
break 2;
default:
$this->_handle_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS');
user_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS');
if ($local_file !== false) {
fclose($fp);
}
@ -1575,7 +1575,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1618,7 +1618,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}
@ -1737,7 +1737,7 @@ class Net_SFTP extends Net_SSH2 {
$response = $this->_get_sftp_packet();
if ($this->packet_type != NET_SFTP_STATUS) {
$this->_handle_error('Expected SSH_FXP_STATUS');
user_error('Expected SSH_FXP_STATUS');
return false;
}

View File

@ -246,6 +246,14 @@ define('NET_SSH1_LOG_SIMPLE', 1);
* Returns the message content
*/
define('NET_SSH1_LOG_COMPLEX', 2);
/**
* Outputs the content real-time
*/
define('NET_SSH2_LOG_REALTIME', 3);
/**
* Dumps the content real-time to a file
*/
define('NET_SSH2_LOG_REALTIME_FILE', 4);
/**#@-*/
/**#@+
@ -421,6 +429,33 @@ class Net_SSH1 {
*/
var $message_log = array();
/**
* Real-time log file pointer
*
* @see Net_SSH1::_append_log()
* @var Resource
* @access private
*/
var $realtime_log_file;
/**
* Real-time log file size
*
* @see Net_SSH1::_append_log()
* @var Integer
* @access private
*/
var $realtime_log_size;
/**
* Real-time log file wrap boolean
*
* @see Net_SSH1::_append_log()
* @var Boolean
* @access private
*/
var $realtime_log_wrap;
/**
* Interactive Buffer
*
@ -467,28 +502,23 @@ class Net_SSH1 {
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
if (!$this->fsock) {
$this->_handle_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
return;
}
$this->server_identification = $init_line = fgets($this->fsock, 255);
if (defined('NET_SSH1_LOGGING')) {
$this->protocol_flags_log[] = '<-';
$this->protocol_flags_log[] = '->';
if (NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) {
$this->message_log[] = $this->server_identification;
$this->message_log[] = $this->identifier . "\r\n";
}
$this->_append_log('<-', $this->server_identification);
$this->_append_log('->', $this->identifier . "\r\n");
}
if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) {
$this->_handle_error('Can only connect to SSH servers');
user_error('Can only connect to SSH servers');
return;
}
if ($parts[1][0] != 1) {
$this->_handle_error("Cannot connect to SSH $parts[1] servers");
user_error("Cannot connect to SSH $parts[1] servers");
return;
}
@ -496,7 +526,7 @@ class Net_SSH1 {
$response = $this->_get_binary_packet();
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) {
$this->_handle_error('Expected SSH_SMSG_PUBLIC_KEY');
user_error('Expected SSH_SMSG_PUBLIC_KEY');
return;
}
@ -581,7 +611,7 @@ class Net_SSH1 {
$data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_SESSION_KEY');
user_error('Error sending SSH_CMSG_SESSION_KEY');
return;
}
@ -611,7 +641,7 @@ class Net_SSH1 {
$response = $this->_get_binary_packet();
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
$this->_handle_error('Expected SSH_SMSG_SUCCESS');
user_error('Expected SSH_SMSG_SUCCESS');
return;
}
@ -635,7 +665,7 @@ class Net_SSH1 {
$data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_USER');
user_error('Error sending SSH_CMSG_USER');
return false;
}
@ -645,21 +675,21 @@ class Net_SSH1 {
$this->bitmap |= NET_SSH1_MASK_LOGIN;
return true;
} else if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) {
$this->_handle_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
return false;
}
$data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_AUTH_PASSWORD');
user_error('Error sending SSH_CMSG_AUTH_PASSWORD');
return false;
}
// remove the username and password from the last logged packet
if (defined('NET_SSH1_LOGGING') && NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) {
$data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen('password'), 'password');
$this->message_log[count($this->message_log) - 1] = $data; // zzzzz
$this->message_log[count($this->message_log) - 1] = $data;
}
$response = $this->_get_binary_packet();
@ -670,7 +700,7 @@ class Net_SSH1 {
} else if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) {
return false;
} else {
$this->_handle_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
return false;
}
}
@ -698,14 +728,14 @@ class Net_SSH1 {
function exec($cmd, $block = true)
{
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
$data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_EXEC_CMD');
user_error('Error sending SSH_CMSG_EXEC_CMD');
return false;
}
@ -750,21 +780,21 @@ class Net_SSH1 {
$data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_REQUEST_PTY');
user_error('Error sending SSH_CMSG_REQUEST_PTY');
return false;
}
$response = $this->_get_binary_packet();
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
$this->_handle_error('Expected SSH_SMSG_SUCCESS');
user_error('Expected SSH_SMSG_SUCCESS');
return false;
}
$data = pack('C', NET_SSH1_CMSG_EXEC_SHELL);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_EXEC_SHELL');
user_error('Error sending SSH_CMSG_EXEC_SHELL');
return false;
}
@ -803,12 +833,12 @@ class Net_SSH1 {
function read($expect, $mode = NET_SSH1_READ_SIMPLE)
{
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
$this->_handle_error('Unable to initiate an interactive shell session');
user_error('Unable to initiate an interactive shell session');
return false;
}
@ -838,19 +868,19 @@ class Net_SSH1 {
function interactiveWrite($cmd)
{
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
$this->_handle_error('Unable to initiate an interactive shell session');
user_error('Unable to initiate an interactive shell session');
return false;
}
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Error sending SSH_CMSG_STDIN');
user_error('Error sending SSH_CMSG_STDIN');
return false;
}
@ -873,12 +903,12 @@ class Net_SSH1 {
function interactiveRead()
{
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
$this->_handle_error('Unable to initiate an interactive shell session');
user_error('Unable to initiate an interactive shell session');
return false;
}
@ -957,7 +987,7 @@ class Net_SSH1 {
function _get_binary_packet()
{
if (feof($this->fsock)) {
//$this->_handle_error('connection closed prematurely');
//user_error('connection closed prematurely');
return false;
}
@ -981,7 +1011,7 @@ class Net_SSH1 {
$temp = unpack('Ncrc', substr($raw, -4));
//if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
// $this->_handle_error('Bad CRC in packet from server');
// user_error('Bad CRC in packet from server');
// return false;
//}
@ -989,11 +1019,9 @@ class Net_SSH1 {
if (defined('NET_SSH1_LOGGING')) {
$temp = isset($this->protocol_flags[$type]) ? $this->protocol_flags[$type] : 'UNKNOWN';
$this->protocol_flags_log[] = '<- ' . $temp .
' (' . round($stop - $start, 4) . 's)';
if (NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) {
$this->message_log[] = $data;
}
$temp = '<- ' . $temp .
' (' . round($stop - $start, 4) . 's)';
$this->_append_log($temp, $data);
}
return array(
@ -1014,7 +1042,7 @@ class Net_SSH1 {
*/
function _send_binary_packet($data) {
if (feof($this->fsock)) {
//$this->_handle_error('connection closed prematurely');
//user_error('connection closed prematurely');
return false;
}
@ -1035,14 +1063,12 @@ class Net_SSH1 {
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
$result = strlen($packet) == fputs($this->fsock, $packet);
$stop = strtok(microtime(), ' ') + strtok('');
if (defined('NET_SSH1_LOGGING')) {
$temp = isset($this->protocol_flags[ord($orig[0])]) ? $this->protocol_flags[ord($orig[0])] : 'UNKNOWN';
$this->protocol_flags_log[] = '-> ' . $temp .
' (' . round($stop - $start, 4) . 's)';
if (NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) {
$this->message_log[] = substr($orig, 1);
}
$temp = '-> ' . $temp .
' (' . round($stop - $start, 4) . 's)';
$this->_append_log($temp, $data);
}
return $result;
@ -1417,20 +1443,67 @@ class Net_SSH1 {
}
/**
* Error Handler
* Logs data packets
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
* Makes sure that only the last 1MB worth of packets will be logged
*
* @param String $string
* @param String $data
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
function _append_log($protocol_flags, $message)
{
echo "WTF\r\n";
switch (NET_SSH1_LOGGING) {
// useful for benchmarks
case NET_SSH1_LOG_SIMPLE:
$this->protocol_flags_log[] = $protocol_flags;
break;
// the most useful log for SSH1
case NET_SSH1_LOG_COMPLEX:
$this->protocol_flags_log[] = $protocol_flags;
$this->_string_shift($message);
$this->log_size+= strlen($message);
$this->message_log[] = $message;
while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) {
$this->log_size-= strlen(array_shift($this->message_log));
array_shift($this->protocol_flags_log);
}
break;
// dump the output out realtime; packets may be interspersed with non packets,
// passwords won't be filtered out and select other packets may not be correctly
// identified
case NET_SSH1_LOG_REALTIME:
echo "<pre>\r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n</pre>\r\n";
@flush();
@ob_flush();
break;
// basically the same thing as NET_SSH1_LOG_REALTIME with the caveat that NET_SSH1_LOG_REALTIME_FILE
// needs to be defined and that the resultant log file will be capped out at NET_SSH1_LOG_MAX_SIZE.
// the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily
// at the beginning of the file
case NET_SSH1_LOG_REALTIME_FILE:
if (!isset($this->realtime_log_file)) {
// PHP doesn't seem to like using constants in fopen()
$filename = NET_SSH2_LOG_REALTIME_FILE;
$fp = fopen($filename, 'w');
$this->realtime_log_file = $fp;
}
if (!is_resource($this->realtime_log_file)) {
break;
}
$entry = $this->_format_log(array($message), array($protocol_flags));
if ($this->realtime_log_wrap) {
$temp = "<<< START >>>\r\n";
$entry.= $temp;
fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp));
}
$this->realtime_log_size+= strlen($entry);
if ($this->realtime_log_size > NET_SSH1_LOG_MAX_SIZE) {
fseek($this->realtime_log_file, 0);
$this->realtime_log_size = strlen($entry);
$this->realtime_log_wrap = true;
}
fputs($this->realtime_log_file, $entry);
}
}
}

View File

@ -663,6 +663,7 @@ class Net_SSH2 {
* Real-time log file pointer
*
* @see Net_SSH2::_append_log()
* @var Resource
* @access private
*/
var $realtime_log_file;
@ -671,6 +672,7 @@ class Net_SSH2 {
* Real-time log file size
*
* @see Net_SSH2::_append_log()
* @var Integer
* @access private
*/
var $realtime_log_size;
@ -679,6 +681,7 @@ class Net_SSH2 {
* Has the signature been validated?
*
* @see Net_SSH2::getServerPublicHostKey()
* @var Boolean
* @access private
*/
var $signature_validated = false;
@ -793,7 +796,7 @@ class Net_SSH2 {
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
if (!$this->fsock) {
$this->_handle_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
return;
}
$elapsed = strtok(microtime(), ' ') + strtok('') - $start;
@ -801,7 +804,7 @@ class Net_SSH2 {
$timeout-= $elapsed;
if ($timeout <= 0) {
$this->_handle_error(rtrim("Cannot connect to $host. Timeout error"));
user_error(rtrim("Cannot connect to $host. Timeout error"));
return;
}
@ -814,7 +817,7 @@ class Net_SSH2 {
// on windows this returns a "Warning: Invalid CRT parameters detected" error
// the !count() is done as a workaround for <https://bugs.php.net/42682>
if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) {
$this->_handle_error(rtrim("Cannot connect to $host. Banner timeout"));
user_error(rtrim("Cannot connect to $host. Banner timeout"));
return;
}
@ -836,7 +839,7 @@ class Net_SSH2 {
}
if (feof($this->fsock)) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -855,13 +858,8 @@ class Net_SSH2 {
}
if (defined('NET_SSH2_LOGGING')) {
$this->message_number_log[] = '<-';
$this->message_number_log[] = '->';
if (NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
$this->message_log[] = $extra . $temp;
$this->message_log[] = $this->identifier . "\r\n";
}
$this->_append_log('<-', $extra . $temp);
$this->_append_log('->', $this->identifier . "\r\n");
}
$this->server_identifier = trim($temp, "\r\n");
@ -870,7 +868,7 @@ class Net_SSH2 {
}
if ($matches[1] != '1.99' && $matches[1] != '2.0') {
$this->_handle_error("Cannot connect to SSH $matches[1] servers");
user_error("Cannot connect to SSH $matches[1] servers");
return;
}
@ -878,12 +876,12 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return;
}
if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
$this->_handle_error('Expected SSH_MSG_KEXINIT');
user_error('Expected SSH_MSG_KEXINIT');
return;
}
@ -1025,7 +1023,7 @@ class Net_SSH2 {
// we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_server_to_client); $i++);
if ($i == count($encryption_algorithms)) {
$this->_handle_error('No compatible server to client encryption algorithms found');
user_error('No compatible server to client encryption algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1062,7 +1060,7 @@ class Net_SSH2 {
for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_client_to_server); $i++);
if ($i == count($encryption_algorithms)) {
$this->_handle_error('No compatible client to server encryption algorithms found');
user_error('No compatible client to server encryption algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1100,7 +1098,7 @@ class Net_SSH2 {
// through diffie-hellman key exchange a symmetric key is obtained
for ($i = 0; $i < count($kex_algorithms) && !in_array($kex_algorithms[$i], $this->kex_algorithms); $i++);
if ($i == count($kex_algorithms)) {
$this->_handle_error('No compatible key exchange algorithms found');
user_error('No compatible key exchange algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1152,19 +1150,19 @@ class Net_SSH2 {
$data = pack('CNa*', NET_SSH2_MSG_KEXDH_INIT, strlen($eBytes), $eBytes);
if (!$this->_send_binary_packet($data)) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
extract(unpack('Ctype', $this->_string_shift($response, 1)));
if ($type != NET_SSH2_MSG_KEXDH_REPLY) {
$this->_handle_error('Expected SSH_MSG_KEXDH_REPLY');
user_error('Expected SSH_MSG_KEXDH_REPLY');
return false;
}
@ -1202,12 +1200,12 @@ class Net_SSH2 {
for ($i = 0; $i < count($server_host_key_algorithms) && !in_array($server_host_key_algorithms[$i], $this->server_host_key_algorithms); $i++);
if ($i == count($server_host_key_algorithms)) {
$this->_handle_error('No compatible server host key algorithms found');
user_error('No compatible server host key algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
if ($public_key_format != $server_host_key_algorithms[$i] || $this->signature_format != $server_host_key_algorithms[$i]) {
$this->_handle_error('Sever Host Key Algorithm Mismatch');
user_error('Sever Host Key Algorithm Mismatch');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1222,14 +1220,14 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
extract(unpack('Ctype', $this->_string_shift($response, 1)));
if ($type != NET_SSH2_MSG_NEWKEYS) {
$this->_handle_error('Expected SSH_MSG_NEWKEYS');
user_error('Expected SSH_MSG_NEWKEYS');
return false;
}
@ -1343,7 +1341,7 @@ class Net_SSH2 {
for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_client_to_server); $i++);
if ($i == count($mac_algorithms)) {
$this->_handle_error('No compatible client to server message authentication algorithms found');
user_error('No compatible client to server message authentication algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1368,7 +1366,7 @@ class Net_SSH2 {
for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_server_to_client); $i++);
if ($i == count($mac_algorithms)) {
$this->_handle_error('No compatible server to client message authentication algorithms found');
user_error('No compatible server to client message authentication algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -1410,14 +1408,14 @@ class Net_SSH2 {
for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_server_to_client); $i++);
if ($i == count($compression_algorithms)) {
$this->_handle_error('No compatible server to client compression algorithms found');
user_error('No compatible server to client compression algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
$this->decompress = $compression_algorithms[$i] == 'zlib';
for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_client_to_server); $i++);
if ($i == count($compression_algorithms)) {
$this->_handle_error('No compatible client to server compression algorithms found');
user_error('No compatible client to server compression algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
$this->compress = $compression_algorithms[$i] == 'zlib';
@ -1453,14 +1451,14 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
extract(unpack('Ctype', $this->_string_shift($response, 1)));
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
$this->_handle_error('Expected SSH_MSG_SERVICE_ACCEPT');
user_error('Expected SSH_MSG_SERVICE_ACCEPT');
return false;
}
@ -1481,7 +1479,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1517,7 +1515,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1589,7 +1587,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1702,7 +1700,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1737,7 +1735,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1890,7 +1888,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -1901,7 +1899,7 @@ class Net_SSH2 {
break;
case NET_SSH2_MSG_CHANNEL_FAILURE:
default:
$this->_handle_error('Unable to request pseudo-terminal');
user_error('Unable to request pseudo-terminal');
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
}
@ -1942,12 +1940,12 @@ class Net_SSH2 {
$this->curTimeout = $this->timeout;
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) {
$this->_handle_error('Unable to initiate an interactive shell session');
user_error('Unable to initiate an interactive shell session');
return false;
}
@ -1981,12 +1979,12 @@ class Net_SSH2 {
function write($cmd)
{
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
$this->_handle_error('Operation disallowed prior to login()');
user_error('Operation disallowed prior to login()');
return false;
}
if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) {
$this->_handle_error('Unable to initiate an interactive shell session');
user_error('Unable to initiate an interactive shell session');
return false;
}
@ -2031,7 +2029,7 @@ class Net_SSH2 {
function _get_binary_packet()
{
if (!is_resource($this->fsock) || feof($this->fsock)) {
$this->_handle_error('Connection closed prematurely');
user_error('Connection closed prematurely');
$this->bitmask = 0;
return false;
}
@ -2048,7 +2046,7 @@ class Net_SSH2 {
$raw = $this->decrypt->decrypt($raw);
}
if ($raw === false) {
$this->_handle_error('Unable to decrypt content');
user_error('Unable to decrypt content');
return false;
}
@ -2072,7 +2070,7 @@ class Net_SSH2 {
if ($this->hmac_check !== false) {
$hmac = fread($this->fsock, $this->hmac_size);
if ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) {
$this->_handle_error('Invalid HMAC');
user_error('Invalid HMAC');
return false;
}
}
@ -2239,7 +2237,7 @@ class Net_SSH2 {
$response = $this->_get_binary_packet();
if ($response === false) {
$this->_handle_error('Connection closed by server');
user_error('Connection closed by server');
return false;
}
@ -2261,7 +2259,7 @@ class Net_SSH2 {
return $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended);
//case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE:
default:
$this->_handle_error('Unable to open channel');
user_error('Unable to open channel');
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
}
break;
@ -2271,7 +2269,7 @@ class Net_SSH2 {
return true;
//case NET_SSH2_MSG_CHANNEL_FAILURE:
default:
$this->_handle_error('Unable to request pseudo-terminal');
user_error('Unable to request pseudo-terminal');
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
}
case NET_SSH2_MSG_CHANNEL_CLOSE:
@ -2360,7 +2358,7 @@ class Net_SSH2 {
case NET_SSH2_MSG_CHANNEL_EOF:
break;
default:
$this->_handle_error('Error reading channel data');
user_error('Error reading channel data');
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
}
}
@ -2379,7 +2377,7 @@ class Net_SSH2 {
function _send_binary_packet($data)
{
if (!is_resource($this->fsock) || feof($this->fsock)) {
$this->_handle_error('Connection closed prematurely');
user_error('Connection closed prematurely');
$this->bitmask = 0;
return false;
}
@ -2886,7 +2884,7 @@ class Net_SSH2 {
padding, unsigned, and in network byte order). */
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
if ($temp['length'] != 40) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -2894,7 +2892,7 @@ class Net_SSH2 {
$s = new Math_BigInteger($this->_string_shift($signature, 20), 256);
if ($r->compare($q) >= 0 || $s->compare($q) >= 0) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -2914,7 +2912,7 @@ class Net_SSH2 {
list(, $v) = $v->divide($q);
if (!$v->equals($r)) {
$this->_handle_error('Bad server signature');
user_error('Bad server signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
}
@ -2939,7 +2937,7 @@ class Net_SSH2 {
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$rsa->loadKey(array('e' => $e, 'n' => $n), CRYPT_RSA_PUBLIC_FORMAT_RAW);
if (!$rsa->verify($this->exchange_hash, $signature)) {
$this->_handle_error('Bad server signature');
user_error('Bad server signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
}
*/
@ -2954,7 +2952,7 @@ class Net_SSH2 {
// also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source.
if ($s->compare(new Math_BigInteger()) < 0 || $s->compare($n->subtract(new Math_BigInteger(1))) > 0) {
$this->_handle_error('Invalid signature');
user_error('Invalid signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
@ -2965,33 +2963,15 @@ class Net_SSH2 {
$h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 3 - strlen($h)) . $h;
if ($s != $h) {
$this->_handle_error('Bad server signature');
user_error('Bad server signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
}
break;
default:
$this->_handle_error('Unsupported signature format');
user_error('Unsupported signature format');
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
}
return $this->signature_format . ' ' . base64_encode($this->server_public_host_key);
}
/**
* Error Handler
*
* Throws exceptions if PHPSECLIB_USE_EXCEPTIONS is defined.
* Unless PHPSECLIB_EXCEPTION_CLASS is set it'll throw generic Exceptions.
*
* @param String $string
* @access private
*/
function _handle_error($err_msg) {
if (defined('PHPSECLIB_USE_EXCEPTIONS') && version_compare(PHP_VERSION, '5.1.0', '>=')) {
$class = defined('PHPSECLIB_EXCEPTION_CLASS') && class_exists(PHPSECLIB_EXCEPTION_CLASS) ? PHPSECLIB_EXCEPTION_CLASS : 'Exception';
throw(new $class($err_msg));
} else {
user_error($err_msg);
}
}
}