danog/tgseclib
1
0
Fork 0
mirror of https://github.com/danog/tgseclib.git synced 2025-01-22 22:11:13 +01:00
Code Issues Projects Releases Wiki Activity
3,292 Commits 1 Branch 21 Tags
Commit Graph

587 Commits

Author SHA1 Message Date
terrafrost
3eac2582d6 SSH2: fix issues with RSA key verification 
Sometimes SSH servers will null pad their RSA keys. this null padding
broke Net/SSH2.php's RSA implementation (Crypt/RSA.php's implementation
works just fine). Also, the -3 was counting the initial "\0" of $h
twice so adjust it to -2.
 2014-11-06 11:58:03 -06:00
terrafrost
361b59fff9 SSH2: make setCryptoEngine() less cumbersome 2014-10-11 23:40:56 -05:00
terrafrost
959c0cefae SSH2: add setCryptoEngine() function 2014-10-11 23:26:46 -05:00
terrafrost
ff4d563f4f SSH2: CS adjustments 2014-10-11 23:20:44 -05:00
Andreas Fischer
92c3127448 Merge branch 'master' into php5 
* master:
  SSH2: removed redundant rtrim
 2014-09-28 12:43:54 +02:00
Cezary Kluczyński
0692a1ea7d SSH2: removed redundant rtrim 2014-09-28 12:39:54 +02:00
Andreas Fischer
cf921a347a Merge branch 'master' into php5 
* master:
  SSH2: rm unused constant
 2014-09-07 12:43:27 +02:00
terrafrost
67279d7811 SSH2: rm unused constant 
it doesn't need to be defined since the strlen($this->last_interactive_response)
check in _login_helper serves the same purpose that NET_SSH_MASK_LOGIN_INTERACTIVE
was intended to serve
 2014-09-06 20:30:01 -05:00
Andreas Fischer
42e05a6714 Merge branch 'master' into php5 
* master:
  SSH2: don't count data length against window size
 2014-09-03 20:44:53 +02:00
terrafrost
9e71e0bce8 SSH2: don't count data length against window size 
it is my hope that the issues 8c9e7a890e5755ee27fca66590ff5d2fa0616e56
and ccb1c3e2bdefd41cb3a7a21876eb0f5cd055c601 sought to resolve were
fixed 9f8d8a7bf6c92d49f71dcadf585c898fcccd5c0d and
7a2c7a414c08d28f0700c7f6f8686a9e0e246a44.
 2014-08-30 15:26:23 -05:00
Andreas Fischer
9dc92a82a4 Merge branch 'master' into php5 
* master:
  SSH2: white space adjustment
  SSH: update getServerPublicHostKey() to use new _connect() method
  SSH2: fix if statement for conditional _connect() call
  simplify calls to $this->_connect()
  SSH2: make it so negotiated algorithms can be seen before login
 2014-08-10 12:10:11 +02:00
Andreas Fischer
1de939fb4a Merge pull request #427 from terrafrost/ssh2-show-methods-before-login 
SSH2: make it so negotiated algorithms can be seen before login

* terrafrost/ssh2-show-methods-before-login:
  SSH2: white space adjustment
  SSH: update getServerPublicHostKey() to use new _connect() method
  SSH2: fix if statement for conditional _connect() call
  simplify calls to $this->_connect()
  SSH2: make it so negotiated algorithms can be seen before login
 2014-08-10 12:10:04 +02:00
terrafrost
04e263bb8c SSH2: white space adjustment 2014-08-10 02:09:28 -05:00
terrafrost
085fb0ebb8 SSH: update getServerPublicHostKey() to use new _connect() method 2014-08-06 14:42:08 -05:00
terrafrost
5b019b22d9 SSH2: fix if statement for conditional _connect() call 2014-08-05 19:30:14 -05:00
terrafrost
dffef50838 simplify calls to $this->_connect() 2014-08-04 20:11:34 -05:00
Andreas Fischer
e4516fb453 Merge branch 'master' into php5 
* master:
  Add some test cases for SHA512.
  Use toBits() as there is no bits property.
  SSH2: Disallow the none MAC.
 2014-07-26 17:20:09 +02:00
Andreas Fischer
2ccb301c4c Merge pull request #425 from bantu/ssh-remove-none-mac 
SSH2: Disallow the none MAC.

* bantu/ssh-remove-none-mac:
  SSH2: Disallow the none MAC.
 2014-07-26 13:14:39 +02:00
Andreas Fischer
fed60fe8ac Merge branch 'master' into php5 
* master:
  ssh-hmac-sha2-256: Remove whitespace at end of line.
  Added RFC6668
  Add hmac-sha2-256 MAC support
 2014-07-26 13:11:29 +02:00
Andreas Fischer
4be4533a6e ssh-hmac-sha2-256: Remove whitespace at end of line. 2014-07-26 13:02:52 +02:00
terrafrost
49079fa1b4 SSH2: make it so negotiated algorithms can be seen before login 2014-07-25 10:03:31 -05:00
Dag Wieers
1a330b68e2 Added RFC6668 
Added the requested changed.
 2014-07-25 14:10:01 +02:00
Dag Wieers
86d17c6989 Add hmac-sha2-256 MAC support 
This small patch adds hmac-sha2-256 support separately as requested in #423.

Some security standards now recommend to disable MD5 and SHA1, and use SHA2 instead. This change was tested using SHA2 against RHEL6's OpenSSH v5.3p1 and Solaris 11. And was also tested with RHEL5's OpenSSH 4.3p2 which doesn't include SHA2.
 2014-07-25 12:28:08 +02:00
Andreas Fischer
1aecc5e3d8 SSH2: Disallow the none MAC. 2014-07-25 12:18:11 +02:00
Andreas Fischer
f0d0158c2b Merge branch 'master' into php5 
* master:
  Comment out (potentially) insecure ciphers arcfour and none.
 2014-07-22 16:09:16 +02:00
Andreas Fischer
a0a23cbaf1 Merge pull request #406 from bantu/remove-ssh-arcfour 
Remove the arcfour and none ciphers from SSH2.

* bantu/remove-ssh-arcfour:
  Comment out (potentially) insecure ciphers arcfour and none.
 2014-07-22 16:09:14 +02:00
Andreas Fischer
ae913d64c3 Merge branch 'master' into php5 
* master:
  SSH2: don't remove old $this->bitmap values
 2014-07-21 23:53:34 +02:00
terrafrost
9dd3db4a49 SSH2: don't remove old $this->bitmap values 2014-07-21 16:41:39 -05:00
Andreas Fischer
84ac305704 Comment out (potentially) insecure ciphers arcfour and none. 2014-07-21 12:16:49 +02:00
Andreas Fischer
025a637053 Merge branch 'master' into php5 
* master:
  Make Net_SSH2::isConnected() return a boolean instead of int.
 2014-07-20 23:31:30 +02:00
Andreas Fischer
678d0cc792 Make Net_SSH2::isConnected() return a boolean instead of int. 2014-07-20 23:03:06 +02:00
Andreas Fischer
c2f2f4a764 Merge branch 'master' into php5 
* master:
  SSH2: make isConnected return true if even if we're not logged in
 2014-07-20 23:00:32 +02:00
terrafrost
ac2fc96263 SSH2: make isConnected return true if even if we're not logged in 2014-07-20 11:24:16 -05:00
Andreas Fischer
ca4f6a21eb Merge branch 'master' into php5 
* master:
  Removed white-spaces from line ends
  Allow setting the terminal window size
 2014-06-23 16:36:23 +02:00
liutec
10597aed64 Removed white-spaces from line ends 2014-06-22 22:30:52 +03:00
liutec
8e1df6e3c3 Allow setting the terminal window size 2014-06-20 13:04:17 +03:00
Andreas Fischer
b50ef2dc64 Replace phpseclib_resolve_include_path with stream_resolve_include_path. 2014-06-19 16:14:15 +02:00
Andreas Fischer
f85d333912 Merge branch 'master' into php5 
* master:
  phpseclib_is_includable() -> phpseclib_resolve_include_path()
  Drop Net_SSH2::_is_includable() method.
  Random: a few changes to the stream_resolve_include_path_function
  Replace stream_resolve_include_path with phpseclib_is_includable.
  Random: add explanatory comment
  SSH2: replace _is_includable() with stream_resolve_include_path
  Random: include the Crypt_* classes if they're available

Conflicts:
	tests/bootstrap.php
 2014-06-19 16:09:23 +02:00
Andreas Fischer
709c7c4d48 Merge pull request #385 from bantu/a-random-change 
Random: include the Crypt_* classes if they're available

* bantu/a-random-change:
  phpseclib_is_includable() -> phpseclib_resolve_include_path()
  Drop Net_SSH2::_is_includable() method.
  Random: a few changes to the stream_resolve_include_path_function
  Replace stream_resolve_include_path with phpseclib_is_includable.
  Random: add explanatory comment
  SSH2: replace _is_includable() with stream_resolve_include_path
  Random: include the Crypt_* classes if they're available
 2014-06-19 16:08:59 +02:00
Andreas Fischer
fd65c55720 phpseclib_is_includable() -> phpseclib_resolve_include_path() 2014-06-19 14:57:09 +02:00
Andreas Fischer
1afbea613d Drop Net_SSH2::_is_includable() method. 2014-06-18 23:41:26 +02:00
Andreas Fischer
9c90beaf82 Replace stream_resolve_include_path with phpseclib_is_includable. 2014-06-17 14:38:24 +02:00
Andreas Fischer
563b8af6ce Merge branch 'master' into php5 
* master:
  SSH2: rm redundant part of SSH2 unit test
  SSH2: add unit test for getServerPublicHostKey
  SSH2: make it so you can verify server public host key without logging on
 2014-06-17 11:37:37 +02:00
terrafrost
5f56781261 SSH2: make it so you can verify server public host key without logging on 2014-06-16 10:19:34 -05:00
Andreas Fischer
67aedc240b Change constructors from class name to __construct(). 
This has been produced as follows:
<?php
$replace = $files = [];
$it = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($argv[1]));
foreach ($it as $fileinfo) {
    if ($fileinfo->getExtension() === 'php') {
        $file = $fileinfo->getPathname();
        $content = file_get_contents($file);
        $files[$file] = $content;
        $tokens = token_get_all($content);
        foreach ($tokens as $key => $value) {
            if ($value[0] === T_CLASS) {
                $class = $tokens[$key + 2][1];
                $replace += array(
                    "$class::$class(" => "$class::__construct(",
                    "parent::$class(" => "parent::__construct(",
                    "function $class(" => "function __construct(",
                );
            }
        }
    }
}
foreach ($files as $file => $content) {
    file_put_contents(
        $file,
        str_replace(
            array_keys($replace),
            array_values($replace),
            $content
        )
    );
}
 2014-06-16 17:06:34 +02:00
terrafrost
4401b7e21e SSH2: replace _is_includable() with stream_resolve_include_path 2014-06-16 09:47:13 -05:00
Andreas Fischer
14ba37c539 Merge branch 'master' into php5 
* master:
  SSH2: make $mac_algorithms non-static
 2014-06-11 07:49:02 +02:00
terrafrost
246e9e154f SSH2: make $mac_algorithms non-static 
none of the other statically defined variables have the potential
to change as multiple Net_SSH2 objects are created but this one does.

ie. if you connect to one SSH-2.0-SSHD server then no subsequent server
will use hmac-sha1-96 even if it could
 2014-06-10 23:08:56 -05:00
Andreas Fischer
f2f5fcd70a Update users of Math_BigInteger. 2014-06-02 20:19:00 +02:00
Andreas Fischer
6f4a873cad Merge branch 'master' into php5 
* master:
  Adjust documentation to coding guidelines: No () around include.
 2014-06-02 12:51:24 +02:00