From 37dbf0be584969396cbdd0eb92b72f48f34846e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Apr 2021 21:33:47 +0000 Subject: [PATCH] Bump phpseclib/phpseclib from 2.0.30 to 2.0.31 Bumps [phpseclib/phpseclib](https://github.com/phpseclib/phpseclib) from 2.0.30 to 2.0.31. - [Release notes](https://github.com/phpseclib/phpseclib/releases) - [Changelog](https://github.com/phpseclib/phpseclib/blob/master/CHANGELOG.md) - [Commits](https://github.com/phpseclib/phpseclib/compare/2.0.30...2.0.31) Signed-off-by: dependabot[bot] --- composer.json | 2 +- composer.lock | 14 ++-- composer/InstalledVersions.php | 10 +-- composer/autoload_files.php | 2 +- composer/autoload_static.php | 2 +- composer/installed.json | 14 ++-- composer/installed.php | 10 +-- .../src/PackageVersions/Versions.php | 4 +- phpseclib/phpseclib/phpseclib/Crypt/Base.php | 67 ++++++++++++------ phpseclib/phpseclib/phpseclib/Crypt/RSA.php | 62 ++++++++++++++++- phpseclib/phpseclib/phpseclib/File/ASN1.php | 68 ++++++++++++++----- phpseclib/phpseclib/phpseclib/File/X509.php | 9 ++- .../phpseclib/phpseclib/Math/BigInteger.php | 6 +- phpseclib/phpseclib/phpseclib/Net/SFTP.php | 30 ++++++-- .../phpseclib/phpseclib/Net/SFTP/Stream.php | 6 +- phpseclib/phpseclib/phpseclib/Net/SSH2.php | 57 +++++++--------- 16 files changed, 246 insertions(+), 117 deletions(-) diff --git a/composer.json b/composer.json index 2758ddaa1..f37ba4994 100644 --- a/composer.json +++ b/composer.json @@ -36,7 +36,7 @@ "php-ds/php-ds": "^1.3", "php-http/guzzle7-adapter": "^0.1.1", "php-opencloud/openstack": "^3.1", - "phpseclib/phpseclib": "2.0.30", + "phpseclib/phpseclib": "2.0.31", "pimple/pimple": "^3.4.0", "psr/container": "^1.1.1", "psr/event-dispatcher": "^1.0", diff --git a/composer.lock b/composer.lock index e13e329b3..9e5758a27 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "7791570a4a5a4b9ae9a78400e0176c60", + "content-hash": "8b8c7f1617423e95fe02d57343e4d991", "packages": [ { "name": "aws/aws-sdk-php", @@ -2805,16 +2805,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "2.0.30", + "version": "2.0.31", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "136b9ca7eebef78be14abf90d65c5e57b6bc5d36" + "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/136b9ca7eebef78be14abf90d65c5e57b6bc5d36", - "reference": "136b9ca7eebef78be14abf90d65c5e57b6bc5d36", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/233a920cb38636a43b18d428f9a8db1f0a1a08f4", + "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4", "shasum": "" }, "require": { @@ -2894,7 +2894,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/2.0.30" + "source": "https://github.com/phpseclib/phpseclib/tree/2.0.31" }, "funding": [ { @@ -2910,7 +2910,7 @@ "type": "tidelift" } ], - "time": "2020-12-17T05:42:04+00:00" + "time": "2021-04-06T13:56:45+00:00" }, { "name": "pimple/pimple", diff --git a/composer/InstalledVersions.php b/composer/InstalledVersions.php index 652e27f57..2dbb59fbe 100644 --- a/composer/InstalledVersions.php +++ b/composer/InstalledVersions.php @@ -30,7 +30,7 @@ class InstalledVersions 'aliases' => array ( ), - 'reference' => '0d770f0d47d905f207c3a14f4450db65b538dcc9', + 'reference' => '25265c5d601a621789e427d57c8a04163da7697f', 'name' => 'nextcloud/3rdparty', ), 'versions' => @@ -312,7 +312,7 @@ class InstalledVersions 'aliases' => array ( ), - 'reference' => '0d770f0d47d905f207c3a14f4450db65b538dcc9', + 'reference' => '25265c5d601a621789e427d57c8a04163da7697f', ), 'nextcloud/lognormalizer' => array ( @@ -454,12 +454,12 @@ class InstalledVersions ), 'phpseclib/phpseclib' => array ( - 'pretty_version' => '2.0.30', - 'version' => '2.0.30.0', + 'pretty_version' => '2.0.31', + 'version' => '2.0.31.0', 'aliases' => array ( ), - 'reference' => '136b9ca7eebef78be14abf90d65c5e57b6bc5d36', + 'reference' => '233a920cb38636a43b18d428f9a8db1f0a1a08f4', ), 'pimple/pimple' => array ( diff --git a/composer/autoload_files.php b/composer/autoload_files.php index 4e2cfcf53..6d3aa74aa 100644 --- a/composer/autoload_files.php +++ b/composer/autoload_files.php @@ -119,7 +119,7 @@ '356736db98a6834f0a886b8d509b0ecd' => $vendorDir . '/thecodingmachine/safe/generated/zlib.php', '8a9dc1de0ca7e01f3e08231539562f61' => $vendorDir . '/aws/aws-sdk-php/src/functions.php', '538ca81a9a966a6716601ecf48f4eaef' => $vendorDir . '/opis/closure/functions.php', - 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', '2c102faa651ef8ea5874edb585946bce' => $vendorDir . '/swiftmailer/swiftmailer/lib/swift_required.php', '8825ede83f2f289127722d4e842cf7e8' => $vendorDir . '/symfony/polyfill-intl-grapheme/bootstrap.php', + 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', ); diff --git a/composer/autoload_static.php b/composer/autoload_static.php index 4cadd8c67..513065d57 100644 --- a/composer/autoload_static.php +++ b/composer/autoload_static.php @@ -120,9 +120,9 @@ class ComposerStaticInit2f23f73bc0cc116b4b1eee1521aa8652 '356736db98a6834f0a886b8d509b0ecd' => __DIR__ . '/..' . '/thecodingmachine/safe/generated/zlib.php', '8a9dc1de0ca7e01f3e08231539562f61' => __DIR__ . '/..' . '/aws/aws-sdk-php/src/functions.php', '538ca81a9a966a6716601ecf48f4eaef' => __DIR__ . '/..' . '/opis/closure/functions.php', - 'decc78cc4436b1292c6c0d151b19445c' => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib/bootstrap.php', '2c102faa651ef8ea5874edb585946bce' => __DIR__ . '/..' . '/swiftmailer/swiftmailer/lib/swift_required.php', '8825ede83f2f289127722d4e842cf7e8' => __DIR__ . '/..' . '/symfony/polyfill-intl-grapheme/bootstrap.php', + 'decc78cc4436b1292c6c0d151b19445c' => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib/bootstrap.php', ); public static $prefixLengthsPsr4 = array ( diff --git a/composer/installed.json b/composer/installed.json index bb6b2b111..3b1b05f7e 100644 --- a/composer/installed.json +++ b/composer/installed.json @@ -2924,17 +2924,17 @@ }, { "name": "phpseclib/phpseclib", - "version": "2.0.30", - "version_normalized": "2.0.30.0", + "version": "2.0.31", + "version_normalized": "2.0.31.0", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "136b9ca7eebef78be14abf90d65c5e57b6bc5d36" + "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/136b9ca7eebef78be14abf90d65c5e57b6bc5d36", - "reference": "136b9ca7eebef78be14abf90d65c5e57b6bc5d36", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/233a920cb38636a43b18d428f9a8db1f0a1a08f4", + "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4", "shasum": "" }, "require": { @@ -2951,7 +2951,7 @@ "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." }, - "time": "2020-12-17T05:42:04+00:00", + "time": "2021-04-06T13:56:45+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -3016,7 +3016,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/2.0.30" + "source": "https://github.com/phpseclib/phpseclib/tree/2.0.31" }, "funding": [ { diff --git a/composer/installed.php b/composer/installed.php index a2813290a..f127d7e81 100644 --- a/composer/installed.php +++ b/composer/installed.php @@ -6,7 +6,7 @@ 'aliases' => array ( ), - 'reference' => '0d770f0d47d905f207c3a14f4450db65b538dcc9', + 'reference' => '25265c5d601a621789e427d57c8a04163da7697f', 'name' => 'nextcloud/3rdparty', ), 'versions' => @@ -288,7 +288,7 @@ 'aliases' => array ( ), - 'reference' => '0d770f0d47d905f207c3a14f4450db65b538dcc9', + 'reference' => '25265c5d601a621789e427d57c8a04163da7697f', ), 'nextcloud/lognormalizer' => array ( @@ -430,12 +430,12 @@ ), 'phpseclib/phpseclib' => array ( - 'pretty_version' => '2.0.30', - 'version' => '2.0.30.0', + 'pretty_version' => '2.0.31', + 'version' => '2.0.31.0', 'aliases' => array ( ), - 'reference' => '136b9ca7eebef78be14abf90d65c5e57b6bc5d36', + 'reference' => '233a920cb38636a43b18d428f9a8db1f0a1a08f4', ), 'pimple/pimple' => array ( diff --git a/composer/package-versions-deprecated/src/PackageVersions/Versions.php b/composer/package-versions-deprecated/src/PackageVersions/Versions.php index 654029b1f..c27ea4e5b 100644 --- a/composer/package-versions-deprecated/src/PackageVersions/Versions.php +++ b/composer/package-versions-deprecated/src/PackageVersions/Versions.php @@ -76,7 +76,7 @@ final class Versions 'php-http/httplug' => '2.2.0@191a0a1b41ed026b717421931f8d3bd2514ffbf9', 'php-http/promise' => '1.1.0@4c4c1f9b7289a2ec57cde7f1e9762a5789506f88', 'php-opencloud/openstack' => 'v3.1.0@7b0eeb63defe533fb802514af3c70855c45eaf1e', - 'phpseclib/phpseclib' => '2.0.30@136b9ca7eebef78be14abf90d65c5e57b6bc5d36', + 'phpseclib/phpseclib' => '2.0.31@233a920cb38636a43b18d428f9a8db1f0a1a08f4', 'pimple/pimple' => 'v3.4.0@86406047271859ffc13424a048541f4531f53601', 'psr/container' => '1.1.1@8622567409010282b7aeebe4bb841fe98b58dcaf', 'psr/event-dispatcher' => '1.0.0@dbefd12671e8a14ec7f180cab83036ed26714bb0', @@ -120,7 +120,7 @@ final class Versions 'web-auth/cose-lib' => 'v3.3.1@eea6fae63ff5c81bf98c115b1be5f38a69682c16', 'web-auth/metadata-service' => 'v3.3.1@8488d3a832a38cc81c670fce05de1e515c6e64b1', 'web-auth/webauthn-lib' => 'v3.3.1@e411527a41c1013512fccdfce61681eb36484c77', - 'nextcloud/3rdparty' => 'dev-master@0d770f0d47d905f207c3a14f4450db65b538dcc9', + 'nextcloud/3rdparty' => 'dev-master@25265c5d601a621789e427d57c8a04163da7697f', ); private function __construct() diff --git a/phpseclib/phpseclib/phpseclib/Crypt/Base.php b/phpseclib/phpseclib/phpseclib/Crypt/Base.php index efbcd242b..8822b9b88 100644 --- a/phpseclib/phpseclib/phpseclib/Crypt/Base.php +++ b/phpseclib/phpseclib/phpseclib/Crypt/Base.php @@ -779,12 +779,14 @@ function encrypt($plaintext) } if ($this->engine === self::ENGINE_MCRYPT) { + set_error_handler(array($this, 'do_nothing')); + if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->enchanged) { - @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); $this->enchanged = false; } @@ -817,15 +819,15 @@ function encrypt($plaintext) if ($len >= $block_size) { if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) { if ($this->enbuffer['enmcrypt_init'] === true) { - @mcrypt_generic_init($this->enmcrypt, $this->key, $iv); + mcrypt_generic_init($this->enmcrypt, $this->key, $iv); $this->enbuffer['enmcrypt_init'] = false; } - $ciphertext.= @mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); + $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); $iv = substr($ciphertext, -$block_size); $len%= $block_size; } else { while ($len >= $block_size) { - $iv = @mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); + $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); $ciphertext.= $iv; $len-= $block_size; $i+= $block_size; @@ -834,22 +836,26 @@ function encrypt($plaintext) } if ($len) { - $iv = @mcrypt_generic($this->ecb, $iv); + $iv = mcrypt_generic($this->ecb, $iv); $block = $iv ^ substr($plaintext, -$len); $iv = substr_replace($iv, $block, 0, $len); $ciphertext.= $block; $pos = $len; } + restore_error_handler(); + return $ciphertext; } - $ciphertext = @mcrypt_generic($this->enmcrypt, $plaintext); + $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { - @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); } + restore_error_handler(); + return $ciphertext; } @@ -1118,13 +1124,14 @@ function decrypt($ciphertext) } if ($this->engine === self::ENGINE_MCRYPT) { + set_error_handler(array($this, 'do_nothing')); $block_size = $this->block_size; if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->dechanged) { - @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); $this->dechanged = false; } @@ -1152,26 +1159,30 @@ function decrypt($ciphertext) } if ($len >= $block_size) { $cb = substr($ciphertext, $i, $len - $len % $block_size); - $plaintext.= @mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; + $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; $iv = substr($cb, -$block_size); $len%= $block_size; } if ($len) { - $iv = @mcrypt_generic($this->ecb, $iv); + $iv = mcrypt_generic($this->ecb, $iv); $plaintext.= $iv ^ substr($ciphertext, -$len); $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); $pos = $len; } + restore_error_handler(); + return $plaintext; } - $plaintext = @mdecrypt_generic($this->demcrypt, $ciphertext); + $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); if (!$this->continuousBuffer) { - @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); } + restore_error_handler(); + return $this->paddable ? $this->_unpad($plaintext) : $plaintext; } @@ -1649,9 +1660,12 @@ function isValidEngine($engine) } return false; case self::ENGINE_MCRYPT: - return $this->cipher_name_mcrypt && + set_error_handler(array($this, 'do_nothing')); + $result = $this->cipher_name_mcrypt && extension_loaded('mcrypt') && - in_array($this->cipher_name_mcrypt, @mcrypt_list_algorithms()); + in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()); + restore_error_handler(); + return $result; case self::ENGINE_INTERNAL: return true; } @@ -1728,17 +1742,19 @@ function _setEngine() } if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) { + set_error_handler(array($this, 'do_nothing')); // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, // (re)open them with the module named in $this->cipher_name_mcrypt - @mcrypt_module_close($this->enmcrypt); - @mcrypt_module_close($this->demcrypt); + mcrypt_module_close($this->enmcrypt); + mcrypt_module_close($this->demcrypt); $this->enmcrypt = null; $this->demcrypt = null; if ($this->ecb) { - @mcrypt_module_close($this->ecb); + mcrypt_module_close($this->ecb); $this->ecb = null; } + restore_error_handler(); } $this->changed = true; @@ -1851,19 +1867,19 @@ function _setupMcrypt() self::MODE_STREAM => MCRYPT_MODE_STREAM, ); - $this->demcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); - $this->enmcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() // to workaround mcrypt's broken ncfb implementation in buffered mode // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} if ($this->mode == self::MODE_CFB) { - $this->ecb = @mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); + $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); } } // else should mcrypt_generic_deinit be called? if ($this->mode == self::MODE_CFB) { - @mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); + mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); } } @@ -2696,4 +2712,13 @@ function safe_intval_inline() return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; } } + + /** + * Dummy error handler to suppress mcrypt errors + * + * @access private + */ + function do_nothing() + { + } } diff --git a/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/phpseclib/phpseclib/phpseclib/Crypt/RSA.php index 17e2b8329..811d039d3 100644 --- a/phpseclib/phpseclib/phpseclib/Crypt/RSA.php +++ b/phpseclib/phpseclib/phpseclib/Crypt/RSA.php @@ -1219,6 +1219,7 @@ function. As is, the definitive authority on this encoding scheme isn't the IET $length = $this->_decodeLength($temp); switch ($this->_string_shift($temp, $length)) { case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption + case "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0A": // rsaPSS break; case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC /* @@ -2916,6 +2917,59 @@ function _emsa_pkcs1_v1_5_encode($m, $emLen) return $em; } + /** + * EMSA-PKCS1-V1_5-ENCODE (without NULL) + * + * Quoting https://tools.ietf.org/html/rfc8017#page-65, + * + * "The parameters field associated with id-sha1, id-sha224, id-sha256, + * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should + * generally be omitted, but if present, it shall have a value of type + * NULL" + * + * @access private + * @param string $m + * @param int $emLen + * @return string + */ + function _emsa_pkcs1_v1_5_encode_without_null($m, $emLen) + { + $h = $this->hash->hash($m); + if ($h === false) { + return false; + } + + switch ($this->hashName) { + case 'sha1': + $t = pack('H*', '301f300706052b0e03021a0414'); + break; + case 'sha256': + $t = pack('H*', '302f300b06096086480165030402010420'); + break; + case 'sha384': + $t = pack('H*', '303f300b06096086480165030402020430'); + break; + case 'sha512': + $t = pack('H*', '304f300b06096086480165030402030440'); + break; + default: + return false; + } + $t.= $h; + $tLen = strlen($t); + + if ($emLen < $tLen + 11) { + user_error('Intended encoded message length too short'); + return false; + } + + $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); + + $em = "\0\1$ps\0$t"; + + return $em; + } + /** * RSASSA-PKCS1-V1_5-SIGN * @@ -2982,13 +3036,17 @@ function _rsassa_pkcs1_v1_5_verify($m, $s) // EMSA-PKCS1-v1_5 encoding $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); - if ($em2 === false) { + $em3 = $this->_emsa_pkcs1_v1_5_encode_without_null($m, $this->k); + + if ($em2 === false && $em3 === false) { user_error('RSA modulus too short'); return false; } // Compare - return $this->_equals($em, $em2); + + return ($em2 !== false && $this->_equals($em, $em2)) || + ($em3 !== false && $this->_equals($em, $em3)); } /** diff --git a/phpseclib/phpseclib/phpseclib/File/ASN1.php b/phpseclib/phpseclib/phpseclib/File/ASN1.php index 807ca88ce..dc5b78f64 100644 --- a/phpseclib/phpseclib/phpseclib/File/ASN1.php +++ b/phpseclib/phpseclib/phpseclib/File/ASN1.php @@ -235,7 +235,7 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) $current = array('start' => $start); $type = ord($encoded[$encoded_pos++]); - $start++; + $startOffset = 1; $constructed = ($type >> 5) & 1; @@ -245,13 +245,20 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) // process septets (since the eighth bit is ignored, it's not an octet) do { $temp = ord($encoded[$encoded_pos++]); + $startOffset++; $loop = $temp >> 7; $tag <<= 7; - $tag |= $temp & 0x7F; - $start++; + $temp &= 0x7F; + // "bits 7 to 1 of the first subsequent octet shall not all be zero" + if ($startOffset == 2 && $temp == 0) { + return false; + } + $tag |= $temp; } while ($loop); } + $start+= $startOffset; + // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 $length = ord($encoded[$encoded_pos++]); $start++; @@ -344,13 +351,16 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) switch ($tag) { case self::TYPE_BOOLEAN: // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 - //if (strlen($content) != 1) { - // return false; - //} + if ($constructed || strlen($content) != 1) { + return false; + } $current['content'] = (bool) ord($content[$content_pos]); break; case self::TYPE_INTEGER: case self::TYPE_ENUMERATED: + if ($constructed) { + return false; + } $current['content'] = new BigInteger(substr($content, $content_pos), -256); break; case self::TYPE_REAL: // not currently supported @@ -370,15 +380,15 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) $last = count($temp) - 1; for ($i = 0; $i < $last; $i++) { // all subtags should be bit strings - //if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { - // return false; - //} + if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { + return false; + } $current['content'].= substr($temp[$i]['content'], 1); } // all subtags should be bit strings - //if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { - // return false; - //} + if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { + return false; + } $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); } break; @@ -395,9 +405,9 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) } $content_pos += $temp['length']; // all subtags should be octet strings - //if ($temp['type'] != self::TYPE_OCTET_STRING) { - // return false; - //} + if ($temp['type'] != self::TYPE_OCTET_STRING) { + return false; + } $current['content'].= $temp['content']; $length+= $temp['length']; } @@ -408,12 +418,15 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) break; case self::TYPE_NULL: // "The contents octets shall not contain any octets." -- paragraph 8.8.2 - //if (strlen($content)) { - // return false; - //} + if ($constructed || strlen($content)) { + return false; + } break; case self::TYPE_SEQUENCE: case self::TYPE_SET: + if (!$constructed) { + return false; + } $offset = 0; $current['content'] = array(); $content_len = strlen($content); @@ -434,7 +447,13 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) } break; case self::TYPE_OBJECT_IDENTIFIER: + if ($constructed) { + return false; + } $current['content'] = $this->_decodeOID(substr($content, $content_pos)); + if ($current['content'] === false) { + return false; + } break; /* Each character string type shall be encoded as if it had been declared: [UNIVERSAL x] IMPLICIT OCTET STRING @@ -464,12 +483,20 @@ function _decode_ber($encoded, $start = 0, $encoded_pos = 0) case self::TYPE_UTF8_STRING: // ???? case self::TYPE_BMP_STRING: + if ($constructed) { + return false; + } $current['content'] = substr($content, $content_pos); break; case self::TYPE_UTC_TIME: case self::TYPE_GENERALIZED_TIME: + if ($constructed) { + return false; + } $current['content'] = $this->_decodeTime(substr($content, $content_pos), $tag); + break; default: + return false; } $start+= $length; @@ -1127,6 +1154,11 @@ function _decodeOID($content) $oid = array(); $pos = 0; $len = strlen($content); + + if (ord($content[$len - 1]) & 0x80) { + return false; + } + $n = new BigInteger(); while ($pos < $len) { $temp = ord($content[$pos++]); diff --git a/phpseclib/phpseclib/phpseclib/File/X509.php b/phpseclib/phpseclib/phpseclib/File/X509.php index 3520efdc1..7b1b1cfad 100644 --- a/phpseclib/phpseclib/phpseclib/File/X509.php +++ b/phpseclib/phpseclib/phpseclib/File/X509.php @@ -5054,9 +5054,12 @@ function _extractBER($str) * subject=/O=organization/OU=org unit/CN=common name * issuer=/O=organization/CN=common name */ - $temp = strlen($str) <= ini_get('pcre.backtrack_limit') ? - preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1) : - $str; + if (strlen($str) > ini_get('pcre.backtrack_limit')) { + $temp = $str; + } else { + $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1); + $temp = preg_replace('#-+END.*[\r\n ]*.*#ms', '', $str, 1); + } // remove new lines $temp = str_replace(array("\r", "\n", ' '), '', $temp); // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff diff --git a/phpseclib/phpseclib/phpseclib/Math/BigInteger.php b/phpseclib/phpseclib/phpseclib/Math/BigInteger.php index 9df0bf0f2..fc24b9145 100644 --- a/phpseclib/phpseclib/phpseclib/Math/BigInteger.php +++ b/phpseclib/phpseclib/phpseclib/Math/BigInteger.php @@ -658,11 +658,11 @@ function toBits($twos_compliment = false) { $hex = $this->toHex($twos_compliment); $bits = ''; - for ($i = strlen($hex) - 8, $start = strlen($hex) & 7; $i >= $start; $i-=8) { - $bits = str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT) . $bits; + for ($i = strlen($hex) - 6, $start = strlen($hex) % 6; $i >= $start; $i-=6) { + $bits = str_pad(decbin(hexdec(substr($hex, $i, 6))), 24, '0', STR_PAD_LEFT) . $bits; } if ($start) { // hexdec('') == 0 - $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8, '0', STR_PAD_LEFT) . $bits; + $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8 * $start, '0', STR_PAD_LEFT) . $bits; } $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); diff --git a/phpseclib/phpseclib/phpseclib/Net/SFTP.php b/phpseclib/phpseclib/phpseclib/Net/SFTP.php index 8ae43fa04..34741831b 100644 --- a/phpseclib/phpseclib/phpseclib/Net/SFTP.php +++ b/phpseclib/phpseclib/phpseclib/Net/SFTP.php @@ -1024,7 +1024,7 @@ function _list($dir, $raw = true) uasort($contents, array(&$this, '_comparator')); } - return $raw ? $contents : array_keys($contents); + return $raw ? $contents : array_map('strval', array_keys($contents)); } /** @@ -3004,9 +3004,17 @@ function _send_sftp_packet($type, $data, $request_id = 1) $packet_type = '-> ' . $this->packet_types[$type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == self::LOG_REALTIME) { - echo "
\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n
\r\n"; - flush(); - ob_flush(); + switch (PHP_SAPI) { + case 'cli': + $start = $stop = "\r\n"; + break; + default: + $start = '
';
+                        $stop = '
'; + } + echo $start . $this->_format_log(array($data), array($packet_type)) . $stop; + @flush(); + @ob_flush(); } else { $this->packet_type_log[] = $packet_type; if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { @@ -3113,9 +3121,17 @@ function _get_sftp_packet($request_id = null) $packet_type = '<- ' . $this->packet_types[$this->packet_type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == self::LOG_REALTIME) { - echo "
\r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n
\r\n"; - flush(); - ob_flush(); + switch (PHP_SAPI) { + case 'cli': + $start = $stop = "\r\n"; + break; + default: + $start = '
';
+                        $stop = '
'; + } + echo $start . $this->_format_log(array($packet), array($packet_type)) . $stop; + @flush(); + @ob_flush(); } else { $this->packet_type_log[] = $packet_type; if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { diff --git a/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php b/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php index 1a44b10a0..ec9e5841a 100644 --- a/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php +++ b/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php @@ -410,7 +410,7 @@ function _stream_seek($offset, $whence) { switch ($whence) { case SEEK_SET: - if ($offset >= $this->size || $offset < 0) { + if ($offset < 0) { return false; } break; @@ -447,7 +447,9 @@ function _stream_metadata($path, $option, $var) // and https://github.com/php/php-src/blob/master/main/php_streams.h#L592 switch ($option) { case 1: // PHP_STREAM_META_TOUCH - return $this->sftp->touch($path, $var[0], $var[1]); + $time = isset($var[0]) ? $var[0] : null; + $atime = isset($var[1]) ? $var[1] : null; + return $this->sftp->touch($path, $time, $atime); case 2: // PHP_STREAM_OWNER_NAME case 3: // PHP_STREAM_GROUP_NAME return false; diff --git a/phpseclib/phpseclib/phpseclib/Net/SSH2.php b/phpseclib/phpseclib/phpseclib/Net/SSH2.php index e2571190b..f8f8dcfde 100644 --- a/phpseclib/phpseclib/phpseclib/Net/SSH2.php +++ b/phpseclib/phpseclib/phpseclib/Net/SSH2.php @@ -2634,6 +2634,13 @@ function _privatekey_login($username, $privatekey) // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be $this->_updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); + break; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + default: + user_error('Unexpected response to publickey authentication pt 1'); + return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } $packet = $part1 . chr(1) . $part2; @@ -2668,7 +2675,8 @@ function _privatekey_login($username, $privatekey) return true; } - return false; + user_error('Unexpected response to publickey authentication pt 2'); + return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } /** @@ -2690,7 +2698,7 @@ function setTimeout($timeout) * * Sends an SSH2_MSG_IGNORE message every x seconds, if x is a positive non-zero number. * - * @param mixed $timeout + * @param int $interval * @access public */ function setKeepAlive($interval) @@ -2927,28 +2935,6 @@ function _initShell() return false; } - $response = $this->_get_binary_packet(); - if ($response === false) { - $this->bitmap = 0; - user_error('Connection closed by server'); - return false; - } - - if (!strlen($response)) { - return false; - } - list(, $type) = unpack('C', $this->_string_shift($response, 1)); - - switch ($type) { - case NET_SSH2_MSG_CHANNEL_SUCCESS: - // if a pty can't be opened maybe commands can still be executed - case NET_SSH2_MSG_CHANNEL_FAILURE: - break; - default: - user_error('Unable to request pseudo-terminal'); - return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); - } - $packet = pack( 'CNNa*C', NET_SSH2_MSG_CHANNEL_REQUEST, @@ -2961,14 +2947,7 @@ function _initShell() return false; } - $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; - - $response = $this->_get_channel_packet(self::CHANNEL_SHELL); - if ($response === false) { - return false; - } - - $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA; + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_IGNORE; $this->bitmap |= self::MASK_SHELL; @@ -3897,6 +3876,16 @@ function _get_channel_packet($client_channel, $skip_extended = false) return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } break; + case NET_SSH2_MSG_IGNORE: + switch ($type) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + //$this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_DATA; + continue 3; + case NET_SSH2_MSG_CHANNEL_FAILURE: + user_error('Error opening channel'); + return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + } + break; case NET_SSH2_MSG_CHANNEL_REQUEST: switch ($type) { case NET_SSH2_MSG_CHANNEL_SUCCESS: @@ -3916,6 +3905,10 @@ function _get_channel_packet($client_channel, $skip_extended = false) switch ($type) { case NET_SSH2_MSG_CHANNEL_DATA: + //if ($this->channel_status[$channel] == NET_SSH2_MSG_IGNORE) { + // $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_DATA; + //} + /* if ($channel == self::CHANNEL_EXEC) { // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server