SSH SFTP Updater Support - Version 0.8.5

Version Description

  • 2022/Dec/08 =

  • TWEAK: Update URL reference to current location

Download this release

Release Info

Developer DavidAnderson
Plugin Icon wp plugin SSH SFTP Updater Support
Version 0.8.5
Comparing to
See all releases

Code changes from version 0.8.4 to 0.8.5

phpseclib/Crypt/Base.php CHANGED
@@ -821,12 +821,13 @@ class Crypt_Base
821
  }
822
 
823
  if ($this->engine === CRYPT_ENGINE_MCRYPT) {
 
824
  if ($this->changed) {
825
  $this->_setupMcrypt();
826
  $this->changed = false;
827
  }
828
  if ($this->enchanged) {
829
- @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
830
  $this->enchanged = false;
831
  }
832
 
@@ -859,15 +860,15 @@ class Crypt_Base
859
  if ($len >= $block_size) {
860
  if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) {
861
  if ($this->enbuffer['enmcrypt_init'] === true) {
862
- @mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
863
  $this->enbuffer['enmcrypt_init'] = false;
864
  }
865
- $ciphertext.= @mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size));
866
  $iv = substr($ciphertext, -$block_size);
867
  $len%= $block_size;
868
  } else {
869
  while ($len >= $block_size) {
870
- $iv = @mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size);
871
  $ciphertext.= $iv;
872
  $len-= $block_size;
873
  $i+= $block_size;
@@ -876,22 +877,26 @@ class Crypt_Base
876
  }
877
 
878
  if ($len) {
879
- $iv = @mcrypt_generic($this->ecb, $iv);
880
  $block = $iv ^ substr($plaintext, -$len);
881
  $iv = substr_replace($iv, $block, 0, $len);
882
  $ciphertext.= $block;
883
  $pos = $len;
884
  }
885
 
 
 
886
  return $ciphertext;
887
  }
888
 
889
- $ciphertext = @mcrypt_generic($this->enmcrypt, $plaintext);
890
 
891
  if (!$this->continuousBuffer) {
892
- @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
893
  }
894
 
 
 
895
  return $ciphertext;
896
  }
897
 
@@ -1132,13 +1137,14 @@ class Crypt_Base
1132
  }
1133
 
1134
  if ($this->engine === CRYPT_ENGINE_MCRYPT) {
 
1135
  $block_size = $this->block_size;
1136
  if ($this->changed) {
1137
  $this->_setupMcrypt();
1138
  $this->changed = false;
1139
  }
1140
  if ($this->dechanged) {
1141
- @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
1142
  $this->dechanged = false;
1143
  }
1144
 
@@ -1166,26 +1172,30 @@ class Crypt_Base
1166
  }
1167
  if ($len >= $block_size) {
1168
  $cb = substr($ciphertext, $i, $len - $len % $block_size);
1169
- $plaintext.= @mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
1170
  $iv = substr($cb, -$block_size);
1171
  $len%= $block_size;
1172
  }
1173
  if ($len) {
1174
- $iv = @mcrypt_generic($this->ecb, $iv);
1175
  $plaintext.= $iv ^ substr($ciphertext, -$len);
1176
  $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len);
1177
  $pos = $len;
1178
  }
1179
 
 
 
1180
  return $plaintext;
1181
  }
1182
 
1183
- $plaintext = @mdecrypt_generic($this->demcrypt, $ciphertext);
1184
 
1185
  if (!$this->continuousBuffer) {
1186
- @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
1187
  }
1188
 
 
 
1189
  return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
1190
  }
1191
 
@@ -1643,9 +1653,12 @@ class Crypt_Base
1643
  }
1644
  return false;
1645
  case CRYPT_ENGINE_MCRYPT:
1646
- return $this->cipher_name_mcrypt &&
 
1647
  extension_loaded('mcrypt') &&
1648
- in_array($this->cipher_name_mcrypt, @mcrypt_list_algorithms());
 
 
1649
  case CRYPT_ENGINE_INTERNAL:
1650
  return true;
1651
  }
@@ -1722,17 +1735,19 @@ class Crypt_Base
1722
  }
1723
 
1724
  if ($this->engine != CRYPT_ENGINE_MCRYPT && $this->enmcrypt) {
 
1725
  // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed,
1726
  // (re)open them with the module named in $this->cipher_name_mcrypt
1727
- @mcrypt_module_close($this->enmcrypt);
1728
- @mcrypt_module_close($this->demcrypt);
1729
  $this->enmcrypt = null;
1730
  $this->demcrypt = null;
1731
 
1732
  if ($this->ecb) {
1733
- @mcrypt_module_close($this->ecb);
1734
  $this->ecb = null;
1735
  }
 
1736
  }
1737
 
1738
  $this->changed = true;
@@ -1850,19 +1865,19 @@ class Crypt_Base
1850
  CRYPT_MODE_STREAM => MCRYPT_MODE_STREAM,
1851
  );
1852
 
1853
- $this->demcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
1854
- $this->enmcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
1855
 
1856
  // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer()
1857
  // to workaround mcrypt's broken ncfb implementation in buffered mode
1858
  // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps}
1859
  if ($this->mode == CRYPT_MODE_CFB) {
1860
- $this->ecb = @mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, '');
1861
  }
1862
  } // else should mcrypt_generic_deinit be called?
1863
 
1864
  if ($this->mode == CRYPT_MODE_CFB) {
1865
- @mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size));
1866
  }
1867
  }
1868
 
@@ -2584,7 +2599,7 @@ class Crypt_Base
2584
  *
2585
  * @see self::_setupInlineCrypt()
2586
  * @access private
2587
- * @param $bytes
2588
  * @return string
2589
  */
2590
  function _hashInlineCryptFunction($bytes)
@@ -2657,4 +2672,13 @@ class Crypt_Base
2657
  return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';
2658
  }
2659
  }
 
 
 
 
 
 
 
 
 
2660
  }
821
  }
822
 
823
  if ($this->engine === CRYPT_ENGINE_MCRYPT) {
824
+ set_error_handler(array($this, 'do_nothing'));
825
  if ($this->changed) {
826
  $this->_setupMcrypt();
827
  $this->changed = false;
828
  }
829
  if ($this->enchanged) {
830
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
831
  $this->enchanged = false;
832
  }
833
 
860
  if ($len >= $block_size) {
861
  if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) {
862
  if ($this->enbuffer['enmcrypt_init'] === true) {
863
+ mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
864
  $this->enbuffer['enmcrypt_init'] = false;
865
  }
866
+ $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size));
867
  $iv = substr($ciphertext, -$block_size);
868
  $len%= $block_size;
869
  } else {
870
  while ($len >= $block_size) {
871
+ $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size);
872
  $ciphertext.= $iv;
873
  $len-= $block_size;
874
  $i+= $block_size;
877
  }
878
 
879
  if ($len) {
880
+ $iv = mcrypt_generic($this->ecb, $iv);
881
  $block = $iv ^ substr($plaintext, -$len);
882
  $iv = substr_replace($iv, $block, 0, $len);
883
  $ciphertext.= $block;
884
  $pos = $len;
885
  }
886
 
887
+ restore_error_handler();
888
+
889
  return $ciphertext;
890
  }
891
 
892
+ $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
893
 
894
  if (!$this->continuousBuffer) {
895
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
896
  }
897
 
898
+ restore_error_handler();
899
+
900
  return $ciphertext;
901
  }
902
 
1137
  }
1138
 
1139
  if ($this->engine === CRYPT_ENGINE_MCRYPT) {
1140
+ set_error_handler(array($this, 'do_nothing'));
1141
  $block_size = $this->block_size;
1142
  if ($this->changed) {
1143
  $this->_setupMcrypt();
1144
  $this->changed = false;
1145
  }
1146
  if ($this->dechanged) {
1147
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
1148
  $this->dechanged = false;
1149
  }
1150
 
1172
  }
1173
  if ($len >= $block_size) {
1174
  $cb = substr($ciphertext, $i, $len - $len % $block_size);
1175
+ $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
1176
  $iv = substr($cb, -$block_size);
1177
  $len%= $block_size;
1178
  }
1179
  if ($len) {
1180
+ $iv = mcrypt_generic($this->ecb, $iv);
1181
  $plaintext.= $iv ^ substr($ciphertext, -$len);
1182
  $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len);
1183
  $pos = $len;
1184
  }
1185
 
1186
+ restore_error_handler();
1187
+
1188
  return $plaintext;
1189
  }
1190
 
1191
+ $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
1192
 
1193
  if (!$this->continuousBuffer) {
1194
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
1195
  }
1196
 
1197
+ restore_error_handler();
1198
+
1199
  return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
1200
  }
1201
 
1653
  }
1654
  return false;
1655
  case CRYPT_ENGINE_MCRYPT:
1656
+ set_error_handler(array($this, 'do_nothing'));
1657
+ $result = $this->cipher_name_mcrypt &&
1658
  extension_loaded('mcrypt') &&
1659
+ in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms());
1660
+ restore_error_handler();
1661
+ return $result;
1662
  case CRYPT_ENGINE_INTERNAL:
1663
  return true;
1664
  }
1735
  }
1736
 
1737
  if ($this->engine != CRYPT_ENGINE_MCRYPT && $this->enmcrypt) {
1738
+ set_error_handler(array($this, 'do_nothing'));
1739
  // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed,
1740
  // (re)open them with the module named in $this->cipher_name_mcrypt
1741
+ mcrypt_module_close($this->enmcrypt);
1742
+ mcrypt_module_close($this->demcrypt);
1743
  $this->enmcrypt = null;
1744
  $this->demcrypt = null;
1745
 
1746
  if ($this->ecb) {
1747
+ mcrypt_module_close($this->ecb);
1748
  $this->ecb = null;
1749
  }
1750
+ restore_error_handler();
1751
  }
1752
 
1753
  $this->changed = true;
1865
  CRYPT_MODE_STREAM => MCRYPT_MODE_STREAM,
1866
  );
1867
 
1868
+ $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
1869
+ $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
1870
 
1871
  // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer()
1872
  // to workaround mcrypt's broken ncfb implementation in buffered mode
1873
  // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps}
1874
  if ($this->mode == CRYPT_MODE_CFB) {
1875
+ $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, '');
1876
  }
1877
  } // else should mcrypt_generic_deinit be called?
1878
 
1879
  if ($this->mode == CRYPT_MODE_CFB) {
1880
+ mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size));
1881
  }
1882
  }
1883
 
2599
  *
2600
  * @see self::_setupInlineCrypt()
2601
  * @access private
2602
+ * @param string $bytes
2603
  * @return string
2604
  */
2605
  function _hashInlineCryptFunction($bytes)
2672
  return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';
2673
  }
2674
  }
2675
+
2676
+ /**
2677
+ * Dummy error handler to suppress mcrypt errors
2678
+ *
2679
+ * @access private
2680
+ */
2681
+ function do_nothing()
2682
+ {
2683
+ }
2684
  }
phpseclib/Crypt/Hash.php CHANGED
@@ -191,7 +191,7 @@ class Crypt_Hash
191
  * PHP4 compatible Default Constructor.
192
  *
193
  * @see self::__construct()
194
- * @param int $mode
195
  * @access public
196
  */
197
  function Crypt_Hash($hash = 'sha1')
@@ -879,7 +879,6 @@ class Crypt_Hash
879
  * _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
880
  * possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
881
  *
882
- * @param int $...
883
  * @return int
884
  * @see self::_sha256()
885
  * @access private
191
  * PHP4 compatible Default Constructor.
192
  *
193
  * @see self::__construct()
194
+ * @param string $hash
195
  * @access public
196
  */
197
  function Crypt_Hash($hash = 'sha1')
879
  * _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
880
  * possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
881
  *
 
882
  * @return int
883
  * @see self::_sha256()
884
  * @access private
phpseclib/Crypt/RSA.php CHANGED
@@ -515,7 +515,7 @@ class Crypt_RSA
515
  case !function_exists('openssl_pkey_get_details'):
516
  define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
517
  break;
518
- case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile):
519
  // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
520
  ob_start();
521
  @phpinfo();
@@ -589,7 +589,7 @@ class Crypt_RSA
589
  * @access public
590
  * @param int $bits
591
  * @param int $timeout
592
- * @param Math_BigInteger $p
593
  */
594
  function createKey($bits = 1024, $timeout = false, $partial = array())
595
  {
@@ -768,7 +768,12 @@ class Crypt_RSA
768
  *
769
  * @access private
770
  * @see self::setPrivateKeyFormat()
771
- * @param string $RSAPrivateKey
 
 
 
 
 
772
  * @return string
773
  */
774
  function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
@@ -931,9 +936,9 @@ class Crypt_RSA
931
  );
932
  $key = "openssh-key-v1\0$key";
933
 
934
- return "-----BEGIN OPENSSH PRIVATE KEY-----\r\n" .
935
- chunk_split(base64_encode($key), 70) .
936
- "-----END OPENSSH PRIVATE KEY-----";
937
  default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
938
  $components = array();
939
  foreach ($raw as $name => $value) {
@@ -1061,8 +1066,9 @@ class Crypt_RSA
1061
  *
1062
  * @access private
1063
  * @see self::setPublicKeyFormat()
1064
- * @param string $RSAPrivateKey
1065
- * @return string
 
1066
  */
1067
  function _convertPublicKey($n, $e)
1068
  {
@@ -1292,6 +1298,7 @@ class Crypt_RSA
1292
  $length = $this->_decodeLength($temp);
1293
  switch ($this->_string_shift($temp, $length)) {
1294
  case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption
 
1295
  break;
1296
  case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC
1297
  /*
@@ -1624,6 +1631,8 @@ class Crypt_RSA
1624
 
1625
  return $components;
1626
  }
 
 
1627
  }
1628
 
1629
  /**
@@ -1962,7 +1971,6 @@ class Crypt_RSA
1962
  *
1963
  * @see self::getPublicKey()
1964
  * @access public
1965
- * @param string $key
1966
  * @param int $type optional
1967
  */
1968
  function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS8)
@@ -2020,7 +2028,6 @@ class Crypt_RSA
2020
  *
2021
  * @see self::getPublicKey()
2022
  * @access public
2023
- * @param string $key
2024
  * @param int $type optional
2025
  * @return mixed
2026
  */
@@ -2045,8 +2052,7 @@ class Crypt_RSA
2045
  *
2046
  * @see self::getPrivateKey()
2047
  * @access private
2048
- * @param string $key
2049
- * @param int $type optional
2050
  */
2051
  function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS8)
2052
  {
@@ -2263,7 +2269,7 @@ class Crypt_RSA
2263
  * of the hash function Hash) and 0.
2264
  *
2265
  * @access public
2266
- * @param int $format
2267
  */
2268
  function setSaltLength($sLen)
2269
  {
@@ -2296,7 +2302,7 @@ class Crypt_RSA
2296
  * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}.
2297
  *
2298
  * @access private
2299
- * @param string $x
2300
  * @return Math_BigInteger
2301
  */
2302
  function _os2ip($x)
@@ -2523,7 +2529,7 @@ class Crypt_RSA
2523
  *
2524
  * @access private
2525
  * @param string $mgfSeed
2526
- * @param int $mgfLen
2527
  * @return string
2528
  */
2529
  function _mgf1($mgfSeed, $maskLen)
@@ -2658,9 +2664,9 @@ class Crypt_RSA
2658
  $offset+= $patternMatch ? 0 : 1;
2659
  }
2660
 
2661
- // we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation
2662
  // to protect against timing attacks
2663
- if (!$hashesMatch & !$patternMatch) {
2664
  user_error('Decryption error');
2665
  return false;
2666
  }
@@ -2995,6 +3001,59 @@ class Crypt_RSA
2995
  return $em;
2996
  }
2997
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2998
  /**
2999
  * RSASSA-PKCS1-V1_5-SIGN
3000
  *
@@ -3032,6 +3091,7 @@ class Crypt_RSA
3032
  *
3033
  * @access private
3034
  * @param string $m
 
3035
  * @return string
3036
  */
3037
  function _rsassa_pkcs1_v1_5_verify($m, $s)
@@ -3060,13 +3120,17 @@ class Crypt_RSA
3060
  // EMSA-PKCS1-v1_5 encoding
3061
 
3062
  $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
3063
- if ($em2 === false) {
 
 
3064
  user_error('RSA modulus too short');
3065
  return false;
3066
  }
3067
 
3068
  // Compare
3069
- return $this->_equals($em, $em2);
 
 
3070
  }
3071
 
3072
  /**
@@ -3172,7 +3236,7 @@ class Crypt_RSA
3172
  *
3173
  * @see self::encrypt()
3174
  * @access public
3175
- * @param string $plaintext
3176
  * @return string
3177
  */
3178
  function decrypt($ciphertext)
515
  case !function_exists('openssl_pkey_get_details'):
516
  define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
517
  break;
518
+ case function_exists('phpinfo') && extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile):
519
  // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
520
  ob_start();
521
  @phpinfo();
589
  * @access public
590
  * @param int $bits
591
  * @param int $timeout
592
+ * @param array $partial
593
  */
594
  function createKey($bits = 1024, $timeout = false, $partial = array())
595
  {
768
  *
769
  * @access private
770
  * @see self::setPrivateKeyFormat()
771
+ * @param Math_BigInteger $n
772
+ * @param Math_BigInteger $e
773
+ * @param Math_BigInteger $d
774
+ * @param array<int,Math_BigInteger> $primes
775
+ * @param array<int,Math_BigInteger> $exponents
776
+ * @param array<int,Math_BigInteger> $coefficients
777
  * @return string
778
  */
779
  function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
936
  );
937
  $key = "openssh-key-v1\0$key";
938
 
939
+ return "-----BEGIN OPENSSH PRIVATE KEY-----\n" .
940
+ chunk_split(base64_encode($key), 70, "\n") .
941
+ "-----END OPENSSH PRIVATE KEY-----\n";
942
  default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
943
  $components = array();
944
  foreach ($raw as $name => $value) {
1066
  *
1067
  * @access private
1068
  * @see self::setPublicKeyFormat()
1069
+ * @param Math_BigInteger $n
1070
+ * @param Math_BigInteger $e
1071
+ * @return string|array<string,Math_BigInteger>
1072
  */
1073
  function _convertPublicKey($n, $e)
1074
  {
1298
  $length = $this->_decodeLength($temp);
1299
  switch ($this->_string_shift($temp, $length)) {
1300
  case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption
1301
+ case "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0A": // rsaPSS
1302
  break;
1303
  case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC
1304
  /*
1631
 
1632
  return $components;
1633
  }
1634
+
1635
+ return false;
1636
  }
1637
 
1638
  /**
1971
  *
1972
  * @see self::getPublicKey()
1973
  * @access public
 
1974
  * @param int $type optional
1975
  */
1976
  function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS8)
2028
  *
2029
  * @see self::getPublicKey()
2030
  * @access public
 
2031
  * @param int $type optional
2032
  * @return mixed
2033
  */
2052
  *
2053
  * @see self::getPrivateKey()
2054
  * @access private
2055
+ * @param int $mode optional
 
2056
  */
2057
  function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS8)
2058
  {
2269
  * of the hash function Hash) and 0.
2270
  *
2271
  * @access public
2272
+ * @param int $sLen
2273
  */
2274
  function setSaltLength($sLen)
2275
  {
2302
  * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}.
2303
  *
2304
  * @access private
2305
+ * @param int|string|resource $x
2306
  * @return Math_BigInteger
2307
  */
2308
  function _os2ip($x)
2529
  *
2530
  * @access private
2531
  * @param string $mgfSeed
2532
+ * @param int $maskLen
2533
  * @return string
2534
  */
2535
  function _mgf1($mgfSeed, $maskLen)
2664
  $offset+= $patternMatch ? 0 : 1;
2665
  }
2666
 
2667
+ // we do | instead of || to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation
2668
  // to protect against timing attacks
2669
+ if (!$hashesMatch | !$patternMatch) {
2670
  user_error('Decryption error');
2671
  return false;
2672
  }
3001
  return $em;
3002
  }
3003
 
3004
+ /**
3005
+ * EMSA-PKCS1-V1_5-ENCODE (without NULL)
3006
+ *
3007
+ * Quoting https://tools.ietf.org/html/rfc8017#page-65,
3008
+ *
3009
+ * "The parameters field associated with id-sha1, id-sha224, id-sha256,
3010
+ * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should
3011
+ * generally be omitted, but if present, it shall have a value of type
3012
+ * NULL"
3013
+ *
3014
+ * @access private
3015
+ * @param string $m
3016
+ * @param int $emLen
3017
+ * @return string
3018
+ */
3019
+ function _emsa_pkcs1_v1_5_encode_without_null($m, $emLen)
3020
+ {
3021
+ $h = $this->hash->hash($m);
3022
+ if ($h === false) {
3023
+ return false;
3024
+ }
3025
+
3026
+ switch ($this->hashName) {
3027
+ case 'sha1':
3028
+ $t = pack('H*', '301f300706052b0e03021a0414');
3029
+ break;
3030
+ case 'sha256':
3031
+ $t = pack('H*', '302f300b06096086480165030402010420');
3032
+ break;
3033
+ case 'sha384':
3034
+ $t = pack('H*', '303f300b06096086480165030402020430');
3035
+ break;
3036
+ case 'sha512':
3037
+ $t = pack('H*', '304f300b06096086480165030402030440');
3038
+ break;
3039
+ default:
3040
+ return false;
3041
+ }
3042
+ $t.= $h;
3043
+ $tLen = strlen($t);
3044
+
3045
+ if ($emLen < $tLen + 11) {
3046
+ user_error('Intended encoded message length too short');
3047
+ return false;
3048
+ }
3049
+
3050
+ $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3);
3051
+
3052
+ $em = "\0\1$ps\0$t";
3053
+
3054
+ return $em;
3055
+ }
3056
+
3057
  /**
3058
  * RSASSA-PKCS1-V1_5-SIGN
3059
  *
3091
  *
3092
  * @access private
3093
  * @param string $m
3094
+ * @param string $s
3095
  * @return string
3096
  */
3097
  function _rsassa_pkcs1_v1_5_verify($m, $s)
3120
  // EMSA-PKCS1-v1_5 encoding
3121
 
3122
  $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
3123
+ $em3 = $this->_emsa_pkcs1_v1_5_encode_without_null($m, $this->k);
3124
+
3125
+ if ($em2 === false && $em3 === false) {
3126
  user_error('RSA modulus too short');
3127
  return false;
3128
  }
3129
 
3130
  // Compare
3131
+
3132
+ return ($em2 !== false && $this->_equals($em, $em2)) ||
3133
+ ($em3 !== false && $this->_equals($em, $em3));
3134
  }
3135
 
3136
  /**
3236
  *
3237
  * @see self::encrypt()
3238
  * @access public
3239
+ * @param string $ciphertext
3240
  * @return string
3241
  */
3242
  function decrypt($ciphertext)
phpseclib/File/ANSI.php CHANGED
@@ -230,8 +230,7 @@ class File_ANSI
230
  /**
231
  * Set the number of lines that should be logged past the terminal height
232
  *
233
- * @param int $x
234
- * @param int $y
235
  * @access public
236
  */
237
  function setHistory($history)
@@ -343,19 +342,20 @@ class File_ANSI
343
  $mods = explode(';', $match[1]);
344
  foreach ($mods as $mod) {
345
  switch ($mod) {
346
- case 0: // Turn off character attributes
 
347
  $attr_cell = clone($this->base_attr_cell);
348
  break;
349
- case 1: // Turn bold mode on
350
  $attr_cell->bold = true;
351
  break;
352
- case 4: // Turn underline mode on
353
  $attr_cell->underline = true;
354
  break;
355
- case 5: // Turn blinking mode on
356
  $attr_cell->blink = true;
357
  break;
358
- case 7: // Turn reverse video on
359
  $attr_cell->reverse = !$attr_cell->reverse;
360
  $temp = $attr_cell->background;
361
  $attr_cell->background = $attr_cell->foreground;
@@ -368,23 +368,23 @@ class File_ANSI
368
  $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' };
369
  switch ($mod) {
370
  // @codingStandardsIgnoreStart
371
- case 30: $front = 'black'; break;
372
- case 31: $front = 'red'; break;
373
- case 32: $front = 'green'; break;
374
- case 33: $front = 'yellow'; break;
375
- case 34: $front = 'blue'; break;
376
- case 35: $front = 'magenta'; break;
377
- case 36: $front = 'cyan'; break;
378
- case 37: $front = 'white'; break;
379
-
380
- case 40: $back = 'black'; break;
381
- case 41: $back = 'red'; break;
382
- case 42: $back = 'green'; break;
383
- case 43: $back = 'yellow'; break;
384
- case 44: $back = 'blue'; break;
385
- case 45: $back = 'magenta'; break;
386
- case 46: $back = 'cyan'; break;
387
- case 47: $back = 'white'; break;
388
  // @codingStandardsIgnoreEnd
389
 
390
  default:
230
  /**
231
  * Set the number of lines that should be logged past the terminal height
232
  *
233
+ * @param int $history
 
234
  * @access public
235
  */
236
  function setHistory($history)
342
  $mods = explode(';', $match[1]);
343
  foreach ($mods as $mod) {
344
  switch ($mod) {
345
+ case '':
346
+ case '0': // Turn off character attributes
347
  $attr_cell = clone($this->base_attr_cell);
348
  break;
349
+ case '1': // Turn bold mode on
350
  $attr_cell->bold = true;
351
  break;
352
+ case '4': // Turn underline mode on
353
  $attr_cell->underline = true;
354
  break;
355
+ case '5': // Turn blinking mode on
356
  $attr_cell->blink = true;
357
  break;
358
+ case '7': // Turn reverse video on
359
  $attr_cell->reverse = !$attr_cell->reverse;
360
  $temp = $attr_cell->background;
361
  $attr_cell->background = $attr_cell->foreground;
368
  $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' };
369
  switch ($mod) {
370
  // @codingStandardsIgnoreStart
371
+ case '30': $front = 'black'; break;
372
+ case '31': $front = 'red'; break;
373
+ case '32': $front = 'green'; break;
374
+ case '33': $front = 'yellow'; break;
375
+ case '34': $front = 'blue'; break;
376
+ case '35': $front = 'magenta'; break;
377
+ case '36': $front = 'cyan'; break;
378
+ case '37': $front = 'white'; break;
379
+
380
+ case '40': $back = 'black'; break;
381
+ case '41': $back = 'red'; break;
382
+ case '42': $back = 'green'; break;
383
+ case '43': $back = 'yellow'; break;
384
+ case '44': $back = 'blue'; break;
385
+ case '45': $back = 'magenta'; break;
386
+ case '46': $back = 'cyan'; break;
387
+ case '47': $back = 'white'; break;
388
  // @codingStandardsIgnoreEnd
389
 
390
  default:
phpseclib/File/ASN1.php CHANGED
@@ -140,7 +140,7 @@ class File_ASN1_Element
140
  * PHP4 compatible Default Constructor.
141
  *
142
  * @see self::__construct()
143
- * @param int $mode
144
  * @access public
145
  */
146
  function File_ASN1_Element($encoded)
@@ -316,8 +316,11 @@ class File_ASN1
316
  {
317
  $current = array('start' => $start);
318
 
 
 
 
319
  $type = ord($encoded[$encoded_pos++]);
320
- $start++;
321
 
322
  $constructed = ($type >> 5) & 1;
323
 
@@ -326,15 +329,28 @@ class File_ASN1
326
  $tag = 0;
327
  // process septets (since the eighth bit is ignored, it's not an octet)
328
  do {
 
 
 
329
  $temp = ord($encoded[$encoded_pos++]);
 
330
  $loop = $temp >> 7;
331
  $tag <<= 7;
332
- $tag |= $temp & 0x7F;
333
- $start++;
 
 
 
 
334
  } while ($loop);
335
  }
336
 
 
 
337
  // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13
 
 
 
338
  $length = ord($encoded[$encoded_pos++]);
339
  $start++;
340
  if ($length == 0x80) { // indefinite length
@@ -426,13 +442,16 @@ class File_ASN1
426
  switch ($tag) {
427
  case FILE_ASN1_TYPE_BOOLEAN:
428
  // "The contents octets shall consist of a single octet." -- paragraph 8.2.1
429
- //if (strlen($content) != 1) {
430
- // return false;
431
- //}
432
  $current['content'] = (bool) ord($content[$content_pos]);
433
  break;
434
  case FILE_ASN1_TYPE_INTEGER:
435
  case FILE_ASN1_TYPE_ENUMERATED:
 
 
 
436
  $current['content'] = new Math_BigInteger(substr($content, $content_pos), -256);
437
  break;
438
  case FILE_ASN1_TYPE_REAL: // not currently supported
@@ -452,15 +471,15 @@ class File_ASN1
452
  $last = count($temp) - 1;
453
  for ($i = 0; $i < $last; $i++) {
454
  // all subtags should be bit strings
455
- //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
456
- // return false;
457
- //}
458
  $current['content'].= substr($temp[$i]['content'], 1);
459
  }
460
  // all subtags should be bit strings
461
- //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
462
- // return false;
463
- //}
464
  $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1);
465
  }
466
  break;
@@ -477,9 +496,9 @@ class File_ASN1
477
  }
478
  $content_pos += $temp['length'];
479
  // all subtags should be octet strings
480
- //if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) {
481
- // return false;
482
- //}
483
  $current['content'].= $temp['content'];
484
  $length+= $temp['length'];
485
  }
@@ -490,12 +509,15 @@ class File_ASN1
490
  break;
491
  case FILE_ASN1_TYPE_NULL:
492
  // "The contents octets shall not contain any octets." -- paragraph 8.8.2
493
- //if (strlen($content)) {
494
- // return false;
495
- //}
496
  break;
497
  case FILE_ASN1_TYPE_SEQUENCE:
498
  case FILE_ASN1_TYPE_SET:
 
 
 
499
  $offset = 0;
500
  $current['content'] = array();
501
  $content_len = strlen($content);
@@ -516,7 +538,13 @@ class File_ASN1
516
  }
517
  break;
518
  case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
 
 
 
519
  $current['content'] = $this->_decodeOID(substr($content, $content_pos));
 
 
 
520
  break;
521
  /* Each character string type shall be encoded as if it had been declared:
522
  [UNIVERSAL x] IMPLICIT OCTET STRING
@@ -546,14 +574,22 @@ class File_ASN1
546
  case FILE_ASN1_TYPE_UTF8_STRING:
547
  // ????
548
  case FILE_ASN1_TYPE_BMP_STRING:
 
 
 
549
  $current['content'] = substr($content, $content_pos);
550
  break;
551
  case FILE_ASN1_TYPE_UTC_TIME:
552
  case FILE_ASN1_TYPE_GENERALIZED_TIME:
 
 
 
553
  $current['content'] = class_exists('DateTime') ?
554
  $this->_decodeDateTime(substr($content, $content_pos), $tag) :
555
  $this->_decodeUnixTime(substr($content, $content_pos), $tag);
 
556
  default:
 
557
  }
558
 
559
  $start+= $length;
@@ -887,7 +923,7 @@ class File_ASN1
887
  *
888
  * @param string $source
889
  * @param string $mapping
890
- * @param int $idx
891
  * @return string
892
  * @access public
893
  */
@@ -903,6 +939,7 @@ class File_ASN1
903
  * @param string $source
904
  * @param string $mapping
905
  * @param int $idx
 
906
  * @return string
907
  * @access private
908
  */
@@ -1065,7 +1102,10 @@ class File_ASN1
1065
  if (!class_exists('DateTime')) {
1066
  $value = @gmdate($format, strtotime($source)) . 'Z';
1067
  } else {
 
1068
  $date = new DateTime($source, new DateTimeZone('GMT'));
 
 
1069
  $value = $date->format($format) . 'Z';
1070
  }
1071
  break;
@@ -1227,6 +1267,11 @@ class File_ASN1
1227
  $oid = array();
1228
  $pos = 0;
1229
  $len = strlen($content);
 
 
 
 
 
1230
  $n = new Math_BigInteger();
1231
  while ($pos < $len) {
1232
  $temp = ord($content[$pos++]);
@@ -1262,7 +1307,7 @@ class File_ASN1
1262
  * Called by _encode_der()
1263
  *
1264
  * @access private
1265
- * @param string $content
1266
  * @return string
1267
  */
1268
  function _encodeOID($source)
140
  * PHP4 compatible Default Constructor.
141
  *
142
  * @see self::__construct()
143
+ * @param string $encoded
144
  * @access public
145
  */
146
  function File_ASN1_Element($encoded)
316
  {
317
  $current = array('start' => $start);
318
 
319
+ if (!isset($encoded[$encoded_pos])) {
320
+ return false;
321
+ }
322
  $type = ord($encoded[$encoded_pos++]);
323
+ $startOffset = 1;
324
 
325
  $constructed = ($type >> 5) & 1;
326
 
329
  $tag = 0;
330
  // process septets (since the eighth bit is ignored, it's not an octet)
331
  do {
332
+ if (!isset($encoded[$encoded_pos])) {
333
+ return false;
334
+ }
335
  $temp = ord($encoded[$encoded_pos++]);
336
+ $startOffset++;
337
  $loop = $temp >> 7;
338
  $tag <<= 7;
339
+ $temp &= 0x7F;
340
+ // "bits 7 to 1 of the first subsequent octet shall not all be zero"
341
+ if ($startOffset == 2 && $temp == 0) {
342
+ return false;
343
+ }
344
+ $tag |= $temp;
345
  } while ($loop);
346
  }
347
 
348
+ $start+= $startOffset;
349
+
350
  // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13
351
+ if (!isset($encoded[$encoded_pos])) {
352
+ return false;
353
+ }
354
  $length = ord($encoded[$encoded_pos++]);
355
  $start++;
356
  if ($length == 0x80) { // indefinite length
442
  switch ($tag) {
443
  case FILE_ASN1_TYPE_BOOLEAN:
444
  // "The contents octets shall consist of a single octet." -- paragraph 8.2.1
445
+ if ($constructed || strlen($content) != 1) {
446
+ return false;
447
+ }
448
  $current['content'] = (bool) ord($content[$content_pos]);
449
  break;
450
  case FILE_ASN1_TYPE_INTEGER:
451
  case FILE_ASN1_TYPE_ENUMERATED:
452
+ if ($constructed) {
453
+ return false;
454
+ }
455
  $current['content'] = new Math_BigInteger(substr($content, $content_pos), -256);
456
  break;
457
  case FILE_ASN1_TYPE_REAL: // not currently supported
471
  $last = count($temp) - 1;
472
  for ($i = 0; $i < $last; $i++) {
473
  // all subtags should be bit strings
474
+ if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
475
+ return false;
476
+ }
477
  $current['content'].= substr($temp[$i]['content'], 1);
478
  }
479
  // all subtags should be bit strings
480
+ if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
481
+ return false;
482
+ }
483
  $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1);
484
  }
485
  break;
496
  }
497
  $content_pos += $temp['length'];
498
  // all subtags should be octet strings
499
+ if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) {
500
+ return false;
501
+ }
502
  $current['content'].= $temp['content'];
503
  $length+= $temp['length'];
504
  }
509
  break;
510
  case FILE_ASN1_TYPE_NULL:
511
  // "The contents octets shall not contain any octets." -- paragraph 8.8.2
512
+ if ($constructed || strlen($content)) {
513
+ return false;
514
+ }
515
  break;
516
  case FILE_ASN1_TYPE_SEQUENCE:
517
  case FILE_ASN1_TYPE_SET:
518
+ if (!$constructed) {
519
+ return false;
520
+ }
521
  $offset = 0;
522
  $current['content'] = array();
523
  $content_len = strlen($content);
538
  }
539
  break;
540
  case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
541
+ if ($constructed) {
542
+ return false;
543
+ }
544
  $current['content'] = $this->_decodeOID(substr($content, $content_pos));
545
+ if ($current['content'] === false) {
546
+ return false;
547
+ }
548
  break;
549
  /* Each character string type shall be encoded as if it had been declared:
550
  [UNIVERSAL x] IMPLICIT OCTET STRING
574
  case FILE_ASN1_TYPE_UTF8_STRING:
575
  // ????
576
  case FILE_ASN1_TYPE_BMP_STRING:
577
+ if ($constructed) {
578
+ return false;
579
+ }
580
  $current['content'] = substr($content, $content_pos);
581
  break;
582
  case FILE_ASN1_TYPE_UTC_TIME:
583
  case FILE_ASN1_TYPE_GENERALIZED_TIME:
584
+ if ($constructed) {
585
+ return false;
586
+ }
587
  $current['content'] = class_exists('DateTime') ?
588
  $this->_decodeDateTime(substr($content, $content_pos), $tag) :
589
  $this->_decodeUnixTime(substr($content, $content_pos), $tag);
590
+ break;
591
  default:
592
+ return false;
593
  }
594
 
595
  $start+= $length;
923
  *
924
  * @param string $source
925
  * @param string $mapping
926
+ * @param array $special
927
  * @return string
928
  * @access public
929
  */
939
  * @param string $source
940
  * @param string $mapping
941
  * @param int $idx
942
+ * @param array $special
943
  * @return string
944
  * @access private
945
  */
1102
  if (!class_exists('DateTime')) {
1103
  $value = @gmdate($format, strtotime($source)) . 'Z';
1104
  } else {
1105
+ // if $source does _not_ include timezone information within it then assume that the timezone is GMT
1106
  $date = new DateTime($source, new DateTimeZone('GMT'));
1107
+ // if $source _does_ include timezone information within it then convert the time to GMT
1108
+ $date->setTimezone(new DateTimeZone('GMT'));
1109
  $value = $date->format($format) . 'Z';
1110
  }
1111
  break;
1267
  $oid = array();
1268
  $pos = 0;
1269
  $len = strlen($content);
1270
+
1271
+ if (ord($content[$len - 1]) & 0x80) {
1272
+ return false;
1273
+ }
1274
+
1275
  $n = new Math_BigInteger();
1276
  while ($pos < $len) {
1277
  $temp = ord($content[$pos++]);
1307
  * Called by _encode_der()
1308
  *
1309
  * @access private
1310
+ * @param string $source
1311
  * @return string
1312
  */
1313
  function _encodeOID($source)
phpseclib/File/X509.php CHANGED
@@ -1638,7 +1638,7 @@ class File_X509
1638
  * Map extension values from octet string to extension-specific internal
1639
  * format.
1640
  *
1641
- * @param array ref $root
1642
  * @param string $path
1643
  * @param object $asn1
1644
  * @access private
@@ -1652,7 +1652,6 @@ class File_X509
1652
  $id = $extensions[$i]['extnId'];
1653
  $value = &$extensions[$i]['extnValue'];
1654
  $value = base64_decode($value);
1655
- $decoded = $asn1->decodeBER($value);
1656
  /* [extnValue] contains the DER encoding of an ASN.1 value
1657
  corresponding to the extension type identified by extnID */
1658
  $map = $this->_getMapping($id);
@@ -1660,6 +1659,7 @@ class File_X509
1660
  $decoder = $id == 'id-ce-nameConstraints' ?
1661
  array($this, '_decodeNameConstraintIP') :
1662
  array($this, '_decodeIP');
 
1663
  $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => $decoder));
1664
  $value = $mapped === false ? $decoded[0] : $mapped;
1665
 
@@ -1691,7 +1691,7 @@ class File_X509
1691
  * Map extension values from extension-specific internal format to
1692
  * octet string.
1693
  *
1694
- * @param array ref $root
1695
  * @param string $path
1696
  * @param object $asn1
1697
  * @access private
@@ -1757,7 +1757,7 @@ class File_X509
1757
  * Map attribute values from ANY type to attribute-specific internal
1758
  * format.
1759
  *
1760
- * @param array ref $root
1761
  * @param string $path
1762
  * @param object $asn1
1763
  * @access private
@@ -1798,7 +1798,7 @@ class File_X509
1798
  * Map attribute values from attribute-specific internal format to
1799
  * ANY type.
1800
  *
1801
- * @param array ref $root
1802
  * @param string $path
1803
  * @param object $asn1
1804
  * @access private
@@ -1841,7 +1841,7 @@ class File_X509
1841
  * Map DN values from ANY type to DN-specific internal
1842
  * format.
1843
  *
1844
- * @param array ref $root
1845
  * @param string $path
1846
  * @param object $asn1
1847
  * @access private
@@ -1871,7 +1871,7 @@ class File_X509
1871
  * Map DN values from DN-specific internal format to
1872
  * ANY type.
1873
  *
1874
- * @param array ref $root
1875
  * @param string $path
1876
  * @param object $asn1
1877
  * @access private
@@ -3243,7 +3243,8 @@ class File_X509
3243
  /**
3244
  * Load a Certificate Signing Request
3245
  *
3246
- * @param string $csr
 
3247
  * @access public
3248
  * @return mixed
3249
  */
@@ -3383,7 +3384,7 @@ class File_X509
3383
  *
3384
  * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen
3385
  *
3386
- * @param string $csr
3387
  * @access public
3388
  * @return mixed
3389
  */
@@ -3457,7 +3458,7 @@ class File_X509
3457
  /**
3458
  * Save a SPKAC CSR request
3459
  *
3460
- * @param array $csr
3461
  * @param int $format optional
3462
  * @access public
3463
  * @return string
@@ -3501,6 +3502,7 @@ class File_X509
3501
  * Load a Certificate Revocation List
3502
  *
3503
  * @param string $crl
 
3504
  * @access public
3505
  * @return mixed
3506
  */
@@ -4114,7 +4116,6 @@ class File_X509
4114
  * X.509 certificate signing helper function.
4115
  *
4116
  * @param object $key
4117
- * @param File_X509 $subject
4118
  * @param string $signatureAlgorithm
4119
  * @access public
4120
  * @return mixed
@@ -4192,7 +4193,7 @@ class File_X509
4192
  * Set Serial Number
4193
  *
4194
  * @param string $serial
4195
- * @param $base optional
4196
  * @access public
4197
  */
4198
  function setSerialNumber($serial, $base = -256)
@@ -4866,7 +4867,6 @@ class File_X509
4866
  * Set the IP Addresses's which the cert is to be valid for
4867
  *
4868
  * @access public
4869
- * @param string $ipAddress optional
4870
  */
4871
  function setIPAddress()
4872
  {
@@ -5144,11 +5144,16 @@ class File_X509
5144
  * subject=/O=organization/OU=org unit/CN=common name
5145
  * issuer=/O=organization/CN=common name
5146
  */
5147
- $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
5148
- // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
5149
- $temp = preg_replace('#-+[^-]+-+#', '', $temp);
 
 
 
5150
  // remove new lines
5151
  $temp = str_replace(array("\r", "\n", ' '), '', $temp);
 
 
5152
  $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
5153
  return $temp != false ? $temp : $str;
5154
  }
1638
  * Map extension values from octet string to extension-specific internal
1639
  * format.
1640
  *
1641
+ * @param array $root (by reference)
1642
  * @param string $path
1643
  * @param object $asn1
1644
  * @access private
1652
  $id = $extensions[$i]['extnId'];
1653
  $value = &$extensions[$i]['extnValue'];
1654
  $value = base64_decode($value);
 
1655
  /* [extnValue] contains the DER encoding of an ASN.1 value
1656
  corresponding to the extension type identified by extnID */
1657
  $map = $this->_getMapping($id);
1659
  $decoder = $id == 'id-ce-nameConstraints' ?
1660
  array($this, '_decodeNameConstraintIP') :
1661
  array($this, '_decodeIP');
1662
+ $decoded = $asn1->decodeBER($value);
1663
  $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => $decoder));
1664
  $value = $mapped === false ? $decoded[0] : $mapped;
1665
 
1691
  * Map extension values from extension-specific internal format to
1692
  * octet string.
1693
  *
1694
+ * @param array $root (by reference)
1695
  * @param string $path
1696
  * @param object $asn1
1697
  * @access private
1757
  * Map attribute values from ANY type to attribute-specific internal
1758
  * format.
1759
  *
1760
+ * @param array $root (by reference)
1761
  * @param string $path
1762
  * @param object $asn1
1763
  * @access private
1798
  * Map attribute values from attribute-specific internal format to
1799
  * ANY type.
1800
  *
1801
+ * @param array $root (by reference)
1802
  * @param string $path
1803
  * @param object $asn1
1804
  * @access private
1841
  * Map DN values from ANY type to DN-specific internal
1842
  * format.
1843
  *
1844
+ * @param array $root (by reference)
1845
  * @param string $path
1846
  * @param object $asn1
1847
  * @access private
1871
  * Map DN values from DN-specific internal format to
1872
  * ANY type.
1873
  *
1874
+ * @param array $root (by reference)
1875
  * @param string $path
1876
  * @param object $asn1
1877
  * @access private
3243
  /**
3244
  * Load a Certificate Signing Request
3245
  *
3246
+ * @param string|array $csr
3247
+ * @param int $mode
3248
  * @access public
3249
  * @return mixed
3250
  */
3384
  *
3385
  * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen
3386
  *
3387
+ * @param string|array $spkac
3388
  * @access public
3389
  * @return mixed
3390
  */
3458
  /**
3459
  * Save a SPKAC CSR request
3460
  *
3461
+ * @param string|array $spkac
3462
  * @param int $format optional
3463
  * @access public
3464
  * @return string
3502
  * Load a Certificate Revocation List
3503
  *
3504
  * @param string $crl
3505
+ * @param int $mode
3506
  * @access public
3507
  * @return mixed
3508
  */
4116
  * X.509 certificate signing helper function.
4117
  *
4118
  * @param object $key
 
4119
  * @param string $signatureAlgorithm
4120
  * @access public
4121
  * @return mixed
4193
  * Set Serial Number
4194
  *
4195
  * @param string $serial
4196
+ * @param int $base optional
4197
  * @access public
4198
  */
4199
  function setSerialNumber($serial, $base = -256)
4867
  * Set the IP Addresses's which the cert is to be valid for
4868
  *
4869
  * @access public
 
4870
  */
4871
  function setIPAddress()
4872
  {
5144
  * subject=/O=organization/OU=org unit/CN=common name
5145
  * issuer=/O=organization/CN=common name
5146
  */
5147
+ if (strlen($str) > ini_get('pcre.backtrack_limit')) {
5148
+ $temp = $str;
5149
+ } else {
5150
+ $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
5151
+ $temp = preg_replace('#-+END.*[\r\n ]*.*#ms', '', $temp, 1);
5152
+ }
5153
  // remove new lines
5154
  $temp = str_replace(array("\r", "\n", ' '), '', $temp);
5155
+ // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
5156
+ $temp = preg_replace('#^-+[^-]+-+|-+[^-]+-+$#', '', $temp);
5157
  $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
5158
  return $temp != false ? $temp : $str;
5159
  }
phpseclib/Math/BigInteger.php CHANGED
@@ -237,7 +237,7 @@ class Math_BigInteger
237
  * ?>
238
  * </code>
239
  *
240
- * @param $x base-10 number or base-$base number if $base set.
241
  * @param int $base
242
  * @return Math_BigInteger
243
  * @access public
@@ -257,7 +257,7 @@ class Math_BigInteger
257
  }
258
  }
259
 
260
- if (extension_loaded('openssl') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) {
261
  // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
262
  ob_start();
263
  @phpinfo();
@@ -673,11 +673,11 @@ class Math_BigInteger
673
  {
674
  $hex = $this->toHex($twos_compliment);
675
  $bits = '';
676
- for ($i = strlen($hex) - 8, $start = strlen($hex) & 7; $i >= $start; $i-=8) {
677
- $bits = str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT) . $bits;
678
  }
679
  if ($start) { // hexdec('') == 0
680
- $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8, '0', STR_PAD_LEFT) . $bits;
681
  }
682
  $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0');
683
 
@@ -2021,7 +2021,7 @@ class Math_BigInteger
2021
  *
2022
  * @see self::_slidingWindow()
2023
  * @access private
2024
- * @param Math_BigInteger
2025
  * @return Math_BigInteger
2026
  */
2027
  function _mod2($n)
@@ -3136,7 +3136,7 @@ class Math_BigInteger
3136
  *
3137
  * Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not.
3138
  *
3139
- * @param int $length
3140
  * @return Math_BigInteger
3141
  * @access private
3142
  */
@@ -3603,7 +3603,7 @@ class Math_BigInteger
3603
  *
3604
  * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision
3605
  *
3606
- * @param Math_BigInteger
3607
  * @return Math_BigInteger
3608
  * @see self::_trim()
3609
  * @access private
@@ -3680,8 +3680,8 @@ class Math_BigInteger
3680
  /**
3681
  * Array Repeat
3682
  *
3683
- * @param $input Array
3684
- * @param $multiplier mixed
3685
  * @return array
3686
  * @access private
3687
  */
@@ -3695,8 +3695,8 @@ class Math_BigInteger
3695
  *
3696
  * Shifts binary strings $shift bits, essentially multiplying by 2**$shift.
3697
  *
3698
- * @param $x String
3699
- * @param $shift Integer
3700
  * @return string
3701
  * @access private
3702
  */
@@ -3724,8 +3724,8 @@ class Math_BigInteger
3724
  *
3725
  * Shifts binary strings $shift bits, essentially dividing by 2**$shift and returning the remainder.
3726
  *
3727
- * @param $x String
3728
- * @param $shift Integer
3729
  * @return string
3730
  * @access private
3731
  */
237
  * ?>
238
  * </code>
239
  *
240
+ * @param int|string|resource $x base-10 number or base-$base number if $base set.
241
  * @param int $base
242
  * @return Math_BigInteger
243
  * @access public
257
  }
258
  }
259
 
260
+ if (function_exists('phpinfo') && extension_loaded('openssl') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) {
261
  // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
262
  ob_start();
263
  @phpinfo();
673
  {
674
  $hex = $this->toHex($twos_compliment);
675
  $bits = '';
676
+ for ($i = strlen($hex) - 6, $start = strlen($hex) % 6; $i >= $start; $i-=6) {
677
+ $bits = str_pad(decbin(hexdec(substr($hex, $i, 6))), 24, '0', STR_PAD_LEFT) . $bits;
678
  }
679
  if ($start) { // hexdec('') == 0
680
+ $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8 * $start, '0', STR_PAD_LEFT) . $bits;
681
  }
682
  $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0');
683
 
2021
  *
2022
  * @see self::_slidingWindow()
2023
  * @access private
2024
+ * @param Math_BigInteger $n
2025
  * @return Math_BigInteger
2026
  */
2027
  function _mod2($n)
3136
  *
3137
  * Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not.
3138
  *
3139
+ * @param int $size
3140
  * @return Math_BigInteger
3141
  * @access private
3142
  */
3603
  *
3604
  * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision
3605
  *
3606
+ * @param Math_BigInteger $result
3607
  * @return Math_BigInteger
3608
  * @see self::_trim()
3609
  * @access private
3680
  /**
3681
  * Array Repeat
3682
  *
3683
+ * @param array $input
3684
+ * @param mixed $multiplier
3685
  * @return array
3686
  * @access private
3687
  */
3695
  *
3696
  * Shifts binary strings $shift bits, essentially multiplying by 2**$shift.
3697
  *
3698
+ * @param string $x (by reference)
3699
+ * @param int $shift
3700
  * @return string
3701
  * @access private
3702
  */
3724
  *
3725
  * Shifts binary strings $shift bits, essentially dividing by 2**$shift and returning the remainder.
3726
  *
3727
+ * @param string $x (by referenc)
3728
+ * @param int $shift
3729
  * @return string
3730
  * @access private
3731
  */
phpseclib/Net/SFTP.php CHANGED
@@ -5,9 +5,7 @@
5
  *
6
  * PHP versions 4 and 5
7
  *
8
- * Currently only supports SFTPv2 and v3, which, according to wikipedia.org, "is the most widely used version,
9
- * implemented by the popular OpenSSH SFTP server". If you want SFTPv4/5/6 support, provide me with access
10
- * to an SFTPv4/5/6 server.
11
  *
12
  * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
13
  *
@@ -195,6 +193,24 @@ class Net_SFTP extends Net_SSH2
195
  */
196
  var $version;
197
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
198
  /**
199
  * Current working directory
200
  *
@@ -300,6 +316,49 @@ class Net_SFTP extends Net_SSH2
300
  */
301
  var $requestBuffer = array();
302
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
303
  /**
304
  * Default Constructor.
305
  *
@@ -320,15 +379,13 @@ class Net_SFTP extends Net_SSH2
320
  $this->packet_types = array(
321
  1 => 'NET_SFTP_INIT',
322
  2 => 'NET_SFTP_VERSION',
323
- /* the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+:
324
- SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1
325
- pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 */
326
  3 => 'NET_SFTP_OPEN',
327
  4 => 'NET_SFTP_CLOSE',
328
  5 => 'NET_SFTP_READ',
329
  6 => 'NET_SFTP_WRITE',
330
  7 => 'NET_SFTP_LSTAT',
331
  9 => 'NET_SFTP_SETSTAT',
 
332
  11 => 'NET_SFTP_OPENDIR',
333
  12 => 'NET_SFTP_READDIR',
334
  13 => 'NET_SFTP_REMOVE',
@@ -336,18 +393,13 @@ class Net_SFTP extends Net_SSH2
336
  15 => 'NET_SFTP_RMDIR',
337
  16 => 'NET_SFTP_REALPATH',
338
  17 => 'NET_SFTP_STAT',
339
- /* the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+:
340
- SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
341
- pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */
342
  18 => 'NET_SFTP_RENAME',
343
  19 => 'NET_SFTP_READLINK',
344
  20 => 'NET_SFTP_SYMLINK',
 
345
 
346
  101=> 'NET_SFTP_STATUS',
347
  102=> 'NET_SFTP_HANDLE',
348
- /* the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+:
349
- SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4
350
- pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 */
351
  103=> 'NET_SFTP_DATA',
352
  104=> 'NET_SFTP_NAME',
353
  105=> 'NET_SFTP_ATTRS',
@@ -392,25 +444,59 @@ class Net_SFTP extends Net_SSH2
392
  // the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why
393
  $this->attributes = array(
394
  0x00000001 => 'NET_SFTP_ATTR_SIZE',
395
- 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+
 
396
  0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS',
397
  0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME',
 
 
 
 
 
 
 
 
 
 
 
398
  // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers
399
  // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in
400
  // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000.
401
  // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored.
402
  (-1 << 31) & 0xFFFFFFFF => 'NET_SFTP_ATTR_EXTENDED'
403
  );
404
- // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3
405
- // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name
406
- // the array for that $this->open5_flags and similarly alter the constant names.
407
  $this->open_flags = array(
408
  0x00000001 => 'NET_SFTP_OPEN_READ',
409
  0x00000002 => 'NET_SFTP_OPEN_WRITE',
410
  0x00000004 => 'NET_SFTP_OPEN_APPEND',
411
  0x00000008 => 'NET_SFTP_OPEN_CREATE',
412
  0x00000010 => 'NET_SFTP_OPEN_TRUNCATE',
413
- 0x00000020 => 'NET_SFTP_OPEN_EXCL'
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
414
  );
415
  // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2
416
  // see Net_SFTP::_parseLongname() for an explanation
@@ -432,6 +518,7 @@ class Net_SFTP extends Net_SSH2
432
  $this->status_codes,
433
  $this->attributes,
434
  $this->open_flags,
 
435
  $this->file_types
436
  );
437
 
@@ -458,23 +545,32 @@ class Net_SFTP extends Net_SSH2
458
  }
459
 
460
  /**
461
- * Login
462
  *
463
- * @param string $username
464
- * @param string $password
465
  * @return bool
466
  * @access public
467
  */
468
- function login($username)
469
  {
470
- $args = func_get_args();
471
- $callback = version_compare(PHP_VERSION, '5.3.0') < 0 ?
472
- array(&$this, 'parent::login') :
473
- 'parent::login';
474
- if (!call_user_func_array($callback, $args)) {
475
  return false;
476
  }
477
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
478
  $this->window_size_server_to_client[NET_SFTP_CHANNEL] = $this->window_size;
479
 
480
  $packet = pack(
@@ -496,6 +592,8 @@ class Net_SFTP extends Net_SSH2
496
  $response = $this->_get_channel_packet(NET_SFTP_CHANNEL, true);
497
  if ($response === false) {
498
  return false;
 
 
499
  }
500
 
501
  $packet = pack(
@@ -542,6 +640,8 @@ class Net_SFTP extends Net_SSH2
542
  if ($response === false) {
543
  return false;
544
  }
 
 
545
  }
546
 
547
  $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA;
@@ -556,11 +656,13 @@ class Net_SFTP extends Net_SSH2
556
  return false;
557
  }
558
 
 
 
559
  if (strlen($response) < 4) {
560
  return false;
561
  }
562
  extract(unpack('Nversion', $this->_string_shift($response, 4)));
563
- $this->version = $version;
564
  while (!empty($response)) {
565
  if (strlen($response) < 4) {
566
  return false;
@@ -575,21 +677,22 @@ class Net_SFTP extends Net_SSH2
575
  $this->extensions[$key] = $value;
576
  }
577
 
578
- /*
579
- SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com',
580
- however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's
581
- not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for
582
- one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that
583
- 'newline@vandyke.com' would.
584
- */
585
- /*
586
- if (isset($this->extensions['newline@vandyke.com'])) {
587
- $this->extensions['newline'] = $this->extensions['newline@vandyke.com'];
588
- unset($this->extensions['newline@vandyke.com']);
589
- }
590
- */
591
 
592
- $this->use_request_id = true;
 
 
 
 
 
 
 
 
 
 
 
 
 
593
 
594
  /*
595
  A Note on SFTPv4/5/6 support:
@@ -614,12 +717,60 @@ class Net_SFTP extends Net_SSH2
614
  in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what Net_SFTP would do is close the
615
  channel and reopen it with a new and updated SSH_FXP_INIT packet.
616
  */
617
- switch ($this->version) {
618
- case 2:
619
- case 3:
620
- break;
621
- default:
622
- return false;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
623
  }
624
 
625
  $this->pwd = $this->_realpath('.');
@@ -679,6 +830,26 @@ class Net_SFTP extends Net_SSH2
679
  $this->canonicalize_paths = false;
680
  }
681
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
682
  /**
683
  * Returns the current directory name
684
  *
@@ -687,6 +858,10 @@ class Net_SFTP extends Net_SSH2
687
  */
688
  function pwd()
689
  {
 
 
 
 
690
  return $this->pwd;
691
  }
692
 
@@ -728,6 +903,10 @@ class Net_SFTP extends Net_SSH2
728
  */
729
  function realpath($path)
730
  {
 
 
 
 
731
  return $this->_realpath($path);
732
  }
733
 
@@ -810,7 +989,7 @@ class Net_SFTP extends Net_SSH2
810
  */
811
  function chdir($dir)
812
  {
813
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
814
  return false;
815
  }
816
 
@@ -967,7 +1146,7 @@ class Net_SFTP extends Net_SSH2
967
  */
968
  function _list($dir, $raw = true)
969
  {
970
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
971
  return false;
972
  }
973
 
@@ -1022,13 +1201,17 @@ class Net_SFTP extends Net_SSH2
1022
  }
1023
  extract(unpack('Nlength', $this->_string_shift($response, 4)));
1024
  $shortname = $this->_string_shift($response, $length);
1025
- if (strlen($response) < 4) {
1026
- return false;
 
 
 
 
 
 
1027
  }
1028
- extract(unpack('Nlength', $this->_string_shift($response, 4)));
1029
- $longname = $this->_string_shift($response, $length);
1030
  $attributes = $this->_parseAttributes($response);
1031
- if (!isset($attributes['type'])) {
1032
  $fileType = $this->_parseLongname($longname);
1033
  if ($fileType) {
1034
  $attributes['type'] = $fileType;
@@ -1074,7 +1257,7 @@ class Net_SFTP extends Net_SSH2
1074
  uasort($contents, array(&$this, '_comparator'));
1075
  }
1076
 
1077
- return $raw ? $contents : array_keys($contents);
1078
  }
1079
 
1080
  /**
@@ -1188,10 +1371,6 @@ class Net_SFTP extends Net_SSH2
1188
  */
1189
  function size($filename)
1190
  {
1191
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1192
- return false;
1193
- }
1194
-
1195
  $result = $this->stat($filename);
1196
  if ($result === false) {
1197
  return false;
@@ -1276,7 +1455,7 @@ class Net_SFTP extends Net_SSH2
1276
  *
1277
  * Mainly used by file_exists
1278
  *
1279
- * @param string $dir
1280
  * @return mixed
1281
  * @access private
1282
  */
@@ -1308,7 +1487,7 @@ class Net_SFTP extends Net_SSH2
1308
  */
1309
  function stat($filename)
1310
  {
1311
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1312
  return false;
1313
  }
1314
 
@@ -1365,7 +1544,7 @@ class Net_SFTP extends Net_SSH2
1365
  */
1366
  function lstat($filename)
1367
  {
1368
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1369
  return false;
1370
  }
1371
 
@@ -1479,7 +1658,7 @@ class Net_SFTP extends Net_SSH2
1479
  */
1480
  function touch($filename, $time = null, $atime = null)
1481
  {
1482
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1483
  return false;
1484
  }
1485
 
@@ -1495,9 +1674,25 @@ class Net_SFTP extends Net_SSH2
1495
  $atime = $time;
1496
  }
1497
 
1498
- $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL;
1499
- $attr = pack('N3', NET_SFTP_ATTR_ACCESSTIME, $time, $atime);
1500
- $packet = pack('Na*Na*', strlen($filename), $filename, $flags, $attr);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1501
  if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
1502
  return false;
1503
  }
@@ -1520,19 +1715,47 @@ class Net_SFTP extends Net_SSH2
1520
  /**
1521
  * Changes file or directory owner
1522
  *
 
 
 
 
 
1523
  * Returns true on success or false on error.
1524
  *
1525
  * @param string $filename
1526
- * @param int $uid
1527
  * @param bool $recursive
1528
  * @return bool
1529
  * @access public
1530
  */
1531
  function chown($filename, $uid, $recursive = false)
1532
  {
1533
- // quoting from <http://www.kernel.org/doc/man-pages/online/pages/man2/chown.2.html>,
1534
- // "if the owner or group is specified as -1, then that ID is not changed"
1535
- $attr = pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1536
 
1537
  return $this->_setstat($filename, $attr, $recursive);
1538
  }
@@ -1540,17 +1763,24 @@ class Net_SFTP extends Net_SSH2
1540
  /**
1541
  * Changes file or directory group
1542
  *
 
 
 
 
 
1543
  * Returns true on success or false on error.
1544
  *
1545
  * @param string $filename
1546
- * @param int $gid
1547
  * @param bool $recursive
1548
  * @return bool
1549
  * @access public
1550
  */
1551
  function chgrp($filename, $gid, $recursive = false)
1552
  {
1553
- $attr = pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid);
 
 
1554
 
1555
  return $this->_setstat($filename, $attr, $recursive);
1556
  }
@@ -1617,7 +1847,7 @@ class Net_SFTP extends Net_SSH2
1617
  */
1618
  function _setstat($filename, $attr, $recursive)
1619
  {
1620
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1621
  return false;
1622
  }
1623
 
@@ -1635,9 +1865,10 @@ class Net_SFTP extends Net_SSH2
1635
  return $result;
1636
  }
1637
 
1638
- // SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to
1639
- // SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT.
1640
- if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) {
 
1641
  return false;
1642
  }
1643
 
@@ -1707,7 +1938,10 @@ class Net_SFTP extends Net_SSH2
1707
  return false;
1708
  }
1709
  } else {
1710
- if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($temp), $temp, $attr))) {
 
 
 
1711
  return false;
1712
  }
1713
 
@@ -1722,7 +1956,10 @@ class Net_SFTP extends Net_SSH2
1722
  }
1723
  }
1724
 
1725
- if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($path), $path, $attr))) {
 
 
 
1726
  return false;
1727
  }
1728
 
@@ -1747,7 +1984,7 @@ class Net_SFTP extends Net_SSH2
1747
  */
1748
  function readlink($link)
1749
  {
1750
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1751
  return false;
1752
  }
1753
 
@@ -1797,15 +2034,44 @@ class Net_SFTP extends Net_SSH2
1797
  */
1798
  function symlink($target, $link)
1799
  {
1800
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1801
  return false;
1802
  }
1803
 
1804
  //$target = $this->_realpath($target);
1805
  $link = $this->_realpath($link);
1806
 
1807
- $packet = pack('Na*Na*', strlen($target), $target, strlen($link), $link);
1808
- if (!$this->_send_sftp_packet(NET_SFTP_SYMLINK, $packet)) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1809
  return false;
1810
  }
1811
 
@@ -1831,12 +2097,14 @@ class Net_SFTP extends Net_SSH2
1831
  * Creates a directory.
1832
  *
1833
  * @param string $dir
 
 
1834
  * @return bool
1835
  * @access public
1836
  */
1837
  function mkdir($dir, $mode = -1, $recursive = false)
1838
  {
1839
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1840
  return false;
1841
  }
1842
 
@@ -1863,6 +2131,7 @@ class Net_SFTP extends Net_SSH2
1863
  * Helper function for directory creation
1864
  *
1865
  * @param string $dir
 
1866
  * @return bool
1867
  * @access private
1868
  */
@@ -1904,7 +2173,7 @@ class Net_SFTP extends Net_SSH2
1904
  */
1905
  function rmdir($dir)
1906
  {
1907
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1908
  return false;
1909
  }
1910
 
@@ -1955,7 +2224,6 @@ class Net_SFTP extends Net_SSH2
1955
  *
1956
  * If $data is a resource then it'll be used as a resource instead.
1957
  *
1958
- *
1959
  * Setting $mode to NET_SFTP_CALLBACK will use $data as callback function, which gets only one parameter -- number
1960
  * of bytes to return, and returns a string if there is some data or null if there is no more data
1961
  *
@@ -1991,7 +2259,7 @@ class Net_SFTP extends Net_SSH2
1991
  */
1992
  function put($remote_file, $data, $mode = NET_SFTP_STRING, $start = -1, $local_start = -1, $progressCallback = null)
1993
  {
1994
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
1995
  return false;
1996
  }
1997
 
@@ -2002,10 +2270,14 @@ class Net_SFTP extends Net_SSH2
2002
 
2003
  $this->_remove_from_stat_cache($remote_file);
2004
 
2005
- $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE;
2006
- // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file."
2007
- // in practice, it doesn't seem to do that.
2008
- //$flags|= ($mode & NET_SFTP_RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE;
 
 
 
 
2009
 
2010
  if ($start >= 0) {
2011
  $offset = $start;
@@ -2015,10 +2287,17 @@ class Net_SFTP extends Net_SSH2
2015
  $offset = $size !== false ? $size : 0;
2016
  } else {
2017
  $offset = 0;
2018
- $flags|= NET_SFTP_OPEN_TRUNCATE;
 
 
 
 
2019
  }
2020
 
2021
- $packet = pack('Na*N2', strlen($remote_file), $remote_file, $flags, 0);
 
 
 
2022
  if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
2023
  return false;
2024
  }
@@ -2085,8 +2364,8 @@ class Net_SFTP extends Net_SSH2
2085
  $sent = 0;
2086
  $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
2087
 
2088
- $sftp_packet_size = 4096; // PuTTY uses 4096
2089
- // make the SFTP packet be exactly 4096 bytes by including the bytes in the NET_SFTP_WRITE packets "header"
2090
  $sftp_packet_size-= strlen($handle) + 25;
2091
  $i = $j = 0;
2092
  while ($dataCallback || ($size === 0 || $sent < $size)) {
@@ -2127,6 +2406,8 @@ class Net_SFTP extends Net_SSH2
2127
  }
2128
  }
2129
 
 
 
2130
  if (!$this->_read_put_responses($i)) {
2131
  if ($mode & NET_SFTP_LOCAL_FILE) {
2132
  fclose($fp);
@@ -2136,10 +2417,32 @@ class Net_SFTP extends Net_SSH2
2136
  }
2137
 
2138
  if ($mode & NET_SFTP_LOCAL_FILE) {
2139
- fclose($fp);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2140
  }
2141
 
2142
- return $this->_close_handle($handle);
2143
  }
2144
 
2145
  /**
@@ -2226,7 +2529,7 @@ class Net_SFTP extends Net_SSH2
2226
  */
2227
  function get($remote_file, $local_file = false, $offset = 0, $length = -1, $progressCallback = null)
2228
  {
2229
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
2230
  return false;
2231
  }
2232
 
@@ -2235,7 +2538,10 @@ class Net_SFTP extends Net_SSH2
2235
  return false;
2236
  }
2237
 
2238
- $packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0);
 
 
 
2239
  if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
2240
  return false;
2241
  }
@@ -2259,7 +2565,7 @@ class Net_SFTP extends Net_SSH2
2259
  $res_offset = $stat['size'];
2260
  } else {
2261
  $res_offset = 0;
2262
- if ($local_file !== false) {
2263
  $fp = fopen($local_file, 'wb');
2264
  if (!$fp) {
2265
  return false;
@@ -2269,7 +2575,7 @@ class Net_SFTP extends Net_SSH2
2269
  }
2270
  }
2271
 
2272
- $fclose_check = $local_file !== false && !is_resource($local_file);
2273
 
2274
  $start = $offset;
2275
  $read = 0;
@@ -2290,9 +2596,6 @@ class Net_SFTP extends Net_SSH2
2290
  }
2291
  $packet = null;
2292
  $read+= $packet_size;
2293
- if (is_callable($progressCallback)) {
2294
- call_user_func($progressCallback, $read);
2295
- }
2296
  $i++;
2297
  }
2298
 
@@ -2319,9 +2622,14 @@ class Net_SFTP extends Net_SSH2
2319
  $offset+= strlen($temp);
2320
  if ($local_file === false) {
2321
  $content.= $temp;
 
 
2322
  } else {
2323
  fputs($fp, $temp);
2324
  }
 
 
 
2325
  $temp = null;
2326
  break;
2327
  case NET_SFTP_STATUS:
@@ -2333,7 +2641,14 @@ class Net_SFTP extends Net_SSH2
2333
  if ($fclose_check) {
2334
  fclose($fp);
2335
  }
2336
- user_error('Expected SSH_FX_DATA or SSH_FXP_STATUS');
 
 
 
 
 
 
 
2337
  }
2338
  $response = null;
2339
  }
@@ -2353,6 +2668,11 @@ class Net_SFTP extends Net_SSH2
2353
 
2354
  if ($fclose_check) {
2355
  fclose($fp);
 
 
 
 
 
2356
  }
2357
 
2358
  if (!$this->_close_handle($handle)) {
@@ -2373,7 +2693,7 @@ class Net_SFTP extends Net_SSH2
2373
  */
2374
  function delete($path, $recursive = true)
2375
  {
2376
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
2377
  return false;
2378
  }
2379
 
@@ -2502,6 +2822,10 @@ class Net_SFTP extends Net_SSH2
2502
  function file_exists($path)
2503
  {
2504
  if ($this->use_stat_cache) {
 
 
 
 
2505
  $path = $this->_realpath($path);
2506
 
2507
  $result = $this->_query_stat_cache($path);
@@ -2572,6 +2896,10 @@ class Net_SFTP extends Net_SSH2
2572
  */
2573
  function is_readable($path)
2574
  {
 
 
 
 
2575
  $path = $this->_realpath($path);
2576
 
2577
  $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_READ, 0);
@@ -2600,6 +2928,10 @@ class Net_SFTP extends Net_SSH2
2600
  */
2601
  function is_writable($path)
2602
  {
 
 
 
 
2603
  $path = $this->_realpath($path);
2604
 
2605
  $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_WRITE, 0);
@@ -2774,11 +3106,16 @@ class Net_SFTP extends Net_SSH2
2774
  *
2775
  * @param string $path
2776
  * @param string $prop
 
2777
  * @return mixed
2778
  * @access private
2779
  */
2780
  function _get_xstat_cache_prop($path, $prop, $type)
2781
  {
 
 
 
 
2782
  if ($this->use_stat_cache) {
2783
  $path = $this->_realpath($path);
2784
 
@@ -2799,7 +3136,9 @@ class Net_SFTP extends Net_SSH2
2799
  }
2800
 
2801
  /**
2802
- * Renames a file or a directory on the SFTP server
 
 
2803
  *
2804
  * @param string $oldname
2805
  * @param string $newname
@@ -2808,7 +3147,7 @@ class Net_SFTP extends Net_SSH2
2808
  */
2809
  function rename($oldname, $newname)
2810
  {
2811
- if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
2812
  return false;
2813
  }
2814
 
@@ -2820,6 +3159,18 @@ class Net_SFTP extends Net_SSH2
2820
 
2821
  // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
2822
  $packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname);
 
 
 
 
 
 
 
 
 
 
 
 
2823
  if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) {
2824
  return false;
2825
  }
@@ -2849,6 +3200,31 @@ class Net_SFTP extends Net_SSH2
2849
  return true;
2850
  }
2851
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2852
  /**
2853
  * Parse Attributes
2854
  *
@@ -2860,16 +3236,56 @@ class Net_SFTP extends Net_SSH2
2860
  */
2861
  function _parseAttributes(&$response)
2862
  {
 
 
 
 
 
 
 
 
2863
  $attr = array();
2864
- if (strlen($response) < 4) {
2865
  user_error('Malformed file attributes');
2866
  return array();
2867
  }
2868
- extract(unpack('Nflags', $this->_string_shift($response, 4)));
2869
- // SFTPv4+ have a type field (a byte) that follows the above flag field
 
 
2870
  foreach ($this->attributes as $key => $value) {
2871
  switch ($flags & $key) {
2872
- case NET_SFTP_ATTR_SIZE: // 0x00000001
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2873
  // The size attribute is defined as an unsigned 64-bit integer.
2874
  // The following will use floats on 32-bit platforms, if necessary.
2875
  // As can be seen in the BigInteger class, floats are generally
@@ -2878,14 +3294,14 @@ class Net_SFTP extends Net_SSH2
2878
  // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB.
2879
  $attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8)));
2880
  break;
2881
- case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
2882
  if (strlen($response) < 8) {
2883
  user_error('Malformed file attributes');
2884
  return $attr;
2885
  }
2886
  $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
2887
  break;
2888
- case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
2889
  if (strlen($response) < 4) {
2890
  user_error('Malformed file attributes');
2891
  return $attr;
@@ -2899,14 +3315,134 @@ class Net_SFTP extends Net_SSH2
2899
  $attr+= array('type' => $fileType);
2900
  }
2901
  break;
2902
- case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
 
 
 
 
2903
  if (strlen($response) < 8) {
2904
  user_error('Malformed file attributes');
2905
  return $attr;
2906
  }
2907
  $attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
2908
  break;
2909
- case NET_SFTP_ATTR_EXTENDED: // 0x80000000
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2910
  if (strlen($response) < 4) {
2911
  user_error('Malformed file attributes');
2912
  return $attr;
@@ -3014,6 +3550,7 @@ class Net_SFTP extends Net_SSH2
3014
  *
3015
  * @param int $type
3016
  * @param string $data
 
3017
  * @see self::_get_sftp_packet()
3018
  * @see Net_SSH2::_send_channel_packet()
3019
  * @return bool
@@ -3021,6 +3558,10 @@ class Net_SFTP extends Net_SSH2
3021
  */
3022
  function _send_sftp_packet($type, $data, $request_id = 1)
3023
  {
 
 
 
 
3024
  $packet = $this->use_request_id ?
3025
  pack('NCNa*', strlen($data) + 5, $type, $request_id, $data) :
3026
  pack('NCa*', strlen($data) + 1, $type, $data);
@@ -3033,9 +3574,17 @@ class Net_SFTP extends Net_SSH2
3033
  $packet_type = '-> ' . $this->packet_types[$type] .
3034
  ' (' . round($stop - $start, 4) . 's)';
3035
  if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) {
3036
- echo "<pre>\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n</pre>\r\n";
3037
- flush();
3038
- ob_flush();
 
 
 
 
 
 
 
 
3039
  } else {
3040