| /trunk/vendor/composer/installed.json |
|---|
| 837,12 → 837,12 |
| "source": { |
| "type": "git", |
| "url": "https://github.com/phpseclib/phpseclib.git", |
| "reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d" |
| "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" |
| }, |
| "dist": { |
| "type": "zip", |
| "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d2cd758ecb50addfe7a4283a2084a63efeefce3d", |
| "reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d", |
| "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", |
| "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", |
| "shasum": "" |
| }, |
| "require": { |
| 860,7 → 860,7 |
| "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", |
| "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." |
| }, |
| "time": "2023-12-19T04:55:17+00:00", |
| "time": "2023-12-29T01:59:53+00:00", |
| "type": "library", |
| "installation-source": "dist", |
| "autoload": { |
| /trunk/vendor/composer/installed.php |
|---|
| 189,7 → 189,7 |
| 'phpseclib/phpseclib' => array( |
| 'pretty_version' => '3.0.x-dev', |
| 'version' => '3.0.9999999.9999999-dev', |
| 'reference' => 'd2cd758ecb50addfe7a4283a2084a63efeefce3d', |
| 'reference' => '4b1827beabce71953ca479485c0ae9c51287f2fe', |
| 'type' => 'library', |
| 'install_path' => __DIR__ . '/../phpseclib/phpseclib', |
| 'aliases' => array(), |
| /trunk/vendor/licenses |
|---|
| 28,7 → 28,7 |
| matthiasmullie/path-converter 1.1.3 MIT |
| paragonie/constant_time_encoding v2.6.3 MIT |
| paragonie/random_compat v9.99.100 MIT |
| phpseclib/phpseclib 3.0.x-dev d2cd758 MIT |
| phpseclib/phpseclib 3.0.x-dev 4b1827b MIT |
| script47/bs5-utils master master MIT |
| spamspan/spamspan master GPL-2.0-only |
| spomky-labs/php-punycode 9999999-dev d12fe5c MIT |
| /trunk/vendor/phpseclib/phpseclib/README.md |
|---|
| 51,7 → 51,7 |
| * PHP4 compatible |
| * Composer compatible (PSR-0 autoloading) |
| * Install using Composer: `composer require phpseclib/phpseclib:~1.0` |
| * [Download 1.0.21 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.21.zip/download) |
| * [Download 1.0.22 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.22.zip/download) |
| ## Security contact information |
| /trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php |
|---|
| 382,7 → 382,7 |
| $shortname = $meta->getShortName(); |
| self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname; |
| if ($meta->hasConstant('IS_INVISIBLE')) { |
| self::$invisiblePlugins[static::ALGORITHM] = strtolower($name); |
| self::$invisiblePlugins[static::ALGORITHM][] = strtolower($shortname); |
| } |
| } |
| } |
| /trunk/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php |
|---|
| 1103,6 → 1103,16 |
| private $errorOnMultipleChannels; |
| /** |
| * Terrapin Countermeasure |
| * |
| * "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received" |
| * -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 |
| * |
| * @var int |
| */ |
| private $extra_packets; |
| /** |
| * Default Constructor. |
| * |
| * $host can either be a string, representing the host, or a stream resource. |
| 1536,7 → 1546,7 |
| $preferred['client_to_server']['comp'] : |
| SSH2::getSupportedCompressionAlgorithms(); |
| $kex_algorithms = array_merge($kex_algorithms, ['ext-info-c']); |
| $kex_algorithms = array_merge($kex_algorithms, ['ext-info-c', 'kex-strict-c-v00@openssh.com']); |
| // some SSH servers have buggy implementations of some of the above algorithms |
| switch (true) { |
| 1592,6 → 1602,7 |
| if ($kexinit_payload_server === false) { |
| $this->send_binary_packet($kexinit_payload_client); |
| $this->extra_packets = 0; |
| $kexinit_payload_server = $this->get_binary_packet(); |
| if ( |
| 1623,6 → 1634,11 |
| $this->languages_server_to_client, |
| $first_kex_packet_follows |
| ) = Strings::unpackSSH2('L10C', $response); |
| if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { |
| if ($this->session_id === false && $this->extra_packets) { |
| throw new \UnexpectedValueException('Possible Terrapin Attack detected'); |
| } |
| } |
| $this->supported_private_key_algorithms = $this->server_host_key_algorithms; |
| 1881,6 → 1897,10 |
| throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); |
| } |
| if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { |
| $this->get_seq_no = $this->send_seq_no = 0; |
| } |
| $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); |
| $this->encrypt = self::encryption_algorithm_to_crypt_instance($encrypt); |
| 3769,9 → 3789,11 |
| $this->bitmap = 0; |
| return false; |
| case NET_SSH2_MSG_IGNORE: |
| $this->extra_packets++; |
| $payload = $this->get_binary_packet($skip_channel_filter); |
| break; |
| case NET_SSH2_MSG_DEBUG: |
| $this->extra_packets++; |
| Strings::shift($payload, 2); // second byte is "always_display" |
| list($message) = Strings::unpackSSH2('s', $payload); |
| $this->errors[] = "SSH_MSG_DEBUG: $message"; |
| 3780,6 → 3802,7 |
| case NET_SSH2_MSG_UNIMPLEMENTED: |
| return false; |
| case NET_SSH2_MSG_KEXINIT: |
| // this is here for key re-exchanges after the initial key exchange |
| if ($this->session_id !== false) { |
| if (!$this->key_exchange($payload)) { |
| $this->bitmap = 0; |