/phpseclib/Net/SSH2.php

http://github.com/phpseclib/phpseclib · PHP · 5160 lines · 2879 code · 546 blank · 1735 comment · 453 complexity · b048711bdddb15f44d6466fb86e06fe4 MD5 · raw file

Large files are truncated click here to view the full file

    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Pure-PHP implementation of SSHv2.
    5. 

  5.  *
    6. 

  6.  * PHP version 5
    7. 

  7.  *
    8. 

  8.  * Here are some examples of how to use this library:
    9. 

  9.  * <code>
    10. 

  10.  * <?php
    11. 

  11.  *    include 'vendor/autoload.php';
    12. 

  12.  *
    13. 

  13.  *    $ssh = new \phpseclib3\Net\SSH2('www.domain.tld');
    14. 

  14.  *    if (!$ssh->login('username', 'password')) {
    15. 

  15.  *        exit('Login Failed');
    16. 

  16.  *    }
    17. 

  17.  *
    18. 

  18.  *    echo $ssh->exec('pwd');
    19. 

  19.  *    echo $ssh->exec('ls -la');
    20. 

  20.  * ?>
    21. 

  21.  * </code>
    22. 

  22.  *
    23. 

  23.  * <code>
    24. 

  24.  * <?php
    25. 

  25.  *    include 'vendor/autoload.php';
    26. 

  26.  *
    27. 

  27.  *    $key = \phpseclib3\Crypt\PublicKeyLoader::load('...', '(optional) password');
    28. 

  28.  *
    29. 

  29.  *    $ssh = new \phpseclib3\Net\SSH2('www.domain.tld');
    30. 

  30.  *    if (!$ssh->login('username', $key)) {
    31. 

  31.  *        exit('Login Failed');
    32. 

  32.  *    }
    33. 

  33.  *
    34. 

  34.  *    echo $ssh->read('username@username:~$');
    35. 

  35.  *    $ssh->write("ls -la\n");
    36. 

  36.  *    echo $ssh->read('username@username:~$');
    37. 

  37.  * ?>
    38. 

  38.  * </code>
    39. 

  39.  *
    40. 

  40.  * @category  Net
    41. 

  41.  * @package   SSH2
    42. 

  42.  * @author    Jim Wigginton <terrafrost@php.net>
    43. 

  43.  * @copyright 2007 Jim Wigginton
    44. 

  44.  * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
    45. 

  45.  * @link      http://phpseclib.sourceforge.net
    46. 

  46.  */
    47. 

  47. 

  48. namespace phpseclib3\Net;
    49. 

  49. 

  50. use phpseclib3\Crypt\Blowfish;
    51. 

  51. use phpseclib3\Crypt\Hash;
    52. 

  52. use phpseclib3\Crypt\Random;
    53. 

  53. use phpseclib3\Crypt\RC4;
    54. 

  54. use phpseclib3\Crypt\Rijndael;
    55. 

  55. use phpseclib3\Crypt\Common\PrivateKey;
    56. 

  56. use phpseclib3\Crypt\RSA;
    57. 

  57. use phpseclib3\Crypt\DSA;
    58. 

  58. use phpseclib3\Crypt\EC;
    59. 

  59. use phpseclib3\Crypt\DH;
    60. 

  60. use phpseclib3\Crypt\TripleDES;
    61. 

  61. use phpseclib3\Crypt\Twofish;
    62. 

  62. use phpseclib3\Crypt\ChaCha20;
    63. 

  63. use phpseclib3\Math\BigInteger; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
    64. 

  64. use phpseclib3\System\SSH\Agent;
    65. 

  65. use phpseclib3\System\SSH\Agent\Identity as AgentIdentity;
    66. 

  66. use phpseclib3\Exception\NoSupportedAlgorithmsException;
    67. 

  67. use phpseclib3\Exception\UnsupportedAlgorithmException;
    68. 

  68. use phpseclib3\Exception\UnsupportedCurveException;
    69. 

  69. use phpseclib3\Exception\ConnectionClosedException;
    70. 

  70. use phpseclib3\Exception\UnableToConnectException;
    71. 

  71. use phpseclib3\Exception\InsufficientSetupException;
    72. 

  72. use phpseclib3\Common\Functions\Strings;
    73. 

  73. use phpseclib3\Crypt\Common\AsymmetricKey;
    74. 

  74. 

  75. /**#@+
    76. 

  76.  * @access private
    77. 

  77.  */
    78. 

  78. /**
    79. 

  79.  * No compression
    80. 

  80.  */
    81. 

  81. define('NET_SSH2_COMPRESSION_NONE',  1);
    82. 

  82. /**
    83. 

  83.  * zlib compression
    84. 

  84.  */
    85. 

  85. define('NET_SSH2_COMPRESSION_ZLIB', 2);
    86. 

  86. /**
    87. 

  87.  * zlib@openssh.com
    88. 

  88.  */
    89. 

  89. define('NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH', 3);
    90. 

  90. /**#@-*/
    91. 

  91. 

  92. /**
    93. 

  93.  * Pure-PHP implementation of SSHv2.
    94. 

  94.  *
    95. 

  95.  * @package SSH2
    96. 

  96.  * @author  Jim Wigginton <terrafrost@php.net>
    97. 

  97.  * @access  public
    98. 

  98.  */
    99. 

  99. class SSH2
    100. 

  100. {
    101. 

  101.     // Execution Bitmap Masks
    102. 

  102.     const MASK_CONSTRUCTOR   = 0x00000001;
    103. 

  103.     const MASK_CONNECTED     = 0x00000002;
    104. 

  104.     const MASK_LOGIN_REQ     = 0x00000004;
    105. 

  105.     const MASK_LOGIN         = 0x00000008;
    106. 

  106.     const MASK_SHELL         = 0x00000010;
    107. 

  107.     const MASK_WINDOW_ADJUST = 0x00000020;
    108. 

  108. 

  109.     /*
    110. 

  110.      * Channel constants
    111. 

  111.      *
    112. 

  112.      * RFC4254 refers not to client and server channels but rather to sender and recipient channels.  we don't refer
    113. 

  113.      * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with
    114. 

  114.      * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a
    115. 

  115.      * recipient channel.  at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
    116. 

  116.      * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snippet:
    117. 

  117.      *     The 'recipient channel' is the channel number given in the original
    118. 

  118.      *     open request, and 'sender channel' is the channel number allocated by
    119. 

  119.      *     the other side.
    120. 

  120.      *
    121. 

  121.      * @see \phpseclib3\Net\SSH2::send_channel_packet()
    122. 

  122.      * @see \phpseclib3\Net\SSH2::get_channel_packet()
    123. 

  123.      * @access private
    124. 

  124.      */
    125. 

  125.     const CHANNEL_EXEC          = 1; // PuTTy uses 0x100
    126. 

  126.     const CHANNEL_SHELL         = 2;
    127. 

  127.     const CHANNEL_SUBSYSTEM     = 3;
    128. 

  128.     const CHANNEL_AGENT_FORWARD = 4;
    129. 

  129.     const CHANNEL_KEEP_ALIVE    = 5;
    130. 

  130. 

  131.     /**
    132. 

  132.      * Returns the message numbers
    133. 

  133.      *
    134. 

  134.      * @access public
    135. 

  135.      * @see \phpseclib3\Net\SSH2::getLog()
    136. 

  136.      */
    137. 

  137.     const LOG_SIMPLE = 1;
    138. 

  138.     /**
    139. 

  139.      * Returns the message content
    140. 

  140.      *
    141. 

  141.      * @access public
    142. 

  142.      * @see \phpseclib3\Net\SSH2::getLog()
    143. 

  143.      */
    144. 

  144.     const LOG_COMPLEX = 2;
    145. 

  145.     /**
    146. 

  146.      * Outputs the content real-time
    147. 

  147.      *
    148. 

  148.      * @access public
    149. 

  149.      * @see \phpseclib3\Net\SSH2::getLog()
    150. 

  150.      */
    151. 

  151.     const LOG_REALTIME = 3;
    152. 

  152.     /**
    153. 

  153.      * Dumps the content real-time to a file
    154. 

  154.      *
    155. 

  155.      * @access public
    156. 

  156.      * @see \phpseclib3\Net\SSH2::getLog()
    157. 

  157.      */
    158. 

  158.     const LOG_REALTIME_FILE = 4;
    159. 

  159.     /**
    160. 

  160.      * Make sure that the log never gets larger than this
    161. 

  161.      *
    162. 

  162.      * @access public
    163. 

  163.      * @see \phpseclib3\Net\SSH2::getLog()
    164. 

  164.      */
    165. 

  165.     const LOG_MAX_SIZE = 1048576; // 1024 * 1024
    166. 

  166. 

  167.     /**
    168. 

  168.      * Returns when a string matching $expect exactly is found
    169. 

  169.      *
    170. 

  170.      * @access public
    171. 

  171.      * @see \phpseclib3\Net\SSH2::read()
    172. 

  172.      */
    173. 

  173.     const READ_SIMPLE = 1;
    174. 

  174.     /**
    175. 

  175.      * Returns when a string matching the regular expression $expect is found
    176. 

  176.      *
    177. 

  177.      * @access public
    178. 

  178.      * @see \phpseclib3\Net\SSH2::read()
    179. 

  179.      */
    180. 

  180.     const READ_REGEX = 2;
    181. 

  181.     /**
    182. 

  182.      * Returns whenever a data packet is received.
    183. 

  183.      *
    184. 

  184.      * Some data packets may only contain a single character so it may be necessary
    185. 

  185.      * to call read() multiple times when using this option
    186. 

  186.      *
    187. 

  187.      * @access public
    188. 

  188.      * @see \phpseclib3\Net\SSH2::read()
    189. 

  189.      */
    190. 

  190.     const READ_NEXT = 3;
    191. 

  191. 

  192.     /**
    193. 

  193.      * The SSH identifier
    194. 

  194.      *
    195. 

  195.      * @var string
    196. 

  196.      * @access private
    197. 

  197.      */
    198. 

  198.     private $identifier;
    199. 

  199. 

  200.     /**
    201. 

  201.      * The Socket Object
    202. 

  202.      *
    203. 

  203.      * @var object
    204. 

  204.      * @access private
    205. 

  205.      */
    206. 

  206.     public $fsock;
    207. 

  207. 

  208.     /**
    209. 

  209.      * Execution Bitmap
    210. 

  210.      *
    211. 

  211.      * The bits that are set represent functions that have been called already.  This is used to determine
    212. 

  212.      * if a requisite function has been successfully executed.  If not, an error should be thrown.
    213. 

  213.      *
    214. 

  214.      * @var int
    215. 

  215.      * @access private
    216. 

  216.      */
    217. 

  217.     protected $bitmap = 0;
    218. 

  218. 

  219.     /**
    220. 

  220.      * Error information
    221. 

  221.      *
    222. 

  222.      * @see self::getErrors()
    223. 

  223.      * @see self::getLastError()
    224. 

  224.      * @var array
    225. 

  225.      * @access private
    226. 

  226.      */
    227. 

  227.     private $errors = [];
    228. 

  228. 

  229.     /**
    230. 

  230.      * Server Identifier
    231. 

  231.      *
    232. 

  232.      * @see self::getServerIdentification()
    233. 

  233.      * @var array|false
    234. 

  234.      * @access private
    235. 

  235.      */
    236. 

  236.     protected $server_identifier = false;
    237. 

  237. 

  238.     /**
    239. 

  239.      * Key Exchange Algorithms
    240. 

  240.      *
    241. 

  241.      * @see self::getKexAlgorithims()
    242. 

  242.      * @var array|false
    243. 

  243.      * @access private
    244. 

  244.      */
    245. 

  245.     private $kex_algorithms = false;
    246. 

  246. 

  247.     /**
    248. 

  248.      * Key Exchange Algorithm
    249. 

  249.      *
    250. 

  250.      * @see self::getMethodsNegotiated()
    251. 

  251.      * @var string|false
    252. 

  252.      * @access private
    253. 

  253.      */
    254. 

  254.     private $kex_algorithm = false;
    255. 

  255. 

  256.     /**
    257. 

  257.      * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
    258. 

  258.      *
    259. 

  259.      * @see self::_key_exchange()
    260. 

  260.      * @var int
    261. 

  261.      * @access private
    262. 

  262.      */
    263. 

  263.     private $kex_dh_group_size_min = 1536;
    264. 

  264. 

  265.     /**
    266. 

  266.      * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
    267. 

  267.      *
    268. 

  268.      * @see self::_key_exchange()
    269. 

  269.      * @var int
    270. 

  270.      * @access private
    271. 

  271.      */
    272. 

  272.     private $kex_dh_group_size_preferred = 2048;
    273. 

  273. 

  274.     /**
    275. 

  275.      * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
    276. 

  276.      *
    277. 

  277.      * @see self::_key_exchange()
    278. 

  278.      * @var int
    279. 

  279.      * @access private
    280. 

  280.      */
    281. 

  281.     private $kex_dh_group_size_max = 4096;
    282. 

  282. 

  283.     /**
    284. 

  284.      * Server Host Key Algorithms
    285. 

  285.      *
    286. 

  286.      * @see self::getServerHostKeyAlgorithms()
    287. 

  287.      * @var array|false
    288. 

  288.      * @access private
    289. 

  289.      */
    290. 

  290.     private $server_host_key_algorithms = false;
    291. 

  291. 

  292.     /**
    293. 

  293.      * Encryption Algorithms: Client to Server
    294. 

  294.      *
    295. 

  295.      * @see self::getEncryptionAlgorithmsClient2Server()
    296. 

  296.      * @var array|false
    297. 

  297.      * @access private
    298. 

  298.      */
    299. 

  299.     private $encryption_algorithms_client_to_server = false;
    300. 

  300. 

  301.     /**
    302. 

  302.      * Encryption Algorithms: Server to Client
    303. 

  303.      *
    304. 

  304.      * @see self::getEncryptionAlgorithmsServer2Client()
    305. 

  305.      * @var array|false
    306. 

  306.      * @access private
    307. 

  307.      */
    308. 

  308.     private $encryption_algorithms_server_to_client = false;
    309. 

  309. 

  310.     /**
    311. 

  311.      * MAC Algorithms: Client to Server
    312. 

  312.      *
    313. 

  313.      * @see self::getMACAlgorithmsClient2Server()
    314. 

  314.      * @var array|false
    315. 

  315.      * @access private
    316. 

  316.      */
    317. 

  317.     private $mac_algorithms_client_to_server = false;
    318. 

  318. 

  319.     /**
    320. 

  320.      * MAC Algorithms: Server to Client
    321. 

  321.      *
    322. 

  322.      * @see self::getMACAlgorithmsServer2Client()
    323. 

  323.      * @var array|false
    324. 

  324.      * @access private
    325. 

  325.      */
    326. 

  326.     private $mac_algorithms_server_to_client = false;
    327. 

  327. 

  328.     /**
    329. 

  329.      * Compression Algorithms: Client to Server
    330. 

  330.      *
    331. 

  331.      * @see self::getCompressionAlgorithmsClient2Server()
    332. 

  332.      * @var array|false
    333. 

  333.      * @access private
    334. 

  334.      */
    335. 

  335.     private $compression_algorithms_client_to_server = false;
    336. 

  336. 

  337.     /**
    338. 

  338.      * Compression Algorithms: Server to Client
    339. 

  339.      *
    340. 

  340.      * @see self::getCompressionAlgorithmsServer2Client()
    341. 

  341.      * @var array|false
    342. 

  342.      * @access private
    343. 

  343.      */
    344. 

  344.     private $compression_algorithms_server_to_client = false;
    345. 

  345. 

  346.     /**
    347. 

  347.      * Languages: Server to Client
    348. 

  348.      *
    349. 

  349.      * @see self::getLanguagesServer2Client()
    350. 

  350.      * @var array|false
    351. 

  351.      * @access private
    352. 

  352.      */
    353. 

  353.     private $languages_server_to_client = false;
    354. 

  354. 

  355.     /**
    356. 

  356.      * Languages: Client to Server
    357. 

  357.      *
    358. 

  358.      * @see self::getLanguagesClient2Server()
    359. 

  359.      * @var array|false
    360. 

  360.      * @access private
    361. 

  361.      */
    362. 

  362.     private $languages_client_to_server = false;
    363. 

  363. 

  364.     /**
    365. 

  365.      * Preferred Algorithms
    366. 

  366.      *
    367. 

  367.      * @see self::setPreferredAlgorithms()
    368. 

  368.      * @var array
    369. 

  369.      * @access private
    370. 

  370.      */
    371. 

  371.     private $preferred = [];
    372. 

  372. 

  373.     /**
    374. 

  374.      * Block Size for Server to Client Encryption
    375. 

  375.      *
    376. 

  376.      * "Note that the length of the concatenation of 'packet_length',
    377. 

  377.      *  'padding_length', 'payload', and 'random padding' MUST be a multiple
    378. 

  378.      *  of the cipher block size or 8, whichever is larger.  This constraint
    379. 

  379.      *  MUST be enforced, even when using stream ciphers."
    380. 

  380.      *
    381. 

  381.      *  -- http://tools.ietf.org/html/rfc4253#section-6
    382. 

  382.      *
    383. 

  383.      * @see self::__construct()
    384. 

  384.      * @see self::_send_binary_packet()
    385. 

  385.      * @var int
    386. 

  386.      * @access private
    387. 

  387.      */
    388. 

  388.     private $encrypt_block_size = 8;
    389. 

  389. 

  390.     /**
    391. 

  391.      * Block Size for Client to Server Encryption
    392. 

  392.      *
    393. 

  393.      * @see self::__construct()
    394. 

  394.      * @see self::_get_binary_packet()
    395. 

  395.      * @var int
    396. 

  396.      * @access private
    397. 

  397.      */
    398. 

  398.     private $decrypt_block_size = 8;
    399. 

  399. 

  400.     /**
    401. 

  401.      * Server to Client Encryption Object
    402. 

  402.      *
    403. 

  403.      * @see self::_get_binary_packet()
    404. 

  404.      * @var object
    405. 

  405.      * @access private
    406. 

  406.      */
    407. 

  407.     private $decrypt = false;
    408. 

  408. 

  409.     /**
    410. 

  410.      * Server to Client Length Encryption Object
    411. 

  411.      *
    412. 

  412.      * @see self::_get_binary_packet()
    413. 

  413.      * @var object
    414. 

  414.      * @access private
    415. 

  415.      */
    416. 

  416.     private $lengthDecrypt = false;
    417. 

  417. 

  418.     /**
    419. 

  419.      * Client to Server Encryption Object
    420. 

  420.      *
    421. 

  421.      * @see self::_send_binary_packet()
    422. 

  422.      * @var object
    423. 

  423.      * @access private
    424. 

  424.      */
    425. 

  425.     private $encrypt = false;
    426. 

  426. 

  427.     /**
    428. 

  428.      * Client to Server Length Encryption Object
    429. 

  429.      *
    430. 

  430.      * @see self::_send_binary_packet()
    431. 

  431.      * @var object
    432. 

  432.      * @access private
    433. 

  433.      */
    434. 

  434.     private $lengthEncrypt = false;
    435. 

  435. 

  436.     /**
    437. 

  437.      * Client to Server HMAC Object
    438. 

  438.      *
    439. 

  439.      * @see self::_send_binary_packet()
    440. 

  440.      * @var object
    441. 

  441.      * @access private
    442. 

  442.      */
    443. 

  443.     private $hmac_create = false;
    444. 

  444. 

  445.     /**
    446. 

  446.      * Server to Client HMAC Object
    447. 

  447.      *
    448. 

  448.      * @see self::_get_binary_packet()
    449. 

  449.      * @var object
    450. 

  450.      * @access private
    451. 

  451.      */
    452. 

  452.     private $hmac_check = false;
    453. 

  453. 

  454.     /**
    455. 

  455.      * Size of server to client HMAC
    456. 

  456.      *
    457. 

  457.      * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read.
    458. 

  458.      * For the client to server side, the HMAC object will make the HMAC as long as it needs to be.  All we need to do is
    459. 

  459.      * append it.
    460. 

  460.      *
    461. 

  461.      * @see self::_get_binary_packet()
    462. 

  462.      * @var int
    463. 

  463.      * @access private
    464. 

  464.      */
    465. 

  465.     private $hmac_size = false;
    466. 

  466. 

  467.     /**
    468. 

  468.      * Server Public Host Key
    469. 

  469.      *
    470. 

  470.      * @see self::getServerPublicHostKey()
    471. 

  471.      * @var string
    472. 

  472.      * @access private
    473. 

  473.      */
    474. 

  474.     private $server_public_host_key;
    475. 

  475. 

  476.     /**
    477. 

  477.      * Session identifier
    478. 

  478.      *
    479. 

  479.      * "The exchange hash H from the first key exchange is additionally
    480. 

  480.      *  used as the session identifier, which is a unique identifier for
    481. 

  481.      *  this connection."
    482. 

  482.      *
    483. 

  483.      *  -- http://tools.ietf.org/html/rfc4253#section-7.2
    484. 

  484.      *
    485. 

  485.      * @see self::_key_exchange()
    486. 

  486.      * @var string
    487. 

  487.      * @access private
    488. 

  488.      */
    489. 

  489.     private $session_id = false;
    490. 

  490. 

  491.     /**
    492. 

  492.      * Exchange hash
    493. 

  493.      *
    494. 

  494.      * The current exchange hash
    495. 

  495.      *
    496. 

  496.      * @see self::_key_exchange()
    497. 

  497.      * @var string
    498. 

  498.      * @access private
    499. 

  499.      */
    500. 

  500.     private $exchange_hash = false;
    501. 

  501. 

  502.     /**
    503. 

  503.      * Message Numbers
    504. 

  504.      *
    505. 

  505.      * @see self::__construct()
    506. 

  506.      * @var array
    507. 

  507.      * @access private
    508. 

  508.      */
    509. 

  509.     private $message_numbers = [];
    510. 

  510. 

  511.     /**
    512. 

  512.      * Disconnection Message 'reason codes' defined in RFC4253
    513. 

  513.      *
    514. 

  514.      * @see self::__construct()
    515. 

  515.      * @var array
    516. 

  516.      * @access private
    517. 

  517.      */
    518. 

  518.     private $disconnect_reasons = [];
    519. 

  519. 

  520.     /**
    521. 

  521.      * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
    522. 

  522.      *
    523. 

  523.      * @see self::__construct()
    524. 

  524.      * @var array
    525. 

  525.      * @access private
    526. 

  526.      */
    527. 

  527.     private $channel_open_failure_reasons = [];
    528. 

  528. 

  529.     /**
    530. 

  530.      * Terminal Modes
    531. 

  531.      *
    532. 

  532.      * @link http://tools.ietf.org/html/rfc4254#section-8
    533. 

  533.      * @see self::__construct()
    534. 

  534.      * @var array
    535. 

  535.      * @access private
    536. 

  536.      */
    537. 

  537.     private $terminal_modes = [];
    538. 

  538. 

  539.     /**
    540. 

  540.      * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
    541. 

  541.      *
    542. 

  542.      * @link http://tools.ietf.org/html/rfc4254#section-5.2
    543. 

  543.      * @see self::__construct()
    544. 

  544.      * @var array
    545. 

  545.      * @access private
    546. 

  546.      */
    547. 

  547.     private $channel_extended_data_type_codes = [];
    548. 

  548. 

  549.     /**
    550. 

  550.      * Send Sequence Number
    551. 

  551.      *
    552. 

  552.      * See 'Section 6.4.  Data Integrity' of rfc4253 for more info.
    553. 

  553.      *
    554. 

  554.      * @see self::_send_binary_packet()
    555. 

  555.      * @var int
    556. 

  556.      * @access private
    557. 

  557.      */
    558. 

  558.     private $send_seq_no = 0;
    559. 

  559. 

  560.     /**
    561. 

  561.      * Get Sequence Number
    562. 

  562.      *
    563. 

  563.      * See 'Section 6.4.  Data Integrity' of rfc4253 for more info.
    564. 

  564.      *
    565. 

  565.      * @see self::_get_binary_packet()
    566. 

  566.      * @var int
    567. 

  567.      * @access private
    568. 

  568.      */
    569. 

  569.     private $get_seq_no = 0;
    570. 

  570. 

  571.     /**
    572. 

  572.      * Server Channels
    573. 

  573.      *
    574. 

  574.      * Maps client channels to server channels
    575. 

  575.      *
    576. 

  576.      * @see self::get_channel_packet()
    577. 

  577.      * @see self::exec()
    578. 

  578.      * @var array
    579. 

  579.      * @access private
    580. 

  580.      */
    581. 

  581.     protected $server_channels = [];
    582. 

  582. 

  583.     /**
    584. 

  584.      * Channel Buffers
    585. 

  585.      *
    586. 

  586.      * If a client requests a packet from one channel but receives two packets from another those packets should
    587. 

  587.      * be placed in a buffer
    588. 

  588.      *
    589. 

  589.      * @see self::get_channel_packet()
    590. 

  590.      * @see self::exec()
    591. 

  591.      * @var array
    592. 

  592.      * @access private
    593. 

  593.      */
    594. 

  594.     private $channel_buffers = [];
    595. 

  595. 

  596.     /**
    597. 

  597.      * Channel Status
    598. 

  598.      *
    599. 

  599.      * Contains the type of the last sent message
    600. 

  600.      *
    601. 

  601.      * @see self::get_channel_packet()
    602. 

  602.      * @var array
    603. 

  603.      * @access private
    604. 

  604.      */
    605. 

  605.     protected $channel_status = [];
    606. 

  606. 

  607.     /**
    608. 

  608.      * Packet Size
    609. 

  609.      *
    610. 

  610.      * Maximum packet size indexed by channel
    611. 

  611.      *
    612. 

  612.      * @see self::send_channel_packet()
    613. 

  613.      * @var array
    614. 

  614.      * @access private
    615. 

  615.      */
    616. 

  616.     private $packet_size_client_to_server = [];
    617. 

  617. 

  618.     /**
    619. 

  619.      * Message Number Log
    620. 

  620.      *
    621. 

  621.      * @see self::getLog()
    622. 

  622.      * @var array
    623. 

  623.      * @access private
    624. 

  624.      */
    625. 

  625.     private $message_number_log = [];
    626. 

  626. 

  627.     /**
    628. 

  628.      * Message Log
    629. 

  629.      *
    630. 

  630.      * @see self::getLog()
    631. 

  631.      * @var array
    632. 

  632.      * @access private
    633. 

  633.      */
    634. 

  634.     private $message_log = [];
    635. 

  635. 

  636.     /**
    637. 

  637.      * The Window Size
    638. 

  638.      *
    639. 

  639.      * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB)
    640. 

  640.      *
    641. 

  641.      * @var int
    642. 

  642.      * @see self::send_channel_packet()
    643. 

  643.      * @see self::exec()
    644. 

  644.      * @access private
    645. 

  645.      */
    646. 

  646.     protected $window_size = 0x7FFFFFFF;
    647. 

  647. 

  648.     /**
    649. 

  649.      * What we resize the window to
    650. 

  650.      *
    651. 

  651.      * When PuTTY resizes the window it doesn't add an additional 0x7FFFFFFF bytes - it adds 0x40000000 bytes.
    652. 

  652.      * Some SFTP clients (GoAnywhere) don't support adding 0x7FFFFFFF to the window size after the fact so
    653. 

  653.      * we'll just do what PuTTY does
    654. 

  654.      *
    655. 

  655.      * @var int
    656. 

  656.      * @see self::_send_channel_packet()
    657. 

  657.      * @see self::exec()
    658. 

  658.      * @access private
    659. 

  659.      */
    660. 

  660.     private $window_resize = 0x40000000;
    661. 

  661. 

  662.     /**
    663. 

  663.      * Window size, server to client
    664. 

  664.      *
    665. 

  665.      * Window size indexed by channel
    666. 

  666.      *
    667. 

  667.      * @see self::send_channel_packet()
    668. 

  668.      * @var array
    669. 

  669.      * @access private
    670. 

  670.      */
    671. 

  671.     protected $window_size_server_to_client = [];
    672. 

  672. 

  673.     /**
    674. 

  674.      * Window size, client to server
    675. 

  675.      *
    676. 

  676.      * Window size indexed by channel
    677. 

  677.      *
    678. 

  678.      * @see self::get_channel_packet()
    679. 

  679.      * @var array
    680. 

  680.      * @access private
    681. 

  681.      */
    682. 

  682.     private $window_size_client_to_server = [];
    683. 

  683. 

  684.     /**
    685. 

  685.      * Server signature
    686. 

  686.      *
    687. 

  687.      * Verified against $this->session_id
    688. 

  688.      *
    689. 

  689.      * @see self::getServerPublicHostKey()
    690. 

  690.      * @var string
    691. 

  691.      * @access private
    692. 

  692.      */
    693. 

  693.     private $signature = '';
    694. 

  694. 

  695.     /**
    696. 

  696.      * Server signature format
    697. 

  697.      *
    698. 

  698.      * ssh-rsa or ssh-dss.
    699. 

  699.      *
    700. 

  700.      * @see self::getServerPublicHostKey()
    701. 

  701.      * @var string
    702. 

  702.      * @access private
    703. 

  703.      */
    704. 

  704.     private $signature_format = '';
    705. 

  705. 

  706.     /**
    707. 

  707.      * Interactive Buffer
    708. 

  708.      *
    709. 

  709.      * @see self::read()
    710. 

  710.      * @var array
    711. 

  711.      * @access private
    712. 

  712.      */
    713. 

  713.     private $interactiveBuffer = '';
    714. 

  714. 

  715.     /**
    716. 

  716.      * Current log size
    717. 

  717.      *
    718. 

  718.      * Should never exceed self::LOG_MAX_SIZE
    719. 

  719.      *
    720. 

  720.      * @see self::_send_binary_packet()
    721. 

  721.      * @see self::_get_binary_packet()
    722. 

  722.      * @var int
    723. 

  723.      * @access private
    724. 

  724.      */
    725. 

  725.     private $log_size;
    726. 

  726. 

  727.     /**
    728. 

  728.      * Timeout
    729. 

  729.      *
    730. 

  730.      * @see self::setTimeout()
    731. 

  731.      * @access private
    732. 

  732.      */
    733. 

  733.     protected $timeout;
    734. 

  734. 

  735.     /**
    736. 

  736.      * Current Timeout
    737. 

  737.      *
    738. 

  738.      * @see self::get_channel_packet()
    739. 

  739.      * @access private
    740. 

  740.      */
    741. 

  741.     protected $curTimeout;
    742. 

  742. 

  743.     /**
    744. 

  744.      * Keep Alive Interval
    745. 

  745.      *
    746. 

  746.      * @see self::setKeepAlive()
    747. 

  747.      * @access private
    748. 

  748.      */
    749. 

  749.     private $keepAlive;
    750. 

  750. 

  751.     /**
    752. 

  752.      * Real-time log file pointer
    753. 

  753.      *
    754. 

  754.      * @see self::_append_log()
    755. 

  755.      * @var resource
    756. 

  756.      * @access private
    757. 

  757.      */
    758. 

  758.     private $realtime_log_file;
    759. 

  759. 

  760.     /**
    761. 

  761.      * Real-time log file size
    762. 

  762.      *
    763. 

  763.      * @see self::_append_log()
    764. 

  764.      * @var int
    765. 

  765.      * @access private
    766. 

  766.      */
    767. 

  767.     private $realtime_log_size;
    768. 

  768. 

  769.     /**
    770. 

  770.      * Has the signature been validated?
    771. 

  771.      *
    772. 

  772.      * @see self::getServerPublicHostKey()
    773. 

  773.      * @var bool
    774. 

  774.      * @access private
    775. 

  775.      */
    776. 

  776.     private $signature_validated = false;
    777. 

  777. 

  778.     /**
    779. 

  779.      * Real-time log file wrap boolean
    780. 

  780.      *
    781. 

  781.      * @see self::_append_log()
    782. 

  782.      * @access private
    783. 

  783.      */
    784. 

  784.     private $realtime_log_wrap;
    785. 

  785. 

  786.     /**
    787. 

  787.      * Flag to suppress stderr from output
    788. 

  788.      *
    789. 

  789.      * @see self::enableQuietMode()
    790. 

  790.      * @access private
    791. 

  791.      */
    792. 

  792.     private $quiet_mode = false;
    793. 

  793. 

  794.     /**
    795. 

  795.      * Time of first network activity
    796. 

  796.      *
    797. 

  797.      * @var int
    798. 

  798.      * @access private
    799. 

  799.      */
    800. 

  800.     private $last_packet;
    801. 

  801. 

  802.     /**
    803. 

  803.      * Exit status returned from ssh if any
    804. 

  804.      *
    805. 

  805.      * @var int
    806. 

  806.      * @access private
    807. 

  807.      */
    808. 

  808.     private $exit_status;
    809. 

  809. 

  810.     /**
    811. 

  811.      * Flag to request a PTY when using exec()
    812. 

  812.      *
    813. 

  813.      * @var bool
    814. 

  814.      * @see self::enablePTY()
    815. 

  815.      * @access private
    816. 

  816.      */
    817. 

  817.     private $request_pty = false;
    818. 

  818. 

  819.     /**
    820. 

  820.      * Flag set while exec() is running when using enablePTY()
    821. 

  821.      *
    822. 

  822.      * @var bool
    823. 

  823.      * @access private
    824. 

  824.      */
    825. 

  825.     private $in_request_pty_exec = false;
    826. 

  826. 

  827.     /**
    828. 

  828.      * Flag set after startSubsystem() is called
    829. 

  829.      *
    830. 

  830.      * @var bool
    831. 

  831.      * @access private
    832. 

  832.      */
    833. 

  833.     private $in_subsystem;
    834. 

  834. 

  835.     /**
    836. 

  836.      * Contents of stdError
    837. 

  837.      *
    838. 

  838.      * @var string
    839. 

  839.      * @access private
    840. 

  840.      */
    841. 

  841.     private $stdErrorLog;
    842. 

  842. 

  843.     /**
    844. 

  844.      * The Last Interactive Response
    845. 

  845.      *
    846. 

  846.      * @see self::_keyboard_interactive_process()
    847. 

  847.      * @var string
    848. 

  848.      * @access private
    849. 

  849.      */
    850. 

  850.     private $last_interactive_response = '';
    851. 

  851. 

  852.     /**
    853. 

  853.      * Keyboard Interactive Request / Responses
    854. 

  854.      *
    855. 

  855.      * @see self::_keyboard_interactive_process()
    856. 

  856.      * @var array
    857. 

  857.      * @access private
    858. 

  858.      */
    859. 

  859.     private $keyboard_requests_responses = [];
    860. 

  860. 

  861.     /**
    862. 

  862.      * Banner Message
    863. 

  863.      *
    864. 

  864.      * Quoting from the RFC, "in some jurisdictions, sending a warning message before
    865. 

  865.      * authentication may be relevant for getting legal protection."
    866. 

  866.      *
    867. 

  867.      * @see self::_filter()
    868. 

  868.      * @see self::getBannerMessage()
    869. 

  869.      * @var string
    870. 

  870.      * @access private
    871. 

  871.      */
    872. 

  872.     private $banner_message = '';
    873. 

  873. 

  874.     /**
    875. 

  875.      * Did read() timeout or return normally?
    876. 

  876.      *
    877. 

  877.      * @see self::isTimeout()
    878. 

  878.      * @var bool
    879. 

  879.      * @access private
    880. 

  880.      */
    881. 

  881.     private $is_timeout = false;
    882. 

  882. 

  883.     /**
    884. 

  884.      * Log Boundary
    885. 

  885.      *
    886. 

  886.      * @see self::_format_log()
    887. 

  887.      * @var string
    888. 

  888.      * @access private
    889. 

  889.      */
    890. 

  890.     private $log_boundary = ':';
    891. 

  891. 

  892.     /**
    893. 

  893.      * Log Long Width
    894. 

  894.      *
    895. 

  895.      * @see self::_format_log()
    896. 

  896.      * @var int
    897. 

  897.      * @access private
    898. 

  898.      */
    899. 

  899.     private $log_long_width = 65;
    900. 

  900. 

  901.     /**
    902. 

  902.      * Log Short Width
    903. 

  903.      *
    904. 

  904.      * @see self::_format_log()
    905. 

  905.      * @var int
    906. 

  906.      * @access private
    907. 

  907.      */
    908. 

  908.     private $log_short_width = 16;
    909. 

  909. 

  910.     /**
    911. 

  911.      * Hostname
    912. 

  912.      *
    913. 

  913.      * @see self::__construct()
    914. 

  914.      * @see self::_connect()
    915. 

  915.      * @var string
    916. 

  916.      * @access private
    917. 

  917.      */
    918. 

  918.     private $host;
    919. 

  919. 

  920.     /**
    921. 

  921.      * Port Number
    922. 

  922.      *
    923. 

  923.      * @see self::__construct()
    924. 

  924.      * @see self::_connect()
    925. 

  925.      * @var int
    926. 

  926.      * @access private
    927. 

  927.      */
    928. 

  928.     private $port;
    929. 

  929. 

  930.     /**
    931. 

  931.      * Number of columns for terminal window size
    932. 

  932.      *
    933. 

  933.      * @see self::getWindowColumns()
    934. 

  934.      * @see self::setWindowColumns()
    935. 

  935.      * @see self::setWindowSize()
    936. 

  936.      * @var int
    937. 

  937.      * @access private
    938. 

  938.      */
    939. 

  939.     private $windowColumns = 80;
    940. 

  940. 

  941.     /**
    942. 

  942.      * Number of columns for terminal window size
    943. 

  943.      *
    944. 

  944.      * @see self::getWindowRows()
    945. 

  945.      * @see self::setWindowRows()
    946. 

  946.      * @see self::setWindowSize()
    947. 

  947.      * @var int
    948. 

  948.      * @access private
    949. 

  949.      */
    950. 

  950.     private $windowRows = 24;
    951. 

  951. 

  952.     /**
    953. 

  953.      * Crypto Engine
    954. 

  954.      *
    955. 

  955.      * @see self::setCryptoEngine()
    956. 

  956.      * @see self::_key_exchange()
    957. 

  957.      * @var int
    958. 

  958.      * @access private
    959. 

  959.      */
    960. 

  960.     private static $crypto_engine = false;
    961. 

  961. 

  962.     /**
    963. 

  963.      * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario
    964. 

  964.      *
    965. 

  965.      * @var \phpseclib3\System\Ssh\Agent
    966. 

  966.      * @access private
    967. 

  967.      */
    968. 

  968.     private $agent;
    969. 

  969. 

  970.     /**
    971. 

  971.      * Connection storage to replicates ssh2 extension functionality:
    972. 

  972.      * {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples}
    973. 

  973.      *
    974. 

  974.      * @var SSH2[]
    975. 

  975.      */
    976. 

  976.     private static $connections;
    977. 

  977. 

  978.     /**
    979. 

  979.      * Send the identification string first?
    980. 

  980.      *
    981. 

  981.      * @var bool
    982. 

  982.      * @access private
    983. 

  983.      */
    984. 

  984.     private $send_id_string_first = true;
    985. 

  985. 

  986.     /**
    987. 

  987.      * Send the key exchange initiation packet first?
    988. 

  988.      *
    989. 

  989.      * @var bool
    990. 

  990.      * @access private
    991. 

  991.      */
    992. 

  992.     private $send_kex_first = true;
    993. 

  993. 

  994.     /**
    995. 

  995.      * Some versions of OpenSSH incorrectly calculate the key size
    996. 

  996.      *
    997. 

  997.      * @var bool
    998. 

  998.      * @access private
    999. 

  999.      */
    1000. 

  1000.     private $bad_key_size_fix = false;
    1001. 

  1001. 

  1002.     /**
    1003. 

  1003.      * Should we try to re-connect to re-establish keys?
    1004. 

  1004.      *
    1005. 

  1005.      * @var bool
    1006. 

  1006.      * @access private
    1007. 

  1007.      */
    1008. 

  1008.     private $retry_connect = false;
    1009. 

  1009. 

  1010.     /**
    1011. 

  1011.      * Binary Packet Buffer
    1012. 

  1012.      *
    1013. 

  1013.      * @var string|false
    1014. 

  1014.      * @access private
    1015. 

  1015.      */
    1016. 

  1016.     private $binary_packet_buffer = false;
    1017. 

  1017. 

  1018.     /**
    1019. 

  1019.      * Preferred Signature Format
    1020. 

  1020.      *
    1021. 

  1021.      * @var string|false
    1022. 

  1022.      * @access private
    1023. 

  1023.      */
    1024. 

  1024.     protected $preferred_signature_format = false;
    1025. 

  1025. 

  1026.     /**
    1027. 

  1027.      * Authentication Credentials
    1028. 

  1028.      *
    1029. 

  1029.      * @var array
    1030. 

  1030.      * @access private
    1031. 

  1031.      */
    1032. 

  1032.     protected $auth = [];
    1033. 

  1033. 

  1034.     /**
    1035. 

  1035.      * Terminal
    1036. 

  1036.      *
    1037. 

  1037.      * @var string
    1038. 

  1038.      * @access private
    1039. 

  1039.      */
    1040. 

  1040.     private $term = 'vt100';
    1041. 

  1041. 

  1042.     /**
    1043. 

  1043.      * The authentication methods that may productively continue authentication.
    1044. 

  1044.      * 
    1045. 

  1045.      * @see https://tools.ietf.org/html/rfc4252#section-5.1
    1046. 

  1046.      * @var array|null
    1047. 

  1047.      * @access private
    1048. 

  1048.      */
    1049. 

  1049.     private $auth_methods_to_continue = null;
    1050. 

  1050. 

  1051.     /**
    1052. 

  1052.      * Compression method
    1053. 

  1053.      *
    1054. 

  1054.      * @var int
    1055. 

  1055.      * @access private
    1056. 

  1056.      */
    1057. 

  1057.     private $compress = NET_SSH2_COMPRESSION_NONE;
    1058. 

  1058. 

  1059.     /**
    1060. 

  1060.      * Decompression method
    1061. 

  1061.      *
    1062. 

  1062.      * @var resource|object
    1063. 

  1063.      * @access private
    1064. 

  1064.      */
    1065. 

  1065.     private $decompress = NET_SSH2_COMPRESSION_NONE;
    1066. 

  1066. 

  1067.     /**
    1068. 

  1068.      * Compression context
    1069. 

  1069.      *
    1070. 

  1070.      * @var int
    1071. 

  1071.      * @access private
    1072. 

  1072.      */
    1073. 

  1073.     private $compress_context;
    1074. 

  1074. 

  1075.     /**
    1076. 

  1076.      * Decompression context
    1077. 

  1077.      *
    1078. 

  1078.      * @var resource|object
    1079. 

  1079.      * @access private
    1080. 

  1080.      */
    1081. 

  1081.     private $decompress_context;
    1082. 

  1082. 

  1083.     /**
    1084. 

  1084.      * Regenerate Compression Context
    1085. 

  1085.      *
    1086. 

  1086.      * @var bool
    1087. 

  1087.      * @access private
    1088. 

  1088.      */
    1089. 

  1089.     private $regenerate_compression_context = false;
    1090. 

  1090. 

  1091.     /**
    1092. 

  1092.      * Regenerate Decompression Context
    1093. 

  1093.      *
    1094. 

  1094.      * @var bool
    1095. 

  1095.      * @access private
    1096. 

  1096.      */
    1097. 

  1097.     private $regenerate_decompression_context = false;
    1098. 

  1098. 

  1099.     /**
    1100. 

  1100.      * Smart multi-factor authentication flag
    1101. 

  1101.      *
    1102. 

  1102.      * @var bool
    1103. 

  1103.      * @access private
    1104. 

  1104.      */
    1105. 

  1105.     private $smartMFA = true;
    1106. 

  1106. 

  1107.     /**
    1108. 

  1108.      * Default Constructor.
    1109. 

  1109.      *
    1110. 

  1110.      * $host can either be a string, representing the host, or a stream resource.
    1111. 

  1111.      *
    1112. 

  1112.      * @param mixed $host
    1113. 

  1113.      * @param int $port
    1114. 

  1114.      * @param int $timeout
    1115. 

  1115.      * @see self::login()
    1116. 

  1116.      * @return SSH2|void
    1117. 

  1117.      * @access public
    1118. 

  1118.      */
    1119. 

  1119.     public function __construct($host, $port = 22, $timeout = 10)
    1120. 

  1120.     {
    1121. 

  1121.         $this->message_numbers = [
    1122. 

  1122.             1 => 'NET_SSH2_MSG_DISCONNECT',
    1123. 

  1123.             2 => 'NET_SSH2_MSG_IGNORE',
    1124. 

  1124.             3 => 'NET_SSH2_MSG_UNIMPLEMENTED',
    1125. 

  1125.             4 => 'NET_SSH2_MSG_DEBUG',
    1126. 

  1126.             5 => 'NET_SSH2_MSG_SERVICE_REQUEST',
    1127. 

  1127.             6 => 'NET_SSH2_MSG_SERVICE_ACCEPT',
    1128. 

  1128.             20 => 'NET_SSH2_MSG_KEXINIT',
    1129. 

  1129.             21 => 'NET_SSH2_MSG_NEWKEYS',
    1130. 

  1130.             30 => 'NET_SSH2_MSG_KEXDH_INIT',
    1131. 

  1131.             31 => 'NET_SSH2_MSG_KEXDH_REPLY',
    1132. 

  1132.             50 => 'NET_SSH2_MSG_USERAUTH_REQUEST',
    1133. 

  1133.             51 => 'NET_SSH2_MSG_USERAUTH_FAILURE',
    1134. 

  1134.             52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS',
    1135. 

  1135.             53 => 'NET_SSH2_MSG_USERAUTH_BANNER',
    1136. 

  1136. 

  1137.             80 => 'NET_SSH2_MSG_GLOBAL_REQUEST',
    1138. 

  1138.             81 => 'NET_SSH2_MSG_REQUEST_SUCCESS',
    1139. 

  1139.             82 => 'NET_SSH2_MSG_REQUEST_FAILURE',
    1140. 

  1140.             90 => 'NET_SSH2_MSG_CHANNEL_OPEN',
    1141. 

  1141.             91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION',
    1142. 

  1142.             92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE',
    1143. 

  1143.             93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST',
    1144. 

  1144.             94 => 'NET_SSH2_MSG_CHANNEL_DATA',
    1145. 

  1145.             95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA',
    1146. 

  1146.             96 => 'NET_SSH2_MSG_CHANNEL_EOF',
    1147. 

  1147.             97 => 'NET_SSH2_MSG_CHANNEL_CLOSE',
    1148. 

  1148.             98 => 'NET_SSH2_MSG_CHANNEL_REQUEST',
    1149. 

  1149.             99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS',
    1150. 

  1150.             100 => 'NET_SSH2_MSG_CHANNEL_FAILURE'
    1151. 

  1151.         ];
    1152. 

  1152.         $this->disconnect_reasons = [
    1153. 

  1153.             1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT',
    1154. 

  1154.             2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR',
    1155. 

  1155.             3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED',
    1156. 

  1156.             4 => 'NET_SSH2_DISCONNECT_RESERVED',
    1157. 

  1157.             5 => 'NET_SSH2_DISCONNECT_MAC_ERROR',
    1158. 

  1158.             6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR',
    1159. 

  1159.             7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE',
    1160. 

  1160.             8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED',
    1161. 

  1161.             9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE',
    1162. 

  1162.             10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST',
    1163. 

  1163.             11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION',
    1164. 

  1164.             12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS',
    1165. 

  1165.             13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER',
    1166. 

  1166.             14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE',
    1167. 

  1167.             15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME'
    1168. 

  1168.         ];
    1169. 

  1169.         $this->channel_open_failure_reasons = [
    1170. 

  1170.             1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED'
    1171. 

  1171.         ];
    1172. 

  1172.         $this->terminal_modes = [
    1173. 

  1173.             0 => 'NET_SSH2_TTY_OP_END'
    1174. 

  1174.         ];
    1175. 

  1175.         $this->channel_extended_data_type_codes = [
    1176. 

  1176.             1 => 'NET_SSH2_EXTENDED_DATA_STDERR'
    1177. 

  1177.         ];
    1178. 

  1178. 

  1179.         $this->define_array(
    1180. 

  1180.             $this->message_numbers,
    1181. 

  1181.             $this->disconnect_reasons,
    1182. 

  1182.             $this->channel_open_failure_reasons,
    1183. 

  1183.             $this->terminal_modes,
    1184. 

  1184.             $this->channel_extended_data_type_codes,
    1185. 

  1185.             [60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'],
    1186. 

  1186.             [60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'],
    1187. 

  1187.             [60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
    1188. 

  1188.                   61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'],
    1189. 

  1189.             // RFC 4419 - diffie-hellman-group-exchange-sha{1,256}
    1190. 

  1190.             [30 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST_OLD',
    1191. 

  1191.                   31 => 'NET_SSH2_MSG_KEXDH_GEX_GROUP',
    1192. 

  1192.                   32 => 'NET_SSH2_MSG_KEXDH_GEX_INIT',
    1193. 

  1193.                   33 => 'NET_SSH2_MSG_KEXDH_GEX_REPLY',
    1194. 

  1194.                   34 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'],
    1195. 

  1195.             // RFC 5656 - Elliptic Curves (for curve25519-sha256@libssh.org)
    1196. 

  1196.             [30 => 'NET_SSH2_MSG_KEX_ECDH_INIT',
    1197. 

  1197.                   31 => 'NET_SSH2_MSG_KEX_ECDH_REPLY']
    1198. 

  1198.         );
    1199. 

  1199. 

  1200.         self::$connections[$this->getResourceId()] = class_exists('WeakReference') ? \WeakReference::create($this) : $this;
    1201. 

  1201. 

  1202.         if (is_resource($host)) {
    1203. 

  1203.             $this->fsock = $host;
    1204. 

  1204.             return;
    1205. 

  1205.         }
    1206. 

  1206. 

  1207.         if (is_string($host)) {
    1208. 

  1208.             $this->host = $host;
    1209. 

  1209.             $this->port = $port;
    1210. 

  1210.             $this->timeout = $timeout;
    1211. 

  1211.         }
    1212. 

  1212.     }
    1213. 

  1213. 

  1214.     /**
    1215. 

  1215.      * Set Crypto Engine Mode
    1216. 

  1216.      *
    1217. 

  1217.      * Possible $engine values:
    1218. 

  1218.      * OpenSSL, mcrypt, Eval, PHP
    1219. 

  1219.      *
    1220. 

  1220.      * @param int $engine
    1221. 

  1221.      * @access public
    1222. 

  1222.      */
    1223. 

  1223.     public static function setCryptoEngine($engine)
    1224. 

  1224.     {
    1225. 

  1225.         self::$crypto_engine = $engine;
    1226. 

  1226.     }
    1227. 

  1227. 

  1228.     /**
    1229. 

  1229.      * Send Identification String First
    1230. 

  1230.      *
    1231. 

  1231.      * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established,
    1232. 

  1232.      * both sides MUST send an identification string". It does not say which side sends it first. In
    1233. 

  1233.      * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
    1234. 

  1234.      *
    1235. 

  1235.      * @access public
    1236. 

  1236.      */
    1237. 

  1237.     public function sendIdentificationStringFirst()
    1238. 

  1238.     {
    1239. 

  1239.         $this->send_id_string_first = true;
    1240. 

  1240.     }
    1241. 

  1241. 

  1242.     /**
    1243. 

  1243.      * Send Identification String Last
    1244. 

  1244.      *
    1245. 

  1245.      * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established,
    1246. 

  1246.      * both sides MUST send an identification string". It does not say which side sends it first. In
    1247. 

  1247.      * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
    1248. 

  1248.      *
    1249. 

  1249.      * @access public
    1250. 

  1250.      */
    1251. 

  1251.     public function sendIdentificationStringLast()
    1252. 

  1252.     {
    1253. 

  1253.         $this->send_id_string_first = false;
    1254. 

  1254.     }
    1255. 

  1255. 

  1256.     /**
    1257. 

  1257.      * Send SSH_MSG_KEXINIT First
    1258. 

  1258.      *
    1259. 

  1259.      * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending
    1260. 

  1260.      * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory
    1261. 

  1261.      * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
    1262. 

  1262.      *
    1263. 

  1263.      * @access public
    1264. 

  1264.      */
    1265. 

  1265.     public function sendKEXINITFirst()
    1266. 

  1266.     {
    1267. 

  1267.         $this->send_kex_first = true;
    1268. 

  1268.     }
    1269. 

  1269. 

  1270.     /**
    1271. 

  1271.      * Send SSH_MSG_KEXINIT Last
    1272. 

  1272.      *
    1273. 

  1273.      * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending
    1274. 

  1274.      * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory
    1275. 

  1275.      * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
    1276. 

  1276.      *
    1277. 

  1277.      * @access public
    1278. 

  1278.      */
    1279. 

  1279.     public function sendKEXINITLast()
    1280. 

  1280.     {
    1281. 

  1281.         $this->send_kex_first = false;
    1282. 

  1282.     }
    1283. 

  1283. 

  1284.     /**
    1285. 

  1285.      * Connect to an SSHv2 server
    1286. 

  1286.      *
    1287. 

  1287.      * @throws \UnexpectedValueException on receipt of unexpected packets
    1288. 

  1288.      * @throws \RuntimeException on other errors
    1289. 

  1289.      * @access private
    1290. 

  1290.      */
    1291. 

  1291.     private function connect()
    1292. 

  1292.     {
    1293. 

  1293.         if ($this->bitmap & self::MASK_CONSTRUCTOR) {
    1294. 

  1294.             return;
    1295. 

  1295.         }
    1296. 

  1296. 

  1297.         $this->bitmap |= self::MASK_CONSTRUCTOR;
    1298. 

  1298. 

  1299.         $this->curTimeout = $this->timeout;
    1300. 

  1300. 

  1301.         $this->last_packet = microtime(true);
    1302. 

  1302. 

  1303.         if (!is_resource($this->fsock)) {
    1304. 

  1304.             $start = microtime(true);
    1305. 

  1305.             // with stream_select a timeout of 0 means that no timeout takes place;
    1306. 

  1306.             // with fsockopen a timeout of 0 means that you instantly timeout
    1307. 

  1307.             // to resolve this incompatibility a timeout of 100,000 will be used for fsockopen if timeout is 0
    1308. 

  1308.             $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout);
    1309. 

  1309.             if (!$this->fsock) {
    1310. 

  1310.                 $host = $this->host . ':' . $this->port;
    1311. 

  1311.                 throw new UnableToConnectException(rtrim("Cannot connect to $host. Error $errno. $errstr"));
    1312. 

  1312.             }
    1313. 

  1313.             $elapsed = microtime(true) - $start;
    1314. 

  1314. 

  1315.             if ($this->curTimeout) {
    1316. 

  1316.                 $this->curTimeout-= $elapsed;
    1317. 

  1317.                 if ($this->curTimeout < 0) {
    1318. 

  1318.                     throw new \RuntimeException('Connection timed out whilst attempting to open socket connection');
    1319. 

  1319.                 }
    1320. 

  1320.             }
    1321. 

  1321.         }
    1322. 

  1322. 

  1323.         $this->identifier = $this->generate_identifier();
    1324. 

  1324. 

  1325.         if ($this->send_id_string_first) {
    1326. 

  1326.             fputs($this->fsock, $this->identifier . "\r\n");
    1327. 

  1327.         }
    1328. 

  1328. 

  1329.         /* According to the SSH2 specs,
    1330. 

    1331. 

  1331.           "The server MAY send other lines of data before sending the version
    1332. 

  1332.            string.  Each line SHOULD be terminated by a Carriage Return and Line
    1333. 

  1333.            Feed.  Such lines MUST NOT begin with "SSH-", and SHOULD be encoded
    1334. 

  1334.            in ISO-10646 UTF-8 [RFC3629] (language is not specified).  Clients
    1335. 

  1335.            MUST be able to process such lines." */
    1336. 

  1336.         $data = '';
    1337. 

  1337.         while (!feof($this->fsock) && !preg_match('#(.*)^(SSH-(\d\.\d+).*)#ms', $data, $matches)) {
    1338. 

  1338.             $line = '';
    1339. 

  1339.             while (true) {
    1340. 

  1340.                 if ($this->curTimeout) {
    1341. 

  1341.                     if ($this->curTimeout < 0) {
    1342. 

  1342.                         throw new \RuntimeException('Connection timed out whilst receiving server identification string');
    1343. 

  1343.                     }
    1344. 

  1344.                     $read = [$this->fsock];
    1345. 

  1345.                     $write = $except = null;
    1346. 

  1346.                     $start = microtime(true);
    1347. 

  1347.                     $sec = floor($this->curTimeout);
    1348. 

  1348.                     $usec = 1000000 * ($this->curTimeout - $sec);
    1349. 

  1349.                     if (@stream_select($read, $write, $except, $sec, $usec) === false) {
    1350. 

  1350.                         throw new \RuntimeException('Connection timed out whilst receiving server identification string');
    1351. 

  1351.                     }
    1352. 

  1352.                     $elapsed = microtime(true) - $start;
    1353. 

  1353.                     $this->curTimeout-= $elapsed;
    1354. 

  1354.                 }
    1355. 

  1355. 

  1356.                 $temp = stream_get_line($this->fsock, 255, "\n");
    1357. 

  1357.                 if ($temp === false) {
    1358. 

  1358.                     throw new \RuntimeException('Error reading from socket');
    1359. 

  1359.                 }
    1360. 

  1360.                 if (strlen($temp) == 255) {
    1361. 

  1361.                     continue;
    1362. 

  1362.                 }
    1363. 

  1363. 

  1364.                 $line.= "$temp\n";
    1365. 

  1365. 

  1366.                 // quoting RFC4253, "Implementers who wish to maintain
    1367. 

  1367.                 // compatibility with older, undocumented versions of this protocol may
    1368. 

  1368.                 // want to process the identification string without expecting the
    1369. 

  1369.                 // presence of the carriage return character for reasons described in
    1370. 

  1370.                 // Section 5 of this document."
    1371. 

  1371. 

  1372.                 //if (substr($line, -2) == "\r\n") {
    1373. 

  1373.                 //    break;
    1374. 

  1374.                 //}
    1375. 

  1375. 

  1376.                 break;
    1377. 

  1377.             }
    1378. 

  1378. 

  1379.             $data.= $line;
    1380. 

  1380.         }
    1381. 

  1381. 

  1382.         if (feof($this->fsock)) {
    1383. 

  1383.             $this->bitmap = 0;
    1384. 

  1384.             throw new ConnectionClosedException('Connection closed by server');
    1385. 

  1385.         }
    1386. 

  1386. 

  1387.         $extra = $matches[1];
    1388. 

  1388. 

  1389.         if (defined('NET_SSH2_LOGGING')) {
    1390. 

  1390.             $this->append_log('<-', $matches[0]);
    1391. 

  1391.             $this->append_log('->', $this->identifier . "\r\n");
    1392. 

  1392.         }
    1393. 

  1393. 

  1394.         $this->server_identifier = trim($temp, "\r\n");
    1395. 

  1395.         if (strlen($extra)) {
    1396. 

  1396.             $this->errors[] = $data;
    1397. 

  1397.         }
    1398. 

  1398. 

  1399.         if (version_compare($matches[3], '1.99', '<')) {
    1400. 

  1400.             $this->bitmap = 0;
    1401. 

  1401.             throw new UnableToConnectException("Cannot connect to SSH $matches[3] servers");
    1402. 

  1402.         }
    1403. 

  1403. 

  1404.         if (!$this->send_id_string_first) {
    1405. 

  1405.             fputs($this->fsock, $this->identifier . "\r\n");
    1406. 

  1406.         }
    1407. 

  1407. 

  1408.         if (!$this->send_kex_first) {
    1409. 

  1409.             $response = $this->get_binary_packet();
    1410. 

  1410. 

  1411.             if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
    1412. 

  1412.                 $this->bitmap = 0;
    1413. 

  1413.                 throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT');
    1414. 

  1414.             }
    1415. 

  1415. 

  1416.             $this->key_exchange($response);
    1417. 

  1417.         }
    1418. 

  1418. 

  1419.         if ($this->send_kex_first) {
    1420. 

  1420.             $this->key_exchange();
    1421. 

  1421.         }
    1422. 

  1422. 

  1423.         $this->bitmap|= self::MASK_CONNECTED;
    1424. 

  1424. 

  1425.         return true;
    1426. 

  1426.     }
    1427. 

  1427. 

  1428.     /**
    1429. 

  1429.      * Generates the SSH identifier
    1430. 

  1430.      *
    1431. 

  1431.      * You should overwrite this method in your own class if you want to use another identifier
    1432. 

  1432.      *
    1433. 

  1433.      * @access protected
    1434. 

  1434.      * @return string
    1435. 

  1435.      */
    1436. 

  1436.     private function generate_identifier()
    1437. 

  1437.     {
    1438. 

  1438.         $identifier = 'SSH-2.0-phpseclib_3.0';
    1439. 

  1439. 

  1440.         $ext = [];
    1441. 

  1441.         if (extension_loaded('sodium')) {
    1442. 

  1442.             $ext[] = 'libsodium';
    1443. 

  1443.         }
    1444. 

  1444. 

  1445.         if (extension_loaded('openssl')) {
    1446. 

  1446.             $ext[] = 'openssl';
    1447. 

  1447.         } elseif (extension_loaded('mcrypt')) {
    1448. 

  1448.             $ext[] = 'mcrypt';
    1449. 

  1449.         }
    1450. 

  1450. 

  1451.         if (extension_loaded('gmp')) {
    1452. 

  1452.             $ext[] = 'gmp';
    1453. 

  1453.         } elseif (extension_loaded('bcmath')) {
    1454. 

  1454.             $ext[] = 'bcmath';
    1455. 

  1455.         }
    1456. 

  1456. 

  1457.         if (!empty($ext)) {
    1458. 

  1458.             $identifier .= ' (' . implode(', ', $ext) . ')';
    1459. 

  1459.         }
    1460. 

  1460. 

  1461.         return $identifier;
    1462. 

  1462.     }
    1463. 

  1463. 

  1464.     /**
    1465. 

  1465.      * Key Exchange
    1466. 

  1466.      *
    1467. 

  1467.      * @return bool
    1468. 

  1468.      * @param string|bool $kexinit_payload_server optional
    1469. 

  1469.      * @throws \UnexpectedValueException on receipt of unexpected packets
    1470. 

  1470.      * @throws \RuntimeException on other errors
    1471. 

  1471.      * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible
    1472. 

  1472.      * @access private
    1473. 

  1473.      */
    1474. 

  1474.     private function key_exchange($kexinit_payload_server = false)
    1475. 

  1475.     {
    1476. 

  1476.         $preferred = $this->preferred;
    1477. 

  1477.         $send_kex = true;
    1478. 

  1478. 

  1479.         $kex_algorithms = isset($preferred['kex']) ?
    1480. 

  1480.             $preferred['kex'] :
    1481. 

  1481.             SSH2::getSupportedKEXAlgorithms();
    1482. 

  1482.         $server_host_key_algorithms = isset($preferred['hostkey']) ?
    1483. 

  1483.             $preferred['hostkey'] :
    1484. 

  1484.             SSH2::getSupportedHostKeyAlgorithms();
    1485. 

  1485.         $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ?
    1486. 

  1486.             $preferred['server_to_client']['crypt'] :
    1487. 

  1487.             SSH2::getSupportedEncryptionAlgorithms();
    1488. 

  1488.         $c2s_encryption_algorithms = isset($preferred['client_to_server']['crypt']) ?
    1489. 

  1489.             $preferred['client_to_server']['crypt'] :
    1490. 

  1490.             SSH2::getSupportedEncryptionAlgorithms();
    1491. 

  1491.         $s2c_mac_algorithms = isset($preferred['server_to_client']['mac']) ?
    1492. 

  1492.             $preferred['server_to_client']['mac'] :
    1493. 

  1493.             SSH2::getSupportedMACAlgorithms();
    1494. 

  1494.         $c2s_mac_algorithms = isset($preferred['client_to_server']['mac']) ?
    1495. 

  1495.             $preferred['client_to_server']['mac'] :
    1496. 

  1496.             SSH2::getSupportedMACAlgorithms();
    1497. 

  1497.         $s2c_compression_algorithms = isset($preferred['server_to_client']['comp']) ?
    1498. 

  1498.             $preferred['server_to_client']['comp'] :
    1499. 

  1499.             SSH2::getSupportedCompressionAlgorithms();
    1500. 

  1500.         $c2s_compression_algorithms = isset($preferred['client_to_server']['comp']) ?
    1501. 

  1501.             $preferred['client_to_server']['comp'] :
    1502. 

  1502.             SSH2::getSupportedCompressionAlgorithms();
    1503. 

  1503. 

  1504.         // some SSH servers have buggy implementations of some of the above algorithms
    1505. 

  1505.         switch (true) {
    1506. 

  1506.             case $this->server_identifier == 'SSH-2.0-SSHD':
    1507. 

  1507.             case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK':
    1508. 

  1508.                 if (!isset($preferred['server_to_client']['mac'])) {
    1509. 

  1509.                     $s2c_mac_algorithms = array_values(array_diff(
    1510. 

  1510.                         $s2c_mac_algorithms,
    1511. 

  1511.                         ['hmac-sha1-96', 'hmac-md5-96']
    1512. 

  1512.                     ));
    1513. 

  1513.                 }
    1514. 

  1514.                 if (!isset($preferred['client_to_server']['mac'])) {
    1515. 

  1515.                     $c2s_mac_algorithms = array_values(array_diff(
    1516. 

  1516.                         $c2s_mac_algorithms,
    1517. 

  1517.                         ['hmac-sha1-96', 'hmac-md5-96']
    1518. 

  1518.                     ));
    1519. 

  1519.                 }
    1520. 

  1520.         }
    1521. 

  1521. 

  1522.         $client_cookie = Random::string(16);
    1523. 

  1523. 

  1524.         $kexinit_payload_client = pack('Ca*', NET_SSH2_MSG_KEXINIT, $client_cookie);
    1525. 

  1525.         $kexinit_payload_client.= Strings::packSSH2(
    1526. 

  1526.             'L10bN',
    1527. 

  1527.             $kex_algorithms,
    1528. 

  1528.             $server_host_key_algorithms,
    1529. 

  1529.             $c2s_encryption_algorithms,
    1530. 

  1530.             $s2c_encryption_algorithms,
    1531. 

  1531.             $c2s_mac_algorithms,
    1532. 

  1532.             $s2c_mac_algorithms,
    1533. 

  1533.             $c2s_compression_algorithms,
    1534. 

  1534.             $s2c_compression_algorithms,
    1535. 

  1535.             [], // language, client to server
    1536. 

  1536.             [], // language, server to client
    1537. 

  1537.             false, // first_kex_packet_follows
    1538. 

  1538.             0 // reserved for future extension
    1539. 

  1539.         );
    1540. 

  1540. 

  1541.         if ($kexinit_payload_server === false) {
    1542. 

  1542.             $this->send_binary_packet($kexinit_payload_client);
    1543. 

  1543. 

  1544.             $kexinit_payload_server = $this->get_binary_packet();
    1545. 

  1545. 

  1546.             if (!strlen($kexinit_payload_server) || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) {
    1547. 

  1547.                 $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR);
    1548. 

  1548.                 throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT');
    1549. 

  1549.             }
    1550. 

  1550. 

  1551.             $send_kex = false;
    1552. 

  1552.         }
    1553. 

  1553. 

  1554.         $response = $kexinit_payload_server;
    1555. 

  1555.         Strings::shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
    1556. 

  1556.         $server_cookie = Strings::shift($response, 16);
    1557. 

  1557. 

  1558.         list(
    1559. 

  1559.             $this->kex_algorithms,
    1560. 

  1560.             $this->server_host_key_algorithms,
    1561. 

  1561.             $this->encryption_algorithms_client_to_server,
    1562. 

  1562.             $this->encryption_algorithms_server_to_client,
    1563. 

  1563.             $this->mac_algorithms_client_to_server,
    1564. 

  1564.             $this->mac_algorithms_server_to_client,
    1565. 

  1565.             $this->compression_algorithms_client_to_server,
    1566. 

  1566.             $this->compression_algorithms_server_to_client,
    1567. 

  1567.             $this->languages_client_to_server,
    1568. 

  1568.             $this->languages_server_to_client,
    1569. 

  1569.             $first_kex_packet_follows
    1570. 

  1570.         ) = Strings::unpackSSH2('L10C', $response);
    1571. 

  1571. 

  1572.         if ($send_kex) {
    1573. 

  1573.             $this->send_binary_packet($kexinit_payload_client);
    1574. 

  1574.         }
    1575. 

  1575. 

  1576.         // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
    1577. 

  1577. 

  1578.         // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the
    1579. 

  1579.         // diffie-hellman key exchange as fast as possible
    1580. 

  1580.         $decrypt = self::array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client);
    1581. 

  1581.         $decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt);
    1582. 

  1582.         if ($decryptKeyLength === null) {
    1583. 

  1583.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1584. 

  1584.             throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found');
    1585. 

  1585.         }
    1586. 

  1586. 

  1587.         $encrypt = self::array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server);
    1588. 

  1588.         $encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt);
    1589. 

  1589.         if ($encryptKeyLength === null) {
    1590. 

  1590.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1591. 

  1591.             throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found');
    1592. 

  1592.         }
    1593. 

  1593. 

  1594.         // through diffie-hellman key exchange a symmetric key is obtained
    1595. 

  1595.         $this->kex_algorithm = self::array_intersect_first($kex_algorithms, $this->kex_algorithms);
    1596. 

  1596.         if ($this->kex_algorithm === false) {
    1597. 

  1597.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1598. 

  1598.             throw new NoSupportedAlgorithmsException('No compatible key exchange algorithms found');
    1599. 

  1599.         }
    1600. 

  1600. 

  1601.         $server_host_key_algorithm = self::array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms);
    1602. 

  1602.         if ($server_host_key_algorithm === false) {
    1603. 

  1603.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1604. 

  1604.             throw new NoSupportedAlgorithmsException('No compatible server host key algorithms found');
    1605. 

  1605.         }
    1606. 

  1606. 

  1607.         $mac_algorithm_out = self::array_intersect_first($c2s_mac_algorithms, $this->mac_algorithms_client_to_server);
    1608. 

  1608.         if ($mac_algorithm_out === false) {
    1609. 

  1609.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1610. 

  1610.             throw new NoSupportedAlgorithmsException('No compatible client to server message authentication algorithms found');
    1611. 

  1611.         }
    1612. 

  1612. 

  1613.         $mac_algorithm_in = self::array_intersect_first($s2c_mac_algorithms, $this->mac_algorithms_server_to_client);
    1614. 

  1614.         if ($mac_algorithm_in === false) {
    1615. 

  1615.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1616. 

  1616.             throw new NoSupportedAlgorithmsException('No compatible server to client message authentication algorithms found');
    1617. 

  1617.         }
    1618. 

  1618. 

  1619.         $compression_map = [
    1620. 

  1620.             'none' => NET_SSH2_COMPRESSION_NONE,
    1621. 

  1621.             'zlib' => NET_SSH2_COMPRESSION_ZLIB,
    1622. 

  1622.             'zlib@openssh.com' => NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH
    1623. 

  1623.         ];
    1624. 

  1624. 

  1625.         $compression_algorithm_in = self::array_intersect_first($s2c_compression_algorithms, $this->compression_algorithms_server_to_client);
    1626. 

  1626.         if ($compression_algorithm_in === false) {
    1627. 

  1627.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1628. 

  1628.             throw new NoSupportedAlgorithmsException('No compatible server to client compression algorithms found');
    1629. 

  1629.         }
    1630. 

  1630.         $this->decompress = $compression_map[$compression_algorithm_in];
    1631. 

  1631. 

  1632.         $compression_algorithm_out = self::array_intersect_first($c2s_compression_algorithms, $this->compression_algorithms_client_to_server);
    1633. 

  1633.         if ($compression_algorithm_out === false) {
    1634. 

  1634.             $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
    1635. 

  1635.             throw new NoSupportedAlgorithmsException('No compatible client to server compression algorithms found');
    1636. 

  1636.         }
    1637. 

  1637.         $this->compress = $compression_map[$compression_algorithm_out];
    1638. 

  1638. 

  1639.         switch ($this->kex_algorithm) {
    1640. 

  1640.             case 'diffie-hellman-group15-sha512':
    1641. 

  1641.             case 'diffie-hellman-group16-sha512':
    1642. 

  1642.             case 'diffie-hellman-group17-sha512':
    1643. 

  1643.             case 'diffie-hellman-group18-sha512':
    1644. 

  1644.             case 'ecdh-sha2-nistp521':
    1645. 

  1645.                 $kexHash = new Hash('sha512');
    1646. 

  1646.                 break;
    1647. 

  1647.             case 'ecdh-sha2-nistp384':
    1648. 

  1648.                 $kexHash = new Hash('sha384');
    1649. 

  1649.                 break;
    1650. 

  1650.             case 'diffie-hellman-group-exchange-sha256':
    1651. 

  1651.             case 'diffie-hellman-group14-sha256':
    1652. 

  1652.             case 'ecdh-sha2-nistp256':
    1653. 

  1653.             case 'curve25519-sha256@libssh.org':
    1654. 

  1654.             case 'curve25519-sha256':
    1655. 

  1655.                 $kexHash = new Hash('sha256');
    1656. 

  1656.                 break;
    1657. 

  1657.             default:
    1658. 

  1658.                 $kexHash = new Hash('sha1');
    1659. 

  1659.         }
    1660. 

  1660. 

  1661.         // Only relevant in diffie-hellman-group-exchange-sha{1,256}, otherwise empty.
    1662. 

  1662. 

  1663.         $exchange_hash_rfc4419 = '';
    1664. 

  1664. 

  1665.         if (strpos($this->kex_algorithm, 'curve25519-sha256') === 0 || strpos($this->kex_algorithm, 'ecdh-sha2-nistp') === 0) {
    1666. 

  1666.             $curve = strpos($this->kex_algorithm, 'curve25519-sha256') === 0 ?
    1667. 

  1667.                 'Curve25519' :
    1668. 

  1668.                 substr($this->kex_algorithm, 10);
    1669. 

  1669.             $ourPrivate = EC::createKey($curve);
    1670. 

  1670.             $ourPublicBytes = $ourPrivate->getPublicKey()->getEncodedCoordinates();
    1671. 

  1671.             $clientKexInitMessage = 'NET_SSH2_MSG_KEX_ECDH_INIT';
    1672. 

  1672.             $serverKexReplyMessage = 'NET_SSH2_MSG_KEX_ECDH_REPLY';
    1673. 

  1673.         } else {
    1674. 

  1674.             if (strpos($this->kex_algorithm, 'diffie-hellman-group-exchange') === 0) {
    1675. 

  1675.                 $dh_group_sizes_packed = pack(
    1676. 

  1676.                     'NNN',
    1677. 

  1677.                     $this->kex_dh_group_size_min,
    1678. 

  1678.                     $this->kex_dh_group_size_preferred,
    1679. 

  1679.                     $this->kex_dh_group_size_max
    1680. 

  1680.                 );
    1681. 

  1681.                 $packet = pack(
    1682. 

  1682.                     'Ca*',
    1683. 

  1683.                     NET_SSH2_MSG_KEXDH_GEX_REQUEST,
    1684. 

  1684.                     $dh_group_sizes_packed
    1685. 

  1685.                 );
    1686. 

  1686.                 $this->send_binary_packet($packet);
    1687. 

  1687.                 $this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST');
    1688. 

  1688. 

  1689.                 $response = $this->get_binary_packet();
    1690. 

  1690. 

  1691.                 list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response);
    1692. 

  1692.                 if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
    1693. 

  1693.                     $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR);
    1694. 

  1694.                     throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP');
    1695. 

  1695.                 }
    1696. 

  1696.                 $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP');
    1697. 

  1697.                 $prime = new BigInteger($primeBytes, -256);
    1698. 

  1698.                 $g = new BigInteger($gBytes, -256);
    1699. 

  1699. 

  1700.                 $exchange_hash_rfc4419 = $dh_group_sizes_packed . Strings::packSSH2(
    1701. 

  1701.                     'ss',
    1702. 

  1702.                     $primeBytes,
    1703. 

  1703.                     $gBytes
    1704. 

  1704.                 );
    1705. 

  1705. 

  1706.                 $params = DH::createParameters($prime, $g);
    1707. 

  1707.                 $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_GEX_INIT';
    1708. 

  1708.                 $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_GEX_REPLY';
    1709. 

  1709.             } else {
    1710. 

  1710.                 $params = DH::createParameters($this->kex_algorithm);
    1711. 

  1711.                 $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_INIT';
    1712. 

  1712.                 $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_REPLY';
    1713. 

  1713.             }
    1714. 

  1714. 

  1715.             $keyLength = min($kexHash->getLengthInBytes(), max($encryptKeyLen
    1716.