search

Herzult / php-ssh

An experimental object oriented SSH api in PHP
MIT License
359 stars 82 forks source link

Warning ssh2_auth_pubkey_file #53

Open shopblocks opened 8 years ago

shopblocks commented 8 years ago

When trying to connect to a user that doesn't exist, there is an exception thrown, but also a warning is thrown. This warning cannot be suppressed or hidden on our end (due to it being part of the package).

Can this warning be suppressed on https://github.com/Herzult/php-ssh/blob/master/src/Ssh/Authentication/PublicKeyFile.php#L40

h4cc commented 8 years ago

Thanks @shopblocks , the function does trigger a undocumented E_WARNING in case of a problem:

/* {{{ proto bool ssh2_auth_pubkey_file(resource session, string username, string pubkeyfile, string privkeyfile[, string passphrase])
 * Authenticate using a public key
 */
PHP_FUNCTION(ssh2_auth_pubkey_file)
{
    LIBSSH2_SESSION *session;
    zval *zsession;
    char *username, *pubkey, *privkey, *passphrase = NULL;
    int username_len, pubkey_len, privkey_len, passphrase_len;
    char *newpath;
    struct passwd *pws;

    if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsss|s", &zsession,   &username, &username_len,
                                                                                &pubkey, &pubkey_len,
                                                                                &privkey, &privkey_len,
                                                                                &passphrase, &passphrase_len) == FAILURE) {
        return;
    }

    if (SSH2_OPENBASEDIR_CHECKPATH(pubkey) || SSH2_OPENBASEDIR_CHECKPATH(privkey)) {
        RETURN_FALSE;
    }

    SSH2_FETCH_NONAUTHENTICATED_SESSION(session, zsession);

    // Explode '~/paths' stopgap fix because libssh2 does not accept tilde for homedir
    // This should be ifdef'ed when a fix is available to support older libssh2 versions
    pws = getpwuid(geteuid());
    if (pubkey_len >= 2 && *pubkey == '~' && *(pubkey+1) == '/') {
        newpath = emalloc(strlen(pws->pw_dir) + strlen(pubkey));
        strcpy(newpath, pws->pw_dir);
        strcat(newpath, pubkey+1);
        efree(pubkey);
        pubkey = newpath;
    }
    if (privkey_len >= 2 && *privkey == '~' && *(privkey+1) == '/') {
        newpath = emalloc(strlen(pws->pw_dir) + strlen(privkey));
        strcpy(newpath, pws->pw_dir);
        strcat(newpath, privkey+1);
        efree(privkey);
        privkey = newpath;
    }

    /* TODO: Support passphrase callback */
    if (libssh2_userauth_publickey_fromfile_ex(session, username, username_len, pubkey, privkey, passphrase)) {
        char *buf;
        int len;
        libssh2_session_last_error(session, &buf, &len, 0);
        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Authentication failed for %s using public key: %s", username, buf);
        RETURN_FALSE;
    }

    RETURN_TRUE;
}
/* }}} */

We could fix this using the silencing Operator like @ssh2_auth_pubkey_file(...).

@Herzult Will we fix it that way?

shopblocks commented 8 years ago

Bug report filed on PHP to document this: https://bugs.php.net/bug.php?id=71738

shopblocks commented 8 years ago

Any update on this?

Jean85 commented 8 years ago

I opened a PR: #54