<?php
/*******************************************************************************
* Copyright (C) 2007 Easter-eggs
* http://ldapsaisie.labs.libre-entreprise.org
*
* Author: See AUTHORS file in top-level directory.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
******************************************************************************/
use phpseclib\Net\SSH2;
use phpseclib\Net\SFTP;
use phpseclib\Crypt\RSA;
// Messages d'erreur
// Support
LSerror :: defineError('SSH_SUPPORT_01',
_("SSH Support : PhpSecLib is missing.")
);
LSerror :: defineError('SSH_SUPPORT_02',
_("SSH Support : The constant %{const} is not defined.")
);
// Autres erreurs
LSerror :: defineError('SSH_01',
_("SSH : Invalid connection paramater : %{param} parameter is missing.")
);
LSerror :: defineError('SSH_02',
_("SSH : Authentication key file not found (or not accessible, file path : '%{path}')")
);
LSerror :: defineError('SSH_03',
_("SSH : Fail to load authentication key (%{path}).")
);
LSerror :: defineError('SSH_04',
_("SSH : Unable to connect to SSH Server (%{host}:%{port}).")
);
LSerror :: defineError('SSH_05',
_("SSH : Unable to make directory %{dir} on the remote server.")
);
LSerror :: defineError('SSH_06',
_("SSH : Unable to delete directory %{dir} on the remote server.")
);
LSerror :: defineError('SSH_07',
_("SSH : Unable to rename folder from %{old} to %{new} on the remote server.")
);
/**
* Check LdapSaisie SSH support
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @retval boolean true if SSH is fully supported, false otherwise
*/
function LSaddon_ssh_support() {
$retval=true;
// Check PhpSecLib library
if (!defined('PHPSECLIB_AUTOLOAD')) {
LSerror :: addErrorCode('SSH_SUPPORT_02','PHPSECLIB_AUTOLOAD');
$retval=false;
} else if(!LSsession::includeFile(PHPSECLIB_AUTOLOAD)) {
LSerror :: addErrorCode('SSH_SUPPORT_01');
$retval=false;
}
return $retval;
}
/**
* Connect to an SFTP server
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @param[in] $params array The SSH connexion parameters :
* array (
* 'host' => '[SSH server hostname/IP]', // required
* 'port' => [SSH port], // optional, default : 22
* 'timeout' => [SSH connection timeout], // optional, default : 10
*
* // Authentication
* 'user' => '[SSH remote user]', // required
*
* // Auth method :
* // One of the following method configuration is required.
*
* // Auth using simple password
* 'password' => '[secret password]'
*
* // Auth using a key
* 'auth_key' => array (
* 'file_path' => '[SSH private key file path]',
* 'password' => '[SSH private key file password]' // Only if need
* )
* )
* @param[in] $sftp boolean Enable SFTP mode (default : false)
*
* @retval mixed SSH2/SFTP object or false
*/
function connectToSSH($params, $sftp=false) {
if (!isset($params['host'])) {
LSerror :: addErrorCode('SSH_01',"host");
return false;
}
$host = $params['host'];
if (!isset($params['user'])) {
LSerror :: addErrorCode('SSH_01',"user");
return false;
}
$user = $params['user'];
$port = (isset($params['port'])?$params['port']:22);
$timeout = (isset($params['timeout'])?$params['timeout']:22);
if (isset($params['auth_key'])) {
if (!isset($params['auth_key']['file_path'])) {
LSerror :: addErrorCode('SSH_01',"auth_key -> file_path");
return false;
}
$key_file_path = $params['auth_key']['file_path'];
if (!is_file($key_file_path) || !is_readable($key_file_path)) {
LSerror :: addErrorCode('SSH_02', $key_file_path);
return false;
}
$password = new RSA();
if (isset($params['auth_key']['password'])) {
$password -> setPassword($params['auth_key']['password']);
}
$key_content = file_get_contents($key_file_path);
if (!$password -> loadKey($key_content)) {
LSerror :: addErrorCode('SSH_03', $key_file_path);
return;
}
}
elseif (isset($params['password'])) {
$password = $params['password'];
}
else {
LSerror :: addErrorCode('SSH_01',"authentication");
return false;
}
if (isset($sftp))
$cnx = new SFTP($host, $port, $timeout);
else
$cnx = new SSH2($host, $port, $timeout);
if (!$cnx->login($user, $password)) {
LSerror :: addErrorCode('SSH_04', array('host' => $host, 'port' => $port));
return false;
}
return $cnx;
}
/**
* Create one or more directories throught SFTP
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @param[in] $connection_params array Connection parameters
* @param[in] $dirs array|string The directory/ies to add
* @param[in] $mode integer The directory/ies mode (default : default umask on the SSH server)
* @param[in] $recursive boolean Enable recursive mode (default : false)
* @param[in] $continue boolean Enable continue mode : do not on error (default : false)
*
* @retval boolean
*/
function createDirsBySFTP($connection_params, $dirs, $chmod=-1, $recursive=false, $continue=false) {
$cnx = connectToSSH($connection_params, true);
if (! $cnx){
return;
}
if (!is_array($dirs)) {
$dirs = array($dirs);
}
$retval=true;
foreach($dirs as $dir) {
if (!$cnx -> mkdir($dir, $chmod, $recursive)) {
LSerror :: addErrorCode('SSH_05',$dir);
if (!$continue) return false;
$retval=false;
}
}
return $retval;
}
/**
* Delete one or more directories throught SFTP
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @param[in] $connection_params array Connection parameters
* @param[in] $dirs array|string The directory/ies to remove
* @param[in] $recursive boolean Enable recursive mode (default : false)
* @param[in] $continue boolean Enable continue mode : do not on error (default : false)
*
* @retval boolean
*/
function removeDirsBySFTP($connection_params, $dirs, $recursive=false) {
$cnx = connectToSSH($connection_params, true);
if (! $cnx){
return;
}
if (!is_array($dirs)) {
$dirs = array($dirs);
}
$retval=true;
foreach($dirs as $dir) {
if (!$cnx -> delete($dir, $recursive)) {
LSerror :: addErrorCode('SSH_06',$dir);
if (!$continue) return false;
$retval=false;
}
}
return $retval;
}
/**
* Rename a directory throught SFTP
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @param[in] $connection_params array Connection parameters
* @param[in] $old string The actual directory path to rename
* @param[in] $new string The new directory path
*
* @retval boolean
*/
function renameDirBySFTP($connection_params, $old, $new) {
$cnx = connectToSSH($connection_params, true);
if (! $cnx){
return;
}
if (!$cnx -> rename($old, $new)) {
LSerror :: addErrorCode('SSH_07',array('old' => $old,'new' => $new));
return;
}
return true;
}
/**
* Exec a command throught SSH
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @param[in] $connection_params array Connection parameters
* @param[in] $cmd string The command to run on remote server
*
* @retval mixed False if connection fail and an array otherwise, with
* exit code as first value and the command outup as second
* one (stdout + stderr).
*/
function execBySSH($connection_params, $cmd) {
$cnx = connectToSSH($connection_params);
if (! $cnx){
return;
}
$result = $cnx -> exec($cmd);
$exit_status = $cnx->getExitStatus();
return array($exit_status, $result);
}