<?
##############################################################################################################
#
# SSH
#
# Developer(s): swiNg
#
# Handles communication through SSH.
#
# I recommended that you pass a fingerprint hash when connecting to host. That will verify the host before
# sending your credentials to it. Get fingerprint from the fingerprint property when connected if you don't
# already have it.
#
# If a shell is opened, the stream is kept alive until disconnected. Commands executed while shell is open
# is written to the existing stream rather than trying to execute the command directly.
#
# The destructor takes care of disconnecting if you don't run disconnect yourself.
#
# Disconnecting will try to make a clean exit before closing the connection by running the command stored in
# the cmd_exit property.
#
##############################################################################################################

##############################################################################################################
# CLASS: SSH
##############################################################################################################
class SSH {

	// set variables

	public $authed = false;				// is set to true if authed
	public $fingerprint;					// server hostkey hash
	public $cmd_delay = 1;				// default delay before reading stream after executing a command
	public $cmd_exit = "exit";		// command to execute on disconnect
	public $cmd_exit_echo = true;	// echo response after exit command

	private $connection;					// variable that holds ssh connection
	private $stream;							// variable that holds opened shell stream

	#*************************************************************************************************************
	# FUNCTION: __destruct() //
	#*************************************************************************************************************
	public function __destruct() {

		// always disconnect

		$this->Disconnect();
	}

	#*************************************************************************************************************
	# FUNCTION: Connect() // Open SSH connection.
	#*************************************************************************************************************
	public function Connect($host, $port, $fingerprint = "", $username = "", $password = "", $public_key_path = "", $private_key_path = "") {

		$this->Authed = false;

		// establish connection

		if (!($this->connection = @ssh2_connect($host, $port))) {
			throw new Exception("Could not connect to server.");
		}

		// get/verify fingerprint

		$this->fingerprint = ssh2_fingerprint($this->connection, SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX);

		if ($fingerprint) {
			if (strcmp($this->fingerprint, $fingerprint) !== 0) {
				throw new Exception("Unable to verify server identity.");
			}
		}

		// authenticate by key or password if credentials are given

		if ($username && $public_key_path && $private_key_path) {
			$this->Authed = $this->AuthByKey($username, $public_key_path, $private_key_path);
		}
		elseif ($username && $password) {
			$this->Authed = $this->AuthByPassword($username, $password);
		}
	}

	#*************************************************************************************************************
	# FUNCTION: Disconnect() // Close SSH connection.
	#*************************************************************************************************************
	public function Disconnect($run_exit_cmd = true) {

		// set variables

		$response = "";

		// execute exit command if defined and close shell stream

		if ($this->stream) {
			if ($run_exit_cmd && $this->cmd_exit) {
				$response = $this->Exec($this->cmd_exit, 1);
			}
			fclose($this->stream);
		}
		elseif ($run_exit_cmd && $this->authed) {
			$response = $this->Exec($this->cmd_exit);
		}

		// echo response

		if ($this->cmd_exit_echo) {
			echo $response;
		}

		// clean up

		$this->authed = false;
		$this->stream = null;
		$this->connection = null;
	}

	#*************************************************************************************************************
	# FUNCTION: AuthByPassword() // Authenticate using password.
	#*************************************************************************************************************
	public function AuthByPassword($username, $password) {

		if ($this->connection) {
			if(!$this->authed = @ssh2_auth_password($this->connection, $username, $password)) {
				throw new Exception("Autentication rejected by server.");
			}
		}
	}

	#*************************************************************************************************************
	# FUNCTION: AuthByKey() // Authenticate using key files.
	#*************************************************************************************************************
	public function AuthByKey($username, $public_key_path, $private_key_path) {

		// password protected public keys are not supported becase of a bug in the libssh2 build

		if ($this->connection) {
			if (!file_exists($public_key_path)) {
				throw new Exception("Failed to find public key.");
			}
			elseif (!file_exists($private_key_path)) {
				throw new Exception("Failed to find private key.");
			}
			elseif (!is_readable($public_key_path)) {
				throw new Exception("Failed to read public key.");
			}
			elseif (!is_readable($private_key_path)) {
				throw new Exception("Failed to read private key.");
			}
			elseif (!$this->authed = @ssh2_auth_pubkey_file($this->connection, $username, $public_key_path, $private_key_path)) {
				throw new Exception("Autentication rejected by server.");
			}
		}
	}

	#*************************************************************************************************************
	# FUNCTION: ReadStream() // 
	#*************************************************************************************************************
	public function ReadStream($buffer_size = 4096) {

		// read stream

		if ($this->stream) {
			$data = fread($this->stream, $buffer_size);
		}
		else {
			$data = false;
		}

		// return response

		return $data;
	}

	#*************************************************************************************************************
	# FUNCTION: Exec() // Execute a command and retrieve the response.
	#*************************************************************************************************************
	public function Exec($cmd, $delay = -1) {

		// set variables

		$data = "";

 		// use existing shell stream if aviable

		if ($this->stream) {

			// write to stream

	    fwrite($this->stream, $cmd.PHP_EOL);

			// issue delay

			if ($delay != 0) {
				sleep(($delay == -1 ? $this->cmd_delay : $delay));
			}

			// read stream

			while ($buf = fread($this->stream, 4096)) {
				$data .= $buf;
			}
		}
		else {
			if (!($stream = @ssh2_exec($this->connection, $cmd))) {
				throw new exception("Command failed.");
			}

			// fetch streams

			$err_stream = ssh2_fetch_stream($stream, SSH2_STREAM_STDERR);
			$io_stream = ssh2_fetch_stream($stream, SSH2_STREAM_STDIO);

			stream_set_blocking($err_stream, true);
			stream_set_blocking($io_stream, true);

			// read stream (stderr)

			while ($buf = fread($err_stream, 4096)) {
				$data .= $buf;
			}

			// read stream (dio)

			while ($buf = fread($io_stream, 4096)) {
				$data .= $buf;
			}

			fclose($stream);
		}

		// return response

		return $data;
	}

	#*************************************************************************************************************
	# FUNCTION: Shell() // Request shell and keep stream open.
	#*************************************************************************************************************
	public function Shell($term_type = "vt102", $delay = -1) {

		// set variables

		$data = "";

		// request shell

		if (!($this->stream = @ssh2_shell($this->connection, $term_type))) {
			throw new exception("Shell failed.");
		}

		// issue delay

		if ($delay != 0) {
			sleep(($delay == -1 ? $this->cmd_delay : $delay));
		}

		// read stream

		while ($buf = fread($this->stream, 4096)) {
			$data .= $buf;
		}

		// return response

		return $data;
	}
}
?>