From 96dc927b5b4574a2e7dfa21aa22542d5be036a22 Mon Sep 17 00:00:00 2001 From: Lachlan Reynolds Date: Wed, 20 May 2026 11:47:47 +1200 Subject: [PATCH] Updated phpseclib to 3.0.52 --- CHANGELOG.md | 3 +++ composer.json | 2 +- composer.lock | 14 +++++------ plugin.json | 2 +- vendor/autoload_original.php | 2 +- vendor/composer/autoload_real.php | 10 ++++---- vendor/composer/autoload_static.php | 8 +++---- vendor/composer/installed.json | 14 +++++------ vendor/composer/installed.php | 10 ++++---- .../Crypt/Common/Formats/Keys/OpenSSH.php | 2 +- .../phpseclib/phpseclib/Crypt/RSA.php | 24 +++++++++++++++++++ .../phpseclib/phpseclib/File/ASN1.php | 4 ++-- .../collection/src/AbstractCollection.php | 2 +- .../collection/src/CollectionInterface.php | 2 +- vendor/prefixed/vendor/autoload.php | 2 +- .../vendor/composer/autoload_real.php | 10 ++++---- .../vendor/composer/autoload_static.php | 4 ++-- 17 files changed, 71 insertions(+), 44 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d8813591..8a90ae89 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ ## Changelog +# 5.1.8 - 2026-05-25 +- Upgraded phpseclib package to 3.0.52 + # 5.1.7 - 2026-05-11 - Upgraded phpseclib package to 3.0.51 diff --git a/composer.json b/composer.json index f8dc3ce0..c7208a21 100644 --- a/composer.json +++ b/composer.json @@ -7,7 +7,7 @@ "guzzlehttp/psr7": "^2.5.1", "guzzlehttp/promises": "^2.0.0", "paragonie/constant_time_encoding": "2.5.0", - "phpseclib/phpseclib": "3.0.51", + "phpseclib/phpseclib": "3.0.52", "phpseclib/bcmath_compat": "^2.0", "google/analytics-admin": "^0.22.2", "google/analytics-data": "^0.17.1", diff --git a/composer.lock b/composer.lock index 0a7fe2fd..a602b82d 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9ad0f2fd112b7bcff5338955e4876388", + "content-hash": "d4c2a2ec775e45c1f23cf2586aa6b949", "packages": [ { "name": "brick/math", @@ -1194,16 +1194,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.51", + "version": "3.0.52", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2adaefc83df2ec548558307690f376dd7d4f4fce", + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce", "shasum": "" }, "require": { @@ -1284,7 +1284,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.52" }, "funding": [ { @@ -1300,7 +1300,7 @@ "type": "tidelift" } ], - "time": "2026-04-10T01:33:53+00:00" + "time": "2026-04-27T07:02:15+00:00" }, { "name": "psr/cache", diff --git a/plugin.json b/plugin.json index 72b79529..52b98601 100644 --- a/plugin.json +++ b/plugin.json @@ -1,7 +1,7 @@ { "name": "GoogleAnalyticsImporter", "description": "Import reports from a Google Analytics account into Matomo.", - "version": "5.1.7", + "version": "5.1.8", "theme": false, "require": { "matomo": ">=5.0.0-rc5,<6.0.0-b1" diff --git a/vendor/autoload_original.php b/vendor/autoload_original.php index 24649d8c..f2f9f845 100644 --- a/vendor/autoload_original.php +++ b/vendor/autoload_original.php @@ -19,4 +19,4 @@ require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388::getLoader(); +return ComposerAutoloaderInitd4c2a2ec775e45c1f23cf2586aa6b949::getLoader(); diff --git a/vendor/composer/autoload_real.php b/vendor/composer/autoload_real.php index 2b8bde42..461f1b9c 100644 --- a/vendor/composer/autoload_real.php +++ b/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388 +class ComposerAutoloaderInitd4c2a2ec775e45c1f23cf2586aa6b949 { private static $loader; @@ -22,16 +22,16 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388', 'loadClassLoader'), true, true); + spl_autoload_register(array('ComposerAutoloaderInitd4c2a2ec775e45c1f23cf2586aa6b949', 'loadClassLoader'), true, true); self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__)); - spl_autoload_unregister(array('ComposerAutoloaderInit9ad0f2fd112b7bcff5338955e4876388', 'loadClassLoader')); + spl_autoload_unregister(array('ComposerAutoloaderInitd4c2a2ec775e45c1f23cf2586aa6b949', 'loadClassLoader')); require __DIR__ . '/autoload_static.php'; - call_user_func(\Composer\Autoload\ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::getInitializer($loader)); + call_user_func(\Composer\Autoload\ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949::getInitializer($loader)); $loader->register(true); - $filesToLoad = \Composer\Autoload\ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$files; + $filesToLoad = \Composer\Autoload\ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949::$files; $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index c11cd27c..b2d4005f 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388 +class ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949 { public static $files = array( ); @@ -245,9 +245,9 @@ class ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$prefixDirsPsr4; - $loader->classMap = ComposerStaticInit9ad0f2fd112b7bcff5338955e4876388::$classMap; + $loader->prefixLengthsPsr4 = ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949::$prefixDirsPsr4; + $loader->classMap = ComposerStaticInitd4c2a2ec775e45c1f23cf2586aa6b949::$classMap; }, null, ClassLoader::class); } diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index d9d3e689..9c943aa8 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -1245,17 +1245,17 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.51", - "version_normalized": "3.0.51.0", + "version": "3.0.52", + "version_normalized": "3.0.52.0", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2adaefc83df2ec548558307690f376dd7d4f4fce", + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce", "shasum": "" }, "require": { @@ -1273,7 +1273,7 @@ "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." }, - "time": "2026-04-10T01:33:53+00:00", + "time": "2026-04-27T07:02:15+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1338,7 +1338,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.52" }, "funding": [ { diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php index 7a0b5fc9..78cbcc27 100644 --- a/vendor/composer/installed.php +++ b/vendor/composer/installed.php @@ -3,7 +3,7 @@ 'name' => '__root__', 'pretty_version' => 'dev-5.x-dev', 'version' => 'dev-5.x-dev', - 'reference' => 'e3fa2e34a7be3de84e703bc46db14c7fad9b9b05', + 'reference' => 'cf6aecf9998921044138058665cc7e627a568eed', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), @@ -13,7 +13,7 @@ '__root__' => array( 'pretty_version' => 'dev-5.x-dev', 'version' => 'dev-5.x-dev', - 'reference' => 'e3fa2e34a7be3de84e703bc46db14c7fad9b9b05', + 'reference' => 'cf6aecf9998921044138058665cc7e627a568eed', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), @@ -197,9 +197,9 @@ 'dev_requirement' => false, ), 'phpseclib/phpseclib' => array( - 'pretty_version' => '3.0.51', - 'version' => '3.0.51.0', - 'reference' => 'd59c94077f9c9915abb51ddb52ce85188ece1748', + 'pretty_version' => '3.0.52', + 'version' => '3.0.52.0', + 'reference' => '2adaefc83df2ec548558307690f376dd7d4f4fce', 'type' => 'library', 'install_path' => __DIR__ . '/../phpseclib/phpseclib', 'aliases' => array(), diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php index c8311ec9..942f4e75 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php @@ -108,7 +108,7 @@ public static function load($key, $password = '') self::checkType($type); return compact('type', 'publicKey', 'paddedKey'); } - $parts = preg_split("#[\t ]+#", $key); + $parts = preg_split("#[\t ]+#", $key, 3); if (!isset($parts[1])) { $key = base64_decode($parts[0]); $comment = \false; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php index c04c5e35..73c912e3 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php @@ -934,6 +934,30 @@ protected function handleOpenSSL($func, $message, $signature = null) } $func = 'openssl_public_decrypt'; } + if ($this->encryptionPadding === self::ENCRYPTION_PKCS1 && \OPENSSL_VERSION_NUMBER >= 0x30200000) { + // quoting https://docs.openssl.org/3.4/man3/RSA_public_encrypt/#return-values : + // + // "Since version 3.2.0, the default provider in OpenSSL does not return an error when padding checks fail. + // Instead it generates a random message" + // + // the idea is that even a perfect implementation of PKCS1 padding can be used to conduct a Bleichenbacher + // padding oracle attack. + // + // so like if $rsa->decrypt() doesn't throw an exception it's liable to run additional code that'll take + // longer to run than it'd take if an exception would be thrown and in theory, with PKCS1, in particular, + // you can use that fact to guess at successive bits of the private key until you've figured it out. it's + // why you should use OAEP padding vs PKCS1 padding BUT if you need PKCS1 padding for interoperability then + // you're stuck with it. + // + // with the OpenSSL 3.2.0+ behavior they're making it harder to do the attack by making it harder to use PKCS1 + // in the real world. this isn't a design philosophy i agree with. like phpseclib lets you DES encryption. you + // shouldn't use DES encryption but if you need to you need to and phpseclib isn't here to judge. that's a big + // difference between phpseclib and stuff like libsodium. + if (self::$forcedEngine === 'OpenSSL') { + throw new BadConfigurationException('Engine OpenSSL is forced but cannot be used to decrypt PKCS1 encrypted strings with OpenSSL 3.2.0+'); + } + return null; + } $hash = $this->hash->getHash(); $output = ''; switch ($this->encryptionPadding) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1.php index b1532a5d..759d69aa 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1.php @@ -1080,8 +1080,8 @@ public static function decodeOID($content) $pos = 0; $len = strlen($content); // see https://github.com/openjdk/jdk/blob/2deb318c9f047ec5a4b160d66a4b52f93688ec42/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java#L55 - if ($len > 4096) { - //throw new \RuntimeException("Object identifier size is limited to 4096 bytes ($len bytes present)"); + if ($len > 128) { + //throw new \RuntimeException("Object identifier size is limited to 128 bytes ($len bytes present)"); return \false; } if (ord($content[$len - 1]) & 0x80) { diff --git a/vendor/prefixed/ramsey/collection/src/AbstractCollection.php b/vendor/prefixed/ramsey/collection/src/AbstractCollection.php index cdb7d2b0..7c861a30 100644 --- a/vendor/prefixed/ramsey/collection/src/AbstractCollection.php +++ b/vendor/prefixed/ramsey/collection/src/AbstractCollection.php @@ -142,7 +142,7 @@ public function last() * on the elements in this collection. * @throws UnsupportedOperationException if unable to call sort() on this * collection. - * @param string $order + * @param \Matomo\Dependencies\GoogleAnalyticsImporter\Ramsey\Collection\Sort::* $order */ public function sort(?string $propertyOrMethod = null, $order = Sort::Ascending) : CollectionInterface { diff --git a/vendor/prefixed/ramsey/collection/src/CollectionInterface.php b/vendor/prefixed/ramsey/collection/src/CollectionInterface.php index b540d807..fe4d7bbd 100644 --- a/vendor/prefixed/ramsey/collection/src/CollectionInterface.php +++ b/vendor/prefixed/ramsey/collection/src/CollectionInterface.php @@ -127,7 +127,7 @@ public function last(); * collection. * @param \Matomo\Dependencies\GoogleAnalyticsImporter\Ramsey\Collection\Sort::* $order */ - public function sort(?string $propertyOrMethod = null, string $order = Sort::Ascending) : self; + public function sort(?string $propertyOrMethod = null, $order = Sort::Ascending) : self; /** * Filter out items of the collection which don't match the criteria of * given callback. diff --git a/vendor/prefixed/vendor/autoload.php b/vendor/prefixed/vendor/autoload.php index 542ea3c1..47b099b1 100644 --- a/vendor/prefixed/vendor/autoload.php +++ b/vendor/prefixed/vendor/autoload.php @@ -19,4 +19,4 @@ require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8::getLoader(); +return ComposerAutoloaderInit526446545a9da3fde3e54e1f061b247e::getLoader(); diff --git a/vendor/prefixed/vendor/composer/autoload_real.php b/vendor/prefixed/vendor/composer/autoload_real.php index 92bdd97b..718894e2 100644 --- a/vendor/prefixed/vendor/composer/autoload_real.php +++ b/vendor/prefixed/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8 +class ComposerAutoloaderInit526446545a9da3fde3e54e1f061b247e { private static $loader; @@ -22,16 +22,16 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8', 'loadClassLoader'), true, true); + spl_autoload_register(array('ComposerAutoloaderInit526446545a9da3fde3e54e1f061b247e', 'loadClassLoader'), true, true); self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__)); - spl_autoload_unregister(array('ComposerAutoloaderInit0eb2d5cf2bdd3869304df4dfdbd257e8', 'loadClassLoader')); + spl_autoload_unregister(array('ComposerAutoloaderInit526446545a9da3fde3e54e1f061b247e', 'loadClassLoader')); require __DIR__ . '/autoload_static.php'; - call_user_func(\Composer\Autoload\ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::getInitializer($loader)); + call_user_func(\Composer\Autoload\ComposerStaticInit526446545a9da3fde3e54e1f061b247e::getInitializer($loader)); $loader->register(true); - $filesToLoad = \Composer\Autoload\ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::$files; + $filesToLoad = \Composer\Autoload\ComposerStaticInit526446545a9da3fde3e54e1f061b247e::$files; $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; diff --git a/vendor/prefixed/vendor/composer/autoload_static.php b/vendor/prefixed/vendor/composer/autoload_static.php index a9584a52..a697f8a6 100644 --- a/vendor/prefixed/vendor/composer/autoload_static.php +++ b/vendor/prefixed/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8 +class ComposerStaticInit526446545a9da3fde3e54e1f061b247e { public static $files = array ( '3b866681a14a27c0c8adec54ba7f6a5c' => __DIR__ . '/../..' . '/google/apiclient/src/aliases.php', @@ -2176,7 +2176,7 @@ class ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->classMap = ComposerStaticInit0eb2d5cf2bdd3869304df4dfdbd257e8::$classMap; + $loader->classMap = ComposerStaticInit526446545a9da3fde3e54e1f061b247e::$classMap; }, null, ClassLoader::class); }