Re: [pgadmin-support] SSH tunnel key exchange methods

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Ashesh Vashi <[email protected]>
To: Dave Page <[email protected]>
Cc: Akshay Joshi <[email protected]>
Cc: Sven <[email protected]>
Cc: pgAdmin Support <[email protected]>
Cc: pgadmin-hackers <[email protected]>
Subject: Re: [pgadmin-support] SSH tunnel key exchange methods
Date: Tue, 8 Dec 2015 18:35:21 +0530
Message-ID: <CAG7mmoxda_4tk3zirFnwgaX-6ZP9ZF1UPevQeKCOzhqs67gVBQ@mail.gmail.com> (raw)
In-Reply-To: <CA+OCxoyLPx9TWDbYyE7hsjp5ESFNKVH2dUzuqq8p89sOg=+Jrw@mail.gmail.com>
References: <[email protected]>
	<CA+OCxozWb1AMK_mOOZo_QF1w5i=4bx=MoO=Q2UavPihZ54aWJA@mail.gmail.com>
	<CANxoLDdJT6KXXTZ860DdopC8Txb6Pd2yX3NvZudb_HhwYxrU+w@mail.gmail.com>
	<CANxoLDfRohWSnXsFxBv+bPFugUaDPBYXpTeQDcbPQy7j=_cW2g@mail.gmail.com>
	<[email protected]>
	<CANxoLDdJRxU2itw=8GS98k7_+Pd1O6POs4DGauXkxWZC89P9aQ@mail.gmail.com>
	<CA+OCxozDWJFWRNQ-d8FY7AeVUoodbnYOzBPpjvAuBkyswJW0Vg@mail.gmail.com>
	<CANxoLDeju=EoHhrqav=Evm2O8y_hJpyP4Uo90nWy2CHc9g1fXQ@mail.gmail.com>
	<CAG7mmoxxh4mJx1sOH6ueHwj3CMHuPwMZ8CAw4Oz=TseutJn+Yw@mail.gmail.com>
	<CA+OCxoyLPx9TWDbYyE7hsjp5ESFNKVH2dUzuqq8p89sOg=+Jrw@mail.gmail.com>
List-Unsubscribe:  <mailto:[email protected]?body=unsub%20pgadmin-hackers>

Dave,

Patch looks good to me.
But - Should we consider this as a bug fix, and commit it for 1.22.0
release?

--

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company
<http://www.enterprisedb.com;


*http://www.linkedin.com/in/asheshvashi*
<http://www.linkedin.com/in/asheshvashi;

On Wed, Dec 2, 2015 at 6:34 PM, Dave Page <[email protected]> wrote:

>
>
> On Wed, Dec 2, 2015 at 9:59 AM, Ashesh Vashi <
> [email protected]> wrote:
>
>>
>> On Wed, Dec 2, 2015 at 3:27 PM, Akshay Joshi <
>> [email protected]> wrote:
>>
>>>
>>>
>>> On Wed, Dec 2, 2015 at 3:20 PM, Dave Page <[email protected]> wrote:
>>>
>>>> Hi
>>>>
>>>> On Wed, Dec 2, 2015 at 9:19 AM, Akshay Joshi <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Dave
>>>>>
>>>>> I have updated the *libssh2* library with the latest available code
>>>>> on their git repository. The new code used "diffie-hellman-group-exchange-sha256" algorithm for
>>>>> key exchange and they also fixed some memory leak. I have verified it by
>>>>> putting the breakpoint in the libssh2 code, so when we called "
>>>>> libssh2_session_init()" it will automatically call "static int diffie_
>>>>> hellman_sha256(...)" function, but I don't know exactly how to
>>>>> identify the key exchange method (sha1 or sha256) used by the latest
>>>>> libssh2 library.
>>>>>
>>>>> I have tested the pgadmin3 after updating the libssh2 library on
>>>>> CentOS 6.5 (64 bit) and it works fine. I have also modified the code
>>>>> to add human readable error message returned by the library. Attached
>>>>> is the patch file. Can you please review it and if it looks good can you
>>>>> please commit the code.
>>>>>
>>>>
>>>> I'm seeing the following build error on OS X 10.7:
>>>>
>>>> depbase=`echo libssh2/agent.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
>>>> ccache gcc -Qunused-arguments -DHAVE_CONFIG_H -I. -I..
>>>> -I../pgadmin/include/libssh2  -I../pgadmin/include
>>>> -I../pgadmin/include/libssh2   -I/usr/local/pgsql-9.5/include
>>>> -I/usr/local/pgsql-9.5/include/server -I/usr/local/pgsql-9.5/include
>>>> -DPG_SSL -DHAVE_CONNINFO_PARSE
>>>> -I/usr/local/lib/wx/include/mac-unicode-release-static-2.8
>>>> -I/usr/local/include/wx-2.8 -D_FILE_OFFSET_BITS=64 -D_LARGE_FILES
>>>> -D__WXMAC__ -DEMBED_XRC -arch i386 -I/usr/include/libxml2
>>>> -I/opt/local/include/libxml2 -DHAVE_OPENSSL_CRYPTO  -O2 -MT libssh2/agent.o
>>>> -MD -MP -MF $depbase.Tpo -c -o libssh2/agent.o libssh2/agent.c &&\
>>>> mv -f $depbase.Tpo $depbase.Po
>>>> In file included from ../pgadmin/include/libssh2/libssh2_priv.h:136,
>>>>                  from libssh2/agent.c:41:
>>>> ../pgadmin/include/libssh2/crypto.h:53: error: expected ‘)’ before ‘*’
>>>> token
>>>> ../pgadmin/include/libssh2/crypto.h:69: error: expected ‘)’ before ‘*’
>>>> token
>>>> ../pgadmin/include/libssh2/crypto.h:73: error: expected ‘)’ before ‘*’
>>>> token
>>>> ../pgadmin/include/libssh2/crypto.h:78: error: expected declaration
>>>> specifiers or ‘...’ before ‘libssh2_rsa_ctx’
>>>> ../pgadmin/include/libssh2/crypto.h:83: error: expected ‘)’ before ‘*’
>>>> token
>>>> ../pgadmin/include/libssh2/crypto.h:115: error: expected ‘)’ before ‘*’
>>>> token
>>>> ../pgadmin/include/libssh2/crypto.h:120: error: expected ‘)’ before ‘*’
>>>> token
>>>> In file included from libssh2/agent.c:41:
>>>> ../pgadmin/include/libssh2/libssh2_priv.h:240: error:
>>>> ‘SHA256_DIGEST_LENGTH’ undeclared here (not in a function)
>>>> ../pgadmin/include/libssh2/libssh2_priv.h:245: error: expected
>>>> specifier-qualifier-list before ‘_libssh2_bn_ctx’
>>>> ../pgadmin/include/libssh2/libssh2_priv.h:267: error: expected
>>>> specifier-qualifier-list before ‘_libssh2_bn’
>>>> ../pgadmin/include/libssh2/libssh2_priv.h:604: error:
>>>> ‘SHA_DIGEST_LENGTH’ undeclared here (not in a function)
>>>> ../pgadmin/include/libssh2/libssh2_priv.h:899: error: expected
>>>> specifier-qualifier-list before ‘_libssh2_cipher_type’
>>>> libssh2/agent.c: In function ‘agent_connect_unix’:
>>>> libssh2/agent.c:150: warning: assignment makes pointer from integer
>>>> without a cast
>>>> make[3]: *** [libssh2/agent.o] Error 1
>>>> make[2]: *** [all] Error 2
>>>> make[1]: *** [all-recursive] Error 1
>>>> make: *** [all] Error 2
>>>>
>>>
>>>     I have modified the configure.ac.in and added "-DLIBSSH2_OPENSSL"
>>> to solve the above. You need to run the configure command again.
>>>
>> You also needs to rerun the bootstrap script.
>>
>
> OK, it works for me on Windows and OSX. Ashesh, can you give it a
> review/commit please?
>
> Thanks.
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>

view thread (17+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: [pgadmin-support] SSH tunnel key exchange methods
  In-Reply-To: <CAG7mmoxda_4tk3zirFnwgaX-6ZP9ZF1UPevQeKCOzhqs67gVBQ@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox