Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtp (Exim 4.80) (envelope-from ) id 1a6Hxl-0004OF-GS for pgadmin-hackers@arkaria.postgresql.org; Tue, 08 Dec 2015 13:05:49 +0000 Received: from localhost ([127.0.0.1] helo=postgresql.org) by malur.postgresql.org with smtp (Exim 4.84) (envelope-from ) id 1a6Hxk-0001l0-R2 for pgadmin-hackers@arkaria.postgresql.org; Tue, 08 Dec 2015 13:05:48 +0000 Received: from makus.postgresql.org ([2001:4800:1501:1::229]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.84) (envelope-from ) id 1a6Hxk-0001kq-2H for pgadmin-hackers@postgresql.org; Tue, 08 Dec 2015 13:05:48 +0000 Received: from mail-lf0-x22d.google.com ([2a00:1450:4010:c07::22d]) by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.84) (envelope-from ) id 1a6Hxf-0004WS-UK for pgadmin-hackers@postgresql.org; Tue, 08 Dec 2015 13:05:46 +0000 Received: by lfaz4 with SMTP id z4so12206751lfa.0 for ; Tue, 08 Dec 2015 05:05:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=enterprisedb-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=T5io5ATJEsSBIlIBmTkp9pYB6tnUihWjYY9LxJmh+Rs=; b=we4hdK03zYfWyJltKqnzNRIM72oD3/Ih0Flp0OiQFOitPKXdBytDo9cYDe7bCYEohu +h8Dg6bWz3KUAF+cR21HUVJuveDGKsyTFfWifvr0JGmHH8duEFIuKXSjgI0AUMCWM+sw AMW3r3XgjhaLFA/7RLtXDRamEXYSLIZ4pwnVYU7xGS+69wYv8DIfLhzFTBKQ/XtGdOZV TcE5i9IHrg+o2DACn55r+g5SwdXV2WpYR4hcITZWIL4/zqAm7+RiGINSFTjzSgNcmoTm G4508LPmGcVU5WM9lr93Ecwf1TaWm8BWkGlDG/U4Lxg3gkicL6kbYhIGnQ1hmSQxJEMB gTDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=T5io5ATJEsSBIlIBmTkp9pYB6tnUihWjYY9LxJmh+Rs=; b=kZZBOtRN7alsg7xRuQTNvNGc2yiOB4FAzCw41z5hZjRYtjo2FCz54MlPtNxUa8NKqm ryUHzYFjSAd2v6Pu5PobsbGpv1lm1RPgWj6bXTImCWI7LhC0/4XWerUM8HNeCJLrjgTc PBJ4jM1+IUBtquTFDcYxHvlMM4Yw5aH7NwmNCB964Km5OZN/H6C6h2Eth+zqDd4aUj9s d1H+pzw7QcMDK0Qr8xegSkpbH/L2G9FqwGYd5gdkwRwF8+Keb7zrIfsC1pVvinani8pP D/4YlJoDgJfCHXu/5D3lVOvlU0Vx8OXkQFh7bD5hAI+7ClP5e/WxrHvbr2rF2Tl/YcuC qr8A== X-Gm-Message-State: ALoCoQlJBQUJPvNnOLYRTn1UPE6B8Ljw7ow/RXk0U2M+pDFrFmXLeNZlhXymKfI8qEePxRqF5EMV7BJXgc06AcOkX27Tf5w/Of4deezZI5q26Ro1RS/thhI= X-Received: by 10.25.144.5 with SMTP id s5mr1507356lfd.154.1449579941186; Tue, 08 Dec 2015 05:05:41 -0800 (PST) MIME-Version: 1.0 Received: by 10.112.95.38 with HTTP; Tue, 8 Dec 2015 05:05:21 -0800 (PST) In-Reply-To: References: <48AA5EAC-64A6-466E-9900-E32EDD4187C0@pgadmin.org> From: Ashesh Vashi Date: Tue, 8 Dec 2015 18:35:21 +0530 Message-ID: Subject: Re: [pgadmin-support] SSH tunnel key exchange methods To: Dave Page Cc: Akshay Joshi , Sven , pgAdmin Support , pgadmin-hackers Content-Type: multipart/alternative; boundary=001a114019bc77e9d5052662a1ac X-Pg-Spam-Score: -2.6 (--) List-Archive: List-Help: List-ID: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-Mailing-List: pgadmin-hackers Precedence: bulk Sender: pgadmin-hackers-owner@postgresql.org --001a114019bc77e9d5052662a1ac Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Dave, Patch looks good to me. But - Should we consider this as a bug fix, and commit it for 1.22.0 release? -- Thanks & Regards, Ashesh Vashi EnterpriseDB INDIA: Enterprise PostgreSQL Company *http://www.linkedin.com/in/asheshvashi* On Wed, Dec 2, 2015 at 6:34 PM, Dave Page wrote: > > > On Wed, Dec 2, 2015 at 9:59 AM, Ashesh Vashi < > ashesh.vashi@enterprisedb.com> wrote: > >> >> On Wed, Dec 2, 2015 at 3:27 PM, Akshay Joshi < >> akshay.joshi@enterprisedb.com> wrote: >> >>> >>> >>> On Wed, Dec 2, 2015 at 3:20 PM, Dave Page wrote: >>> >>>> Hi >>>> >>>> On Wed, Dec 2, 2015 at 9:19 AM, Akshay Joshi < >>>> akshay.joshi@enterprisedb.com> wrote: >>>> >>>>> Hi Dave >>>>> >>>>> I have updated the *libssh2* library with the latest available code >>>>> on their git repository. The new code used "diffie-hellman-group-exch= ange-sha256" algorithm for >>>>> key exchange and they also fixed some memory leak. I have verified it= by >>>>> putting the breakpoint in the libssh2 code, so when we called " >>>>> libssh2_session_init()" it will automatically call "static int diffie= _ >>>>> hellman_sha256(...)" function, but I don't know exactly how to >>>>> identify the key exchange method (sha1 or sha256) used by the latest >>>>> libssh2 library. >>>>> >>>>> I have tested the pgadmin3 after updating the libssh2 library on >>>>> CentOS 6.5 (64 bit) and it works fine. I have also modified the code >>>>> to add human readable error message returned by the library. Attached >>>>> is the patch file. Can you please review it and if it looks good can = you >>>>> please commit the code. >>>>> >>>> >>>> I'm seeing the following build error on OS X 10.7: >>>> >>>> depbase=3D`echo libssh2/agent.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\ >>>> ccache gcc -Qunused-arguments -DHAVE_CONFIG_H -I. -I.. >>>> -I../pgadmin/include/libssh2 -I../pgadmin/include >>>> -I../pgadmin/include/libssh2 -I/usr/local/pgsql-9.5/include >>>> -I/usr/local/pgsql-9.5/include/server -I/usr/local/pgsql-9.5/include >>>> -DPG_SSL -DHAVE_CONNINFO_PARSE >>>> -I/usr/local/lib/wx/include/mac-unicode-release-static-2.8 >>>> -I/usr/local/include/wx-2.8 -D_FILE_OFFSET_BITS=3D64 -D_LARGE_FILES >>>> -D__WXMAC__ -DEMBED_XRC -arch i386 -I/usr/include/libxml2 >>>> -I/opt/local/include/libxml2 -DHAVE_OPENSSL_CRYPTO -O2 -MT libssh2/ag= ent.o >>>> -MD -MP -MF $depbase.Tpo -c -o libssh2/agent.o libssh2/agent.c &&\ >>>> mv -f $depbase.Tpo $depbase.Po >>>> In file included from ../pgadmin/include/libssh2/libssh2_priv.h:136, >>>> from libssh2/agent.c:41: >>>> ../pgadmin/include/libssh2/crypto.h:53: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> ../pgadmin/include/libssh2/crypto.h:69: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> ../pgadmin/include/libssh2/crypto.h:73: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> ../pgadmin/include/libssh2/crypto.h:78: error: expected declaration >>>> specifiers or =E2=80=98...=E2=80=99 before =E2=80=98libssh2_rsa_ctx=E2= =80=99 >>>> ../pgadmin/include/libssh2/crypto.h:83: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> ../pgadmin/include/libssh2/crypto.h:115: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> ../pgadmin/include/libssh2/crypto.h:120: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>> token >>>> In file included from libssh2/agent.c:41: >>>> ../pgadmin/include/libssh2/libssh2_priv.h:240: error: >>>> =E2=80=98SHA256_DIGEST_LENGTH=E2=80=99 undeclared here (not in a funct= ion) >>>> ../pgadmin/include/libssh2/libssh2_priv.h:245: error: expected >>>> specifier-qualifier-list before =E2=80=98_libssh2_bn_ctx=E2=80=99 >>>> ../pgadmin/include/libssh2/libssh2_priv.h:267: error: expected >>>> specifier-qualifier-list before =E2=80=98_libssh2_bn=E2=80=99 >>>> ../pgadmin/include/libssh2/libssh2_priv.h:604: error: >>>> =E2=80=98SHA_DIGEST_LENGTH=E2=80=99 undeclared here (not in a function= ) >>>> ../pgadmin/include/libssh2/libssh2_priv.h:899: error: expected >>>> specifier-qualifier-list before =E2=80=98_libssh2_cipher_type=E2=80=99 >>>> libssh2/agent.c: In function =E2=80=98agent_connect_unix=E2=80=99: >>>> libssh2/agent.c:150: warning: assignment makes pointer from integer >>>> without a cast >>>> make[3]: *** [libssh2/agent.o] Error 1 >>>> make[2]: *** [all] Error 2 >>>> make[1]: *** [all-recursive] Error 1 >>>> make: *** [all] Error 2 >>>> >>> >>> I have modified the configure.ac.in and added "-DLIBSSH2_OPENSSL" >>> to solve the above. You need to run the configure command again. >>> >> You also needs to rerun the bootstrap script. >> > > OK, it works for me on Windows and OSX. Ashesh, can you give it a > review/commit please? > > Thanks. > > -- > Dave Page > Blog: http://pgsnake.blogspot.com > Twitter: @pgsnake > > EnterpriseDB UK: http://www.enterprisedb.com > The Enterprise PostgreSQL Company > --001a114019bc77e9d5052662a1ac Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Dave,

Patch looks good to me.
But - Should we consider this as a bug fix, and commit it for 1.22.0 re= lease?

--

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company<= /p>

<= br>

<= a href=3D"http://www.linkedin.com/in/asheshvashi" target=3D"_blank">http= ://www.linkedin.com/in/asheshvashi


On Wed, Dec 2, 2015 at 6:34 PM, Dave Page <= dpage@pgadmin.org> wrote:
<= div dir=3D"ltr">

On Wed, Dec 2, 2015 at 9:59 AM, Ashesh Vashi <ashesh.vashi@enterprisedb.com> wrote:

On Wed, Dec 2, 2015 at 3:27 PM, Akshay Joshi <akshay.jos= hi@enterprisedb.com> wrote:


On Wed, Dec 2, 2015 at 3:20 PM, Dave Page <dpage@pgadmin.org&g= t; wrote:
Hi

On Wed, Dec 2, 2015 at 9:19 AM, Akshay Joshi <akshay.joshi@= enterprisedb.com> wrote:
Hi Dave=C2=A0

=
I have updated the libssh2 library with the latest available co= de on their git repository. The new code used=C2=A0"diffie<= /span>-hellman-group-exchange-sha256"=C2=A0algorithm= =C2=A0for key=C2=A0exchange and they also fixed some memory leak. I have ve= rified it by putting the breakpoint in the libssh2 code, so wh= en we called "libssh2_session_init()<= span style=3D"font-size:12.8px">" it will automatically call "static int diffie_hellman<= /span>_sha256(...)" function, but I don't know exactly = how to identify the key exchange method (sha1 or sha256) used by the latest= libssh2 library.

I have tested the pgadmin3 = after updating the libssh2 library on CentOS 6.5 (64 bit) and = it works fine. I have also modified the code to add human=C2=A0readable err= or=C2=A0message returned by the library.=C2=A0Attached is the patch file. Can you please review it and if it l= ooks good can you please commit the code.

I'm seeing the following build error on OS X 1= 0.7:

depbase=3D`echo libssh2/agent.o | sed &#= 39;s|[^/]*$|.deps/&|;s|\.o$||'`;\
ccache gcc -Qunused-arguments -DHAVE_CONFIG_H -I. -I.= . -I../pgadmin/include/libssh2 =C2=A0-I../pgadmin/include -I../pgadmin/incl= ude/libssh2 =C2=A0 -I/usr/local/pgsql-9.5/include -I/usr/local/pgsql-9.5/in= clude/server -I/usr/local/pgsql-9.5/include -DPG_SSL -DHAVE_CONNINFO_PARSE = -I/usr/local/lib/wx/include/mac-unicode-release-static-2.8 -I/usr/local/inc= lude/wx-2.8 -D_FILE_OFFSET_BITS=3D64 -D_LARGE_FILES -D__WXMAC__ -DEMBED_XRC= -arch i386 -I/usr/include/libxml2 -I/opt/local/include/libxml2 -DHAVE_OPEN= SSL_CRYPTO =C2=A0-O2 -MT libssh2/agent.o -MD -MP -MF $depbase.Tpo -c -o lib= ssh2/agent.o libssh2/agent.c &&\
mv -f $depbase.Tpo $depbase.Po
In file inclu= ded from ../pgadmin/include/libssh2/libssh2_priv.h:136,
=C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0from libssh2/agent.c= :41:
../pgadmin/include/libssh2/crypto.h:53: error: expected =E2= =80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
../pgadmin/incl= ude/libssh2/crypto.h:69: error: expected =E2=80=98)=E2=80=99 before =E2=80= =98*=E2=80=99 token
../pgadmin/include/libssh2/crypto.h:73: error= : expected =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
.= ./pgadmin/include/libssh2/crypto.h:78: error: expected declaration specifie= rs or =E2=80=98...=E2=80=99 before =E2=80=98libssh2_rsa_ctx=E2=80=99
<= div>../pgadmin/include/libssh2/crypto.h:83: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 token
../pgadmin/include/libssh= 2/crypto.h:115: error: expected =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80= =99 token
../pgadmin/include/libssh2/crypto.h:120: error: expecte= d =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
In file in= cluded from libssh2/agent.c:41:
../pgadmin/include/libssh2/libssh= 2_priv.h:240: error: =E2=80=98SHA256_DIGEST_LENGTH=E2=80=99 undeclared here= (not in a function)
../pgadmin/include/libssh2/libssh2_priv.h:24= 5: error: expected specifier-qualifier-list before =E2=80=98_libssh2_bn_ctx= =E2=80=99
../pgadmin/include/libssh2/libssh2_priv.h:267: error: e= xpected specifier-qualifier-list before =E2=80=98_libssh2_bn=E2=80=99
=
../pgadmin/include/libssh2/libssh2_priv.h:604: error: =E2=80=98SHA_DIG= EST_LENGTH=E2=80=99 undeclared here (not in a function)
../pgadmi= n/include/libssh2/libssh2_priv.h:899: error: expected specifier-qualifier-l= ist before =E2=80=98_libssh2_cipher_type=E2=80=99
libssh2/agent.c= : In function =E2=80=98agent_connect_unix=E2=80=99:
libssh2/agent= .c:150: warning: assignment makes pointer from integer without a cast
=
make[3]: *** [libssh2/agent.o] Error 1
make[2]: *** [all] Er= ror 2
make[1]: *** [all-recursive] Error 1
make: *** [a= ll] Error 2

=
=C2=A0 =C2=A0 I have modified the configure.ac.in and added "-DLIBSSH2_OPENSS= L" to solve the above. You need to run the configure command again.=C2= =A0
You also needs to = rerun the bootstrap script.

OK, it works for me on Windows and OSX. Ashesh, can yo= u give it a review/commit please?

Thanks.=C2=A0

--
Dave Page
Blog: http://pgsnake.blogs= pot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
= The Enterprise PostgreSQL Company
--001a114019bc77e9d5052662a1ac--