Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtp (Exim 4.80) (envelope-from ) id 1a47Mc-0008Ok-M8 for pgadmin-hackers@arkaria.postgresql.org; Wed, 02 Dec 2015 13:22:30 +0000 Received: from localhost ([127.0.0.1] helo=postgresql.org) by malur.postgresql.org with smtp (Exim 4.84) (envelope-from ) id 1a47Mc-0001wJ-7O for pgadmin-hackers@arkaria.postgresql.org; Wed, 02 Dec 2015 13:22:30 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.84) (envelope-from ) id 1a47MO-0001Tb-8y for pgadmin-hackers@postgresql.org; Wed, 02 Dec 2015 13:22:16 +0000 Received: from mail-ob0-x22c.google.com ([2607:f8b0:4003:c01::22c]) by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.84) (envelope-from ) id 1a47MJ-0003KX-IJ for pgadmin-hackers@postgresql.org; Wed, 02 Dec 2015 13:22:15 +0000 Received: by obbbj7 with SMTP id bj7so32115999obb.1 for ; Wed, 02 Dec 2015 05:22:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=enterprisedb-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=lVGttBFyqrHtwRnoX1NVpPpLBNZAiH56N5WF4e7qUMo=; b=xtpdr0+lojb69FxNqMjQ2xqnMLcL1iPVQnr+Z2AkEV8a6hdz7GN1pIkEBOW5et7gBk UCwMplVv3aB05zAGGizq0WPr9JLzzP8aRiNgnaOJacNhEwJaz8NeORnZ3kVQbSXV+Qon oRdqJkRjZkunNZ/M6pAzEd03jGXDHQWwSQxFUqb2Uu3ItRZ9U2khd/AJ43sAMPe/RBRP odD0UDTLxQlWa04LqhH1I+qZPDyDpBOfP05cgdPrgkv8gSPXrs490wygMnnos4skKPMQ gVaCbiymC8QNu8mIiu1Vc4Tnp9NW9oM4kPNCDNsl++q8j9fxPrxE71DTyetSBVTDPF8g LUmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=lVGttBFyqrHtwRnoX1NVpPpLBNZAiH56N5WF4e7qUMo=; b=nLu0Z+ksJ0aeuZdKml6qhdQjuuGvFgN2AKHdFCcocEjzs32CtONcDDryOyUV9pB4wF 4P2K10xvvEVK2qvPtT1Tp+ZVNpU/0qVLlrLGkk+3rnqzw+hz8Jx2i6xkd/5ChdU1TEeb ZrJK0IRw41q6z5RLZqId4kAr5Z3aZKMybGOSjHf1C6v21onVm39sMrQ6iw/9A9STGZLf bvxoxxy/MnAB2OCriXgGvGApdRXS6KK3v3PFdiJ5HkS4VQxGgTWXu5VNYcMIiFa5VZlc r3KyVk2EsHj3awm3GzIblOi1tvJGojaXTD5F7xFaLQem/+8yXof1WlQ5kP2CtEut1uE3 1RnA== X-Gm-Message-State: ALoCoQkMpo2CPFjbd2Eey7yniileI9rwQoEcmLVqJldKkDu4gPPdamwOpBTzn/QhfGrdV535kpoB MIME-Version: 1.0 X-Received: by 10.182.200.201 with SMTP id ju9mr2609922obc.30.1449062529018; Wed, 02 Dec 2015 05:22:09 -0800 (PST) Received: by 10.202.80.5 with HTTP; Wed, 2 Dec 2015 05:22:08 -0800 (PST) In-Reply-To: References: <48AA5EAC-64A6-466E-9900-E32EDD4187C0@pgadmin.org> Date: Wed, 2 Dec 2015 18:52:08 +0530 Message-ID: Subject: Re: [pgadmin-support] SSH tunnel key exchange methods From: Akshay Joshi To: Ashesh Vashi Cc: Dave Page , Sven , pgAdmin Support , pgadmin-hackers Content-Type: multipart/alternative; boundary=001a11c252844cc22a0525ea2954 X-Pg-Spam-Score: -2.6 (--) List-Archive: List-Help: List-ID: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-Mailing-List: pgadmin-hackers Precedence: bulk Sender: pgadmin-hackers-owner@postgresql.org --001a11c252844cc22a0525ea2954 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, Dec 2, 2015 at 6:35 PM, Ashesh Vashi wrote: > On Wed, Dec 2, 2015 at 6:34 PM, Dave Page wrote: > >> >> >> On Wed, Dec 2, 2015 at 9:59 AM, Ashesh Vashi < >> ashesh.vashi@enterprisedb.com> wrote: >> >>> >>> On Wed, Dec 2, 2015 at 3:27 PM, Akshay Joshi < >>> akshay.joshi@enterprisedb.com> wrote: >>> >>>> >>>> >>>> On Wed, Dec 2, 2015 at 3:20 PM, Dave Page wrote: >>>> >>>>> Hi >>>>> >>>>> On Wed, Dec 2, 2015 at 9:19 AM, Akshay Joshi < >>>>> akshay.joshi@enterprisedb.com> wrote: >>>>> >>>>>> Hi Dave >>>>>> >>>>>> I have updated the *libssh2* library with the latest available code >>>>>> on their git repository. The new code used "diffie-hellman-group-exc= hange-sha256" algorithm for >>>>>> key exchange and they also fixed some memory leak. I have verified i= t by >>>>>> putting the breakpoint in the libssh2 code, so when we called " >>>>>> libssh2_session_init()" it will automatically call "static int diffi= e >>>>>> _hellman_sha256(...)" function, but I don't know exactly how to >>>>>> identify the key exchange method (sha1 or sha256) used by the latest >>>>>> libssh2 library. >>>>>> >>>>>> I have tested the pgadmin3 after updating the libssh2 library on >>>>>> CentOS 6.5 (64 bit) and it works fine. I have also modified the code >>>>>> to add human readable error message returned by the library. Attache= d >>>>>> is the patch file. Can you please review it and if it looks good can= you >>>>>> please commit the code. >>>>>> >>>>> >>>>> I'm seeing the following build error on OS X 10.7: >>>>> >>>>> depbase=3D`echo libssh2/agent.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\ >>>>> ccache gcc -Qunused-arguments -DHAVE_CONFIG_H -I. -I.. >>>>> -I../pgadmin/include/libssh2 -I../pgadmin/include >>>>> -I../pgadmin/include/libssh2 -I/usr/local/pgsql-9.5/include >>>>> -I/usr/local/pgsql-9.5/include/server -I/usr/local/pgsql-9.5/include >>>>> -DPG_SSL -DHAVE_CONNINFO_PARSE >>>>> -I/usr/local/lib/wx/include/mac-unicode-release-static-2.8 >>>>> -I/usr/local/include/wx-2.8 -D_FILE_OFFSET_BITS=3D64 -D_LARGE_FILES >>>>> -D__WXMAC__ -DEMBED_XRC -arch i386 -I/usr/include/libxml2 >>>>> -I/opt/local/include/libxml2 -DHAVE_OPENSSL_CRYPTO -O2 -MT libssh2/a= gent.o >>>>> -MD -MP -MF $depbase.Tpo -c -o libssh2/agent.o libssh2/agent.c &&\ >>>>> mv -f $depbase.Tpo $depbase.Po >>>>> In file included from ../pgadmin/include/libssh2/libssh2_priv.h:136, >>>>> from libssh2/agent.c:41: >>>>> ../pgadmin/include/libssh2/crypto.h:53: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>>> token >>>>> ../pgadmin/include/libssh2/crypto.h:69: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>>> token >>>>> ../pgadmin/include/libssh2/crypto.h:73: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>>> token >>>>> ../pgadmin/include/libssh2/crypto.h:78: error: expected declaration >>>>> specifiers or =E2=80=98...=E2=80=99 before =E2=80=98libssh2_rsa_ctx= =E2=80=99 >>>>> ../pgadmin/include/libssh2/crypto.h:83: error: expected =E2=80=98)=E2= =80=99 before =E2=80=98*=E2=80=99 >>>>> token >>>>> ../pgadmin/include/libssh2/crypto.h:115: error: expected =E2=80=98)= =E2=80=99 before >>>>> =E2=80=98*=E2=80=99 token >>>>> ../pgadmin/include/libssh2/crypto.h:120: error: expected =E2=80=98)= =E2=80=99 before >>>>> =E2=80=98*=E2=80=99 token >>>>> In file included from libssh2/agent.c:41: >>>>> ../pgadmin/include/libssh2/libssh2_priv.h:240: error: >>>>> =E2=80=98SHA256_DIGEST_LENGTH=E2=80=99 undeclared here (not in a func= tion) >>>>> ../pgadmin/include/libssh2/libssh2_priv.h:245: error: expected >>>>> specifier-qualifier-list before =E2=80=98_libssh2_bn_ctx=E2=80=99 >>>>> ../pgadmin/include/libssh2/libssh2_priv.h:267: error: expected >>>>> specifier-qualifier-list before =E2=80=98_libssh2_bn=E2=80=99 >>>>> ../pgadmin/include/libssh2/libssh2_priv.h:604: error: >>>>> =E2=80=98SHA_DIGEST_LENGTH=E2=80=99 undeclared here (not in a functio= n) >>>>> ../pgadmin/include/libssh2/libssh2_priv.h:899: error: expected >>>>> specifier-qualifier-list before =E2=80=98_libssh2_cipher_type=E2=80= =99 >>>>> libssh2/agent.c: In function =E2=80=98agent_connect_unix=E2=80=99: >>>>> libssh2/agent.c:150: warning: assignment makes pointer from integer >>>>> without a cast >>>>> make[3]: *** [libssh2/agent.o] Error 1 >>>>> make[2]: *** [all] Error 2 >>>>> make[1]: *** [all-recursive] Error 1 >>>>> make: *** [all] Error 2 >>>>> >>>> >>>> I have modified the configure.ac.in and added "-DLIBSSH2_OPENSSL" >>>> to solve the above. You need to run the configure command again. >>>> >>> You also needs to rerun the bootstrap script. >>> >> >> OK, it works for me on Windows and OSX. Ashesh, can you give it a >> review/commit please? >> > I think - it has been merged with the development version of libssh2. > Akshay - can you please mention the commit-id and repository url from > which it has been merged with. > git@github.com:libssh2/libssh2.git commit 51dcded3ebd6bde7d6fd847ed6461da4a4522506 > > > -- > > Thanks & Regards, > > Ashesh Vashi > EnterpriseDB INDIA: Enterprise PostgreSQL Company > > > > *http://www.linkedin.com/in/asheshvashi* > > >> >> Thanks. >> >> -- >> Dave Page >> Blog: http://pgsnake.blogspot.com >> Twitter: @pgsnake >> >> EnterpriseDB UK: http://www.enterprisedb.com >> The Enterprise PostgreSQL Company >> > > --=20 *Akshay Joshi* *Principal Software Engineer * *Phone: +91 20-3058-9517Mobile: +91 976-788-8246* --001a11c252844cc22a0525ea2954 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


On Wed, Dec 2, 2015 at 6:35 PM, Ashesh Vashi <ashesh.vashi= @enterprisedb.com> wrote:
On Wed, Dec 2, 2015 at 6:34 PM, Dave Page <dpage@pgadmin.org> wrote:
<= br>

On W= ed, Dec 2, 2015 at 9:59 AM, Ashesh Vashi <ashesh.vashi@enterpr= isedb.com> wrote:

<= div class=3D"gmail_extra">
On Wed, Dec 2, 2015 at 3:27 PM, Akshay = Joshi <akshay.joshi@enterprisedb.com> wrote:
=


On Wed, Dec 2, 2015 at 3:20 PM, Dave Page <dpage@pgadmin.org>= wrote:
Hi

On Wed, Dec 2, 2015 at 9:19 AM, = Akshay Joshi <akshay.joshi@enterprisedb.com> wro= te:
Hi Dave=C2=A0

I have updated the libssh2 library with the latest avail= able code on their git repository. The new code used=C2=A0"diffie<= /span>-hellman-gr= oup-exchange-sha256"=C2=A0algo= rithm=C2=A0for key=C2=A0exchange and they also fixed some memory leak. I ha= ve verified it by putting the breakpoint in the libssh2 code, = so when we called "libssh2_session_init()" it will automatically call &quo= t;static int diffie_hel= lman_sha256(...)" function, b<= /span>ut I don't know exa= ctly how to identify the key exchange method (sha1 or sha256) used by the l= atest libssh2 library.
I have tested the pgad= min3 after updating the libssh2 library on CentOS 6.5 (64 bit)= and it works fine. I have also modified the code to add human=C2=A0readabl= e error=C2=A0message returned by the library.=C2=A0Attached is the patch file. Can you please review it and if= it looks good can you please commit the code.

I'm seeing the following build error on O= S X 10.7:

depbase=3D`echo libssh2/agent.o | s= ed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
ccache gcc -Qunused-arguments -DHAVE_CONFIG_H -I= . -I.. -I../pgadmin/include/libssh2 =C2=A0-I../pgadmin/include -I../pgadmin= /include/libssh2 =C2=A0 -I/usr/local/pgsql-9.5/include -I/usr/local/pgsql-9= .5/include/server -I/usr/local/pgsql-9.5/include -DPG_SSL -DHAVE_CONNINFO_P= ARSE -I/usr/local/lib/wx/include/mac-unicode-release-static-2.8 -I/usr/loca= l/include/wx-2.8 -D_FILE_OFFSET_BITS=3D64 -D_LARGE_FILES -D__WXMAC__ -DEMBE= D_XRC -arch i386 -I/usr/include/libxml2 -I/opt/local/include/libxml2 -DHAVE= _OPENSSL_CRYPTO =C2=A0-O2 -MT libssh2/agent.o -MD -MP -MF $depbase.Tpo -c -= o libssh2/agent.o libssh2/agent.c &&\
mv -f $depbase.Tpo $depbase.Po
In file = included from ../pgadmin/include/libssh2/libssh2_priv.h:136,
=C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0from libssh2/age= nt.c:41:
../pgadmin/include/libssh2/crypto.h:53: error: expected = =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
../pgadmin/i= nclude/libssh2/crypto.h:69: error: expected =E2=80=98)=E2=80=99 before =E2= =80=98*=E2=80=99 token
../pgadmin/include/libssh2/crypto.h:73: er= ror: expected =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
../pgadmin/include/libssh2/crypto.h:78: error: expected declaration speci= fiers or =E2=80=98...=E2=80=99 before =E2=80=98libssh2_rsa_ctx=E2=80=99
../pgadmin/include/libssh2/crypto.h:83: error: expected =E2=80=98)= =E2=80=99 before =E2=80=98*=E2=80=99 token
../pgadmin/include/lib= ssh2/crypto.h:115: error: expected =E2=80=98)=E2=80=99 before =E2=80=98*=E2= =80=99 token
../pgadmin/include/libssh2/crypto.h:120: error: expe= cted =E2=80=98)=E2=80=99 before =E2=80=98*=E2=80=99 token
In file= included from libssh2/agent.c:41:
../pgadmin/include/libssh2/lib= ssh2_priv.h:240: error: =E2=80=98SHA256_DIGEST_LENGTH=E2=80=99 undeclared h= ere (not in a function)
../pgadmin/include/libssh2/libssh2_priv.h= :245: error: expected specifier-qualifier-list before =E2=80=98_libssh2_bn_= ctx=E2=80=99
../pgadmin/include/libssh2/libssh2_priv.h:267: error= : expected specifier-qualifier-list before =E2=80=98_libssh2_bn=E2=80=99
../pgadmin/include/libssh2/libssh2_priv.h:604: error: =E2=80=98SHA_= DIGEST_LENGTH=E2=80=99 undeclared here (not in a function)
../pga= dmin/include/libssh2/libssh2_priv.h:899: error: expected specifier-qualifie= r-list before =E2=80=98_libssh2_cipher_type=E2=80=99
libssh2/agen= t.c: In function =E2=80=98agent_connect_unix=E2=80=99:
libssh2/ag= ent.c:150: warning: assignment makes pointer from integer without a cast
make[3]: *** [libssh2/agent.o] Error 1
make[2]: *** [all]= Error 2
make[1]: *** [all-recursive] Error 1
make: ***= [all] Error 2

=C2=A0 =C2=A0 I have modified the configure.ac.in and added "-DLIBSSH2_OPE= NSSL" to solve the above. You need to run the configure command again.= =C2=A0
You also needs = to rerun the bootstrap script.
OK, it works for me on Windows and OSX. Ashesh, can= you give it a review/commit please?
I think - it has been merged with the development version of= libssh2.
Akshay - can you please mention the commit-id and r= epository url from which it has been merged with.

=C2=A0 =C2=A0=C2=A0git@github.com:libssh2/libss= h2.git=C2=A0
=C2=A0 commit=C2=A051dcded3ebd6bde7d6fd847ed64= 61da4a4522506=C2=A0


=

--

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company


http://www.linkedin.com/in/asheshvashi


Thanks.=C2=A0
<= /div>

--
Dave Page
Blog: <= a href=3D"http://pgsnake.blogspot.com" target=3D"_blank">http://pgsnake.blo= gspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.comThe Enterprise PostgreSQL Company




--
Akshay Joshi
Principal Software Engineer=C2= =A0


=
Pho= ne: +91 20-3058-9517
Mobile: +91 976-788-8246
--001a11c252844cc22a0525ea2954--