Re: SSH Tunneling implementation

On Fri, 2012-07-13 at 09:32 +0100, Dave Page wrote:
> On Fri, Jul 13, 2012 at 7:57 AM, Akshay Joshi
> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
> >
> >
> > On Thu, Jul 12, 2012 at 5:44 PM, Magnus Hagander <magnus(at)hagander(dot)net>
> > wrote:
> >>
> >> On Thu, Jul 12, 2012 at 2:06 PM, Akshay Joshi
> >> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
> >> >
> >> >
> >> > On Thu, Jul 12, 2012 at 5:21 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> >> >>
> >> >> On Thu, Jul 12, 2012 at 12:04 PM, Akshay Joshi
> >> >> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
> >> >> > Hi All
> >> >> >
> >> >> > I have tried a lot to figure out libssh2 is compiled with which
> >> >> > crypto
> >> >> > library, but unable to find it. Can someone guide/help me or do we
> >> >> > continue
> >> >> > with the public key option on UI?
> >> >>
> >> >> The libssh2 guys couldn't tell you how?
> >> >
> >> >
> >> > I'll post this on mailing list, but I have found one solution to the
> >> > problem is checking the function "libssh2_md5" using AC_CHECK_LIB as
> >> > below
> >> > AC_CHECK_LIB(ssh2, libssh2_md5, [IS_LIBSSH2_OPENSSL_CRYPTO=yes],
> >> > [IS_LIBSSH2_OPENSSL_CRYPTO=no])
> >> >
> >> > I have analyze libssh2 source code and found "libssh2_md5" is
> >> > implemented
> >> > only for openssl version not for the gcrypt. I have tested it with both
> >> > the version of libssh2.so.
> >> >
> >> > Thoughts? Comments?
> >>
> >> Is there a way to test the actual function that we want to call
> >> instead? Will it fail right away, or does it actually require there to
> >> be a server somewhere that we can connect to? (If it requires a server
> >> we can't use that one in configure, but if it will fail right away,
> >> that seems like a better way to test it.
> >
> >
> > To check the actual function we requires a valid server. Yesterday I have
> > posted the problem to the libssh2 mailing list, but still didn't get
> > response.Meanwhile
> > I have fixed the review comments given by Dave. Attached is the complete
> > patch with
> > AC_CHECK_LIB(ssh2, libssh2_md5 [IS_LIBSSH2_OPENSSL_CRYPTO=yes],
> > [IS_LIBSSH2_OPENSSL_CRYPTO=no]) and it works with both version of
> > libssh2.
> >
> > Can we include libssh2 source code with pgAdmin3 to solve the problem?
> > Thoughts??Comments?
>
> I discussed that with Ashesh on Skype yesterday - I thought he was
> going to post to the list. Magnus suggested that option, and I'm
> beginning to think it's the way forward. The licence is compatible
> from what I can see, so that shouldn't be a problem. Then, we'd just
> modify the configure script to add a dependency on OpenSSL instead.
>
> If we do that though, we'd need to make it work if OpenSSL isn't
> available on the build platform. I'd suggest that if configure isn't
> given a valid OpenSSL installation (or can't find one), then we just
> disable all the tunnelling options - just surround the appropriate
> code in #ifdef OPENSSL or something and hide the tab on dlgServer.
>
> Anyone have any thoughts or objections to doing it that way?
>

My only objection would be that we'll add yet another code in the
repository. I mean, we already have ogl, and gcc complains each time it
compiles it. So we already havd ogl that we added but don't maintain. If
we add also libssh2, just to be clear, I don't want to maintain it.
Someone else will have to do this (just like ogl).

--
Guillaume
http://blog.guillaume.lelarge.info
http://www.dalibo.com