Welcome to the wolfSSL Forums!

jonathan.gebbie · 2023-09-25 04:24:46

jonathan.gebbie
Member
Offline

Registered: 2023-09-25
Posts: 5

Topic: wolfSSH_SFTP_connect does not return if username/password incorrect

I'm trying to get a very simple SFTP client runnning, based on the example SFTP client in wolfSSH.
I'm currently using just username and password to log in (no SSH keys or certificates etc).
I need the client code to return an error if it can't connect because of incorrect username/password, but wolfSSH_SFTP_connect doesn't ever return if username/password is incorrect - there seems to be no timeout.
The example SFTP client does this.
How can I modify it so it returns an error on login failure?

jonathan.gebbie · 2023-09-25 07:07:54

jonathan.gebbie
Member
Offline

Registered: 2023-09-25
Posts: 5

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

Updates: having run with debug logging enabled, it seems that the code gets stuck in a loop where it calls DoUserAuthFailure to process a MSGID_USERAUTH_FAILURE, and then calls SendUserAuthRequest presumably to repeat the authorisation request. Is there a way to terminate this loop when all authorisation methods have been tried?

john · 2023-09-25 09:40:01

john
Moderator
Offline

From: Seattle, WA
Registered: 2011-11-14
Posts: 148

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

Which version of wolfSSH are you using? The current master branch in GitHub repo?

jonathan.gebbie · 2023-09-26 02:13:45

jonathan.gebbie
Member
Offline

Registered: 2023-09-25
Posts: 5

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

Hi John, thanks for your reply. I downloaded the master branch on 15th Sept so I'm currently using commit 79bc747.

jonathan.gebbie · 2023-09-27 02:36:26

jonathan.gebbie
Member
Offline

Registered: 2023-09-25
Posts: 5

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

Update: I've now rebuilt with the latest master branch and it's the same.
Running echoserver and then ./wolfsftp -h 127.0.0.1 -p 22222 -u jill -P upthehill works fine.
However with incorrect username:
./wolfsftp -h 127.0.0.1 -p 22222 -u jillx -P upthehill
wolfsftp does not report an error, continuously trys to authenticate and doesn't stop even with control-C.

jonathan.gebbie · 2023-10-17 02:57:24

jonathan.gebbie
Member
Offline

Registered: 2023-09-25
Posts: 5

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

SOLUTION: it seems this is a server rather than a client issue. When I use the example sftpclient with a generic Linux SFTP server, if the username or password is incorrect it reports failure to connect after about 20 seconds - which is fine. So it seems that the issue is with the example echoserver implementation rather than the client.

Welcome to the wolfSSL Forums!

wolfSSH_SFTP_connect does not return if username/password incorrect

Posts: 6

1 Topic by jonathan.gebbie 2023-09-25 04:24:46

Topic: wolfSSH_SFTP_connect does not return if username/password incorrect

2 Reply by jonathan.gebbie 2023-09-25 07:07:54

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

3 Reply by john 2023-09-25 09:40:01

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

4 Reply by jonathan.gebbie 2023-09-26 02:13:45

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

5 Reply by jonathan.gebbie 2023-09-27 02:36:26

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

6 Reply by jonathan.gebbie 2023-10-17 02:57:24

Re: wolfSSH_SFTP_connect does not return if username/password incorrect

Posts: 6