EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to make a clean SFTP client disconnect

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#8718
Posted: 01/23/2009 13:57:33
by Janusch Skubatz (Standard support level)
Joined: 08/20/2008
Posts: 4

Hi,

i'm having some trouble with disconnecting an Sftp-Client.
The SFTP-Client is mostly the same as in your c++ sample "SophisticatedSFTPClient". Using a TClientSocket.

My problem is the SFTP-Server, cause when i close the connection on client-side by just closing the socket (like done in the above example) i get an exception on the server-side. It's an access violation thrown by TElSSHServers DataAvailable function (to be more precise: TElSymmetricCrypto::DecryptUpdate).

I'm wondering if there isn't any possibility to disconnect a cleaner way than just closing the socket or otherwise how can i handle it better (better than just try-catch and close the socket) on the server?!

Best regards
#8719
Posted: 01/25/2009 07:36:04
by Eugene Mayevski (EldoS Corp.)

You need to close SSH connection first. This is done by calling Close method of TElSSHClient component, which you use in conjunction with TElSftpClient.

However, the server should not crash on forceful disconnection. What exactly version of SecureBlackbox are you running? Also, does the problem happen with the sample server or only with your server?


Sincerely yours
Eugene Mayevski
#8720
Posted: 01/25/2009 15:56:24
by Janusch Skubatz (Standard support level)
Joined: 08/20/2008
Posts: 4

Thanks for your reply.

I'm using version 6.0.144.

I'm stuck at the moment.
To close the SSHClient connection first doesn't fix it.

The exception doesn't show up if i'm using your delphi example server and your sophisticated client example.
It also doesn't show up if i use my sftp-server and your client example...
How is it possible that my client cause an exception on server side? Cause the only code you use in the example client (as far as i can see) is 'scktClient.Close;'.

One question besides: why is there a close method in the simple SFTPClient but not in the normal one?

This will need some further investigation - but not today ;-)

Best regards
#8726
Posted: 01/26/2009 05:45:08
by Janusch Skubatz (Standard support level)
Joined: 08/20/2008
Posts: 4

Alright, now it's getting a little strange.

I've now also tested my client against the demo sftp server, which also works fine. But i noticed that (using my client) the OnSrvClose-Event of the sftp server is never called. The last log message is always 'Subsystem (sftp) open' from OnSrvOpenSubsystem.

Oh, and in my opinion the ResolveDots method of the server thread is quite buggy. Sending the change directory command with './myfolder' ends up in a realpath like 'c:\root\m' or '../myfolder' in 'c:\root\my'.
To fix this i've added a
Code
i := pos('/', p);
between
Code
if p = '' then
      break;
and
Code
    if i > 0 then
    begin
      hu := copy(p, 1, i - 1);
      delete(p, 1, i);
    end

- but that's not the point here.

Any ideas? Need some code?

EDIT:
Using my client and the demo server i also get the message 'Error #103 with comment "Connection closed by lower level protocol"' on client side, which i dont get when using my server...
Log:
26.01.2009 12:55:14 Sftp connection closed
26.01.2009 12:55:14 Error #103 with comment "Connection closed by lower level protocol"
26.01.2009 12:55:14 TCP Connection closed
Exit with errorcode: 103
26.01.2009 12:55:14 Sftp connection closed
26.01.2009 12:55:14 SSH Connection closed
Exit with errorcode: 0

Best regards
#8729
Posted: 01/26/2009 06:44:58
by Eugene Mayevski (EldoS Corp.)

Thank you for the detailed message. I have moved the topic to HelpDesk for detailed investigation.


Sincerely yours
Eugene Mayevski
#8732
Posted: 01/26/2009 07:19:54
by Janusch Skubatz (Standard support level)
Joined: 08/20/2008
Posts: 4

Thanks.
Just a little remark: i've removed the close-socket-command from clients disconnecting routine and now i'm just calling the sshclients close method and the server closes the socket connection. This seems to work fine, cause the client can handle the "Connection closed by lower level protocol".

But i still don't know what exactly was raising the exception...
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 3434 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!