1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256

    From Deuc¿@VERT to Git commit to main/sbbs/master on Monday, March 23, 2026 20:49:18
    https://gitlab.synchro.net/main/sbbs/-/commit/f71fe26992b4638e30d57a3f
    Modified Files:
    src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c src/ssh/mac/hmac-sha2-256.c src/ssh/ssh-arch.c ssh-conn.c ssh-trans.c
    Log Message:
    Compile out unreachable defense-in-depth guards under DSSH_TESTING

    Wrap ~46 dead-code branches in #ifndef DSSH_TESTING so coverage
    reports reflect only reachable code. Each guard has a comment
    explaining why it is unreachable:

    ssh-arch.c: dssh_parse_uint32 cannot fail after bufsz >= 4 check

    ssh-trans.c: rekey_time never 0 after init, enc blocksize always >= 8,
    payload_len always > 0, enc->encrypt/decrypt always non-NULL, all
    modules provide cleanup, ka->haskey always non-NULL, kex_selected
    validated before kex(), shared secret always non-empty, namelist
    buffers adequate, remote_languages never populated

    ssh-conn.c: send_extended_data len already clamped by public API,
    chan_type always set after init, channels array never contains NULL

    key_algo: cbd->pkey always set before sign/pubkey/save callable,
    caller buffers always adequate, EVP_PKEY_id always matches module,
    cleanup only called after successful init

    kex modules: ka and function pointers always set by negotiation,
    own-key pubkey always succeeds, serialize buffers adequate

    enc/mac: cleanup only called after successful init

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net