1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/TODO.md src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256

    From Deuc¿@VERT to Git commit to main/sbbs/master on Monday, March 23, 2026 20:49:18
    https://gitlab.synchro.net/main/sbbs/-/commit/521f6864b05d0f311c48a137
    Modified Files:
    src/ssh/TODO.md src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c src/ssh/mac/hmac-sha2-256.c src/ssh/test/test_alloc.c
    Log Message:
    Fix curve25519 OPENSSL_cleanse on NULL; revert incorrect cleanup guards

    Bug: curve25519 handler called OPENSSL_cleanse(raw_secret, len) when
    raw_secret was NULL (malloc failure). The NULL check and derive call
    were combined in one if-statement, so the malloc failure path fell
    through to the cleanse. Split into separate checks.

    Revert: the dead-code guards on module cleanup functions (ed25519,
    rsa, aes256-ctr, hmac-sha2-256) assumed cleanup is never called with
    a NULL context. This is false during allocation failure testing -- registration succeeds but keygen/init fails, leaving ctx as NULL when
    the global config cleanup runs. Restore the NULL checks.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net