src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256

BBS:      TELESC.NET.BR
Assunto:  src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256
De:       Deuc¨
Data:     Mon, 23 Mar 2026 20:49:18 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/f71fe26992b4638e30d57a3f
Modified Files:
	src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c src/ssh/mac/hmac-sha2-256.c src/ssh/ssh-arch.c ssh-conn.c ssh-trans.c
Log Message:
Compile out unreachable defense-in-depth guards under DSSH_TESTING

Wrap ~46 dead-code branches in #ifndef DSSH_TESTING so coverage
reports reflect only reachable code.  Each guard has a comment
explaining why it is unreachable:

ssh-arch.c: dssh_parse_uint32 cannot fail after bufsz >= 4 check

ssh-trans.c: rekey_time never 0 after init, enc blocksize always >= 8,
  payload_len always > 0, enc->encrypt/decrypt always non-NULL, all
  modules provide cleanup, ka->haskey always non-NULL, kex_selected
  validated before kex(), shared secret always non-empty, namelist
  buffers adequate, remote_languages never populated

ssh-conn.c: send_extended_data len already clamped by public API,
  chan_type always set after init, channels array never contains NULL

key_algo: cbd->pkey always set before sign/pubkey/save callable,
  caller buffers always adequate, EVP_PKEY_id always matches module,
  cleanup only called after successful init

kex modules: ka and function pointers always set by negotiation,
  own-key pubkey always succeeds, serialize buffers adequate

enc/mac: cleanup only called after successful init

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]