src/ssh/README.md TODO.md deucessh-algorithms.h deucessh-kex.h src/ssh

BBS:      TELESC.NET.BR
Assunto:  src/ssh/README.md TODO.md deucessh-algorithms.h deucessh-kex.h src/ssh
De:       Deuc¨
Data:     Sat, 28 Mar 2026 12:55:04 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/ccae5b20f5540890d652d140
Modified Files:
	src/ssh/README.md TODO.md deucessh-algorithms.h deucessh-kex.h src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c dh-gex-sha256.h mlkem768x25519-sha256.c sntrup761x25519-sha512.c src/ssh/server.c ssh-trans.c ssh-trans.h src/ssh/test/test_alloc.c test_dhgex_provider.h test_transport.c
Log Message:
Built-in RFC 3526 default provider for DH-GEX, generic dssh_kex_set_ctx() API

DH-GEX previously leaked algo-specific details (struct dssh_dh_gex_provider,
dssh_dh_gex_set_provider()) into the public API, breaking the register-and-
forget model every other algorithm uses.  Now DH-GEX works out of the box:

- Add RFC 3526 groups 14-18 (2048-8192-bit) to the DH-GEX module with a
  built-in default_select_group() that picks the best fit for the client's
  requested min/preferred/max range
- Add void *ctx field to dssh_kex_s (mirrors dssh_key_algo_s pattern)
- Add dssh_kex_set_ctx() public API for optional override (global, pre-init,
  same gate as dssh_key_algo_set_ctx())
- Remove per-session dssh_dh_gex_set_provider() and kex_ctx from transport
  state; struct dssh_dh_gex_provider moves to kex/dh-gex-sha256.h only
- Remove 65 lines of DH-GEX boilerplate from server.c demo
- Add TODO item 84: investigate DH-GEX group size vs cipher strength mismatch

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]