1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/TODO.md src/ssh/kex/dh-gex-sha256.c mlkem768x25519-sha256.c sn

    From Deuc¿@VERT to Git commit to main/sbbs/master on Fri Mar 27 14:34:15 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/b028ed8294067c58f4376e0d
    Modified Files:
    src/ssh/TODO.md src/ssh/kex/dh-gex-sha256.c mlkem768x25519-sha256.c sntrup761x25519-sha512.c src/ssh/ssh-auth.c ssh-conn.c ssh-internal.h ssh-trans.c src/ssh/test/CMakeLists.txt dssh_test_internal.h test_algo_key.c test_auth.c
    Log Message:
    Fix 6 bugs: resource leaks, NULL guards, silent hang, banner drain (items 71-82)

    - Item 71: dssh_session_accept_channel() and dssh_channel_accept_raw()
    leaked the inc parameter on early-return error paths; added free(inc)
    to all error returns after the NULL-arg check
    - Item 72: dssh_transport_init() leaked tx_mtx when rx_mtx init failed;
    split combined mtx_init || into two checks with proper cleanup
    - Item 77: DH-GEX dhgex_handler() leaked BIGNUM p on malformed GEX_GROUP
    size-check failures; added BN_free(p) before two early returns
    - Item 78: sntrup761x25519 and mlkem768x25519 KEX handlers called
    ka->verify/pubkey/sign without NULL guards; added the same checks
    that curve25519 and dh-gex already had
    - Item 80: Setup mailbox malloc failure in demux_dispatch() silently
    dropped the message, leaving setup_recv() blocked forever; added
    setup_error flag so setup_recv() returns DSSH_ERROR_ALLOC
    - Item 82: Auth banner handling only drained one SSH_MSG_USERAUTH_BANNER;
    changed if to while in get_methods_impl() and auth_server_impl() KBI
    path per RFC 4252 s5.4

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net