https://gitlab.synchro.net/main/sbbs/-/commit/88e7a55065adc6154124bfad
Added Files:
src/ssh/TODO.md src/ssh/test/mock_alloc.c mock_alloc.h test_alloc.c test_dhgex_provider.h test_enc.c test_enc.h test_mac.c test_mac.h test_transport_errors.c
Modified Files:
src/ssh/CMakeLists.txt src/ssh/test/test_algo_key.c test_arch.c test_auth.c test_chan.c test_conn.c test_selftest.c test_transport.c
Log Message:
Add branch coverage test suite: 537 tests across 11 executables

Comprehensive test coverage for the DeuceSSH library, targeting every
testable branch identified in an exhaustive audit of all source files.

Test infrastructure:
- mock_alloc.h/.c: countdown allocator via --wrap=malloc/calloc/realloc
- test_enc.h/.c: XOR cipher as "aes256-ctr" with failure injection
- test_mac.h/.c: XOR-fold MAC as "hmac-sha2-256" with failure injection,
corrupt output, and oversized digest modes
- test_dhgex_provider.h: DH-GEX group provider and RSA key test helpers
- CMakeLists.txt: 4 KEX x key combos, 23 CTest configurations

New test files (7):
- test_alloc.c: 20 malloc failure tests across transport and auth
- test_transport_errors.c: 11 enc/mac failure injection tests
- test_algo_key.c: 67 tests for ed25519/RSA key operations, verify
parse errors (malformed blobs), file I/O edge cases

Extended test files (6):
- test_transport.c: +30 tests for version exchange, GLOBAL_REQUEST
handler, DEBUG/UNIMPLEMENTED edge cases, registration validation,
getter-before-handshake, build_namelist overflow, packet_size clamping
- test_auth.c: +14 client-side KBI error path tests
- test_conn.c: +5 tests for start-twice, accept timeout, reject NULL,
poll timeout
- test_arch.c: +2 namelist parse edge cases
- test_chan.c: +4 msgqueue peek, sigqueue stderr/truncation tests
- test_selftest.c: DH-GEX and RSA key algorithm support

Branch coverage results (ssh-chan.c reaches 100%):
ssh-chan.c 100.00% ssh-arch.c 98.53% ssh.c 90.00%
ssh-trans.c 79.12% aes256-ctr 72.22% ed25519 69.05%
ssh-auth.c 62.88% rsa-sha2-256 62.36% ssh-conn.c 61.69%

Remaining uncovered branches are OpenSSL error paths (82), dead code defense-in-depth (52), malloc failures needing --wrap extension (51),
C11 thread init failures (16), and deep protocol paths requiring
multi-threaded session infrastructure (~230).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/76e66e3390ab1570e1ebb86e
Modified Files:
src/ssh/TODO.md src/ssh/test/test_auth.c test_conn.c test_transport.c Log Message:
Add DEBUG/GLOBAL_REQUEST/banner/get_methods/OPEN_CONFIRMATION edge case tests

Transport tests:
- debug/msg_len_exceeds_payload: DEBUG with msg_len > actual data
(covers msg_len clamp to 0 on line 754)
- global_request/name_exceeds: GLOBAL_REQUEST with name_len > payload
(covers early break on line 781)

Auth tests:
- banner_truncated: three BANNER variants sent from server before
auth response Ä no msg_len header, msg_len > payload, valid msg
with truncated lang (covers lines 18, 22, 33-34)
- get_methods_none_accepted: server accepts "none" auth, client
get_methods receives SUCCESS with empty methods (covers lines 567-570)

Conn tests:
- truncated_open_confirmation: OPEN_CONFIRMATION < 17 bytes (line 641)
- open_conf_unknown_channel: OPEN_CONFIRMATION for nonexistent channel (line 646)
- channel_success_no_request: CHANNEL_SUCCESS/FAILURE when no request
pending (exercises the break path at line 612)

TODO.md: add bugs 5 (void* banner_cb), 6 (dead x11 type_len==2 check),
7 (KEX pubkey error check guards Ä already fixed).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/233f20f35c09bb106d715bc4
Modified Files:
src/ssh/TODO.md src/ssh/test/test_selftest.c
Log Message:
Fix selftest race: cleanup while server echo thread still sending

Two bugs caused segfaults in dssh_self_rsa under ctest -j16:

1. Server thread handle (thrd_t st) was a stack local lost when an
ASSERT failed mid-test, so dssh_test_after_each cleanup could not
join it -- the server thread kept running while the session was freed.

2. g_active_ctx pointed to a stack-local selftest_ctx whose frame was
popped on test return. Cleanup's deeper function calls (terminate,
join, session_cleanup) grew the stack into the old frame, corrupting
the ctx data and causing a NULL deref in dssh_session_stop.

Fix: add server_thread/server_thread_active fields to selftest_ctx;
add selftest_start_thread() helper; restructure selftest_cleanup() to
snapshot all ctx fields into a local copy before any function calls,
then terminate both sessions, join the server thread, and finally
cleanup sessions. All 27 test functions updated.

Also adds TODO items 104-105 for two distinct test failures observed
under -j16 that need separate investigation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/753b6cf1ff5e8b5cbf210660
Modified Files:
src/ssh/TODO.md src/ssh/test/test_selftest.c
Log Message:
Fix selftest echo write race: poll for DSSH_POLL_WRITE before first write

dssh_chan_write is non-blocking by design Ä returns 0 when remote_window
is 0. Both sides open channels with initial_window=0 then independently
send WINDOW_ADJUST after setup. Under -j16 contention (especially RSA
keygen), the server's WINDOW_ADJUST hadn't been processed by the client's
demux thread before the test wrote, causing ~40% failure rate in
dssh_self_rsa and dssh_self_mlkem_rsa variants.

Add dssh_chan_poll(DSSH_POLL_WRITE) before the first write in test_self_exec_echo and test_self_shell_echo, matching the pattern
already used by test_self_shell_large_data. Make server_echo_thread
(both instances) use a poll-then-retry write loop to avoid silently
dropping data on partial writes.

Also log item 106: intermittent dssh_self_dhgex failure observed once
under heavy -j16 contention, not yet reproduced.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/5633d44598b307e390232a37
Modified Files:
src/ssh/TODO.md src/ssh/test/test_selftest.c
Log Message:
Fix 12 more selftest write-before-window races (closes item 106)

Same root cause as item 104: client-side dssh_chan_write called before
the server's WINDOW_ADJUST was processed, so remote_window was still 0
and the non-blocking write returned 0. Under -j16 contention this
manifested as ASSERT failures in 3 variants (dssh_self, dssh_self_rsa, dssh_self_mlkem) and a secondary Bus error from use-after-free when the
server echo thread's stack overwrote the test's popped stack frame.

Added dssh_chan_poll(DSSH_POLL_WRITE) before the first client-side write
in 12 test functions. 50 consecutive clean runs under -j16 after fix.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net