1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/README.md TODO.md

    From Deuc¿@VERT to Git commit to main/sbbs/m on Friday, March 27, 2026 05:30:00
    https://gitlab.synchro.net/main/sbbs/-/commit/b30e965d44c65518cd16254d
    Modified Files:
    src/ssh/README.md TODO.md deucessh-algorithms.h src/ssh/key_algo/rsa-sha2-256.c rsa-sha2-256.h ssh-ed25519.c ssh-ed25519.h src/ssh/ssh-chan.h ssh-trans.h
    Log Message:
    Clean up public header hygiene: remove OpenSSL, fix duplicates

    - Replace pem_password_cb with library-owned dssh_pem_password_cb
    typedef so consumers don't need OpenSSL on their include path
    - Remove 7 duplicate transport function declarations from ssh-trans.h
    (deucessh.h is authoritative)
    - Remove unnecessary <threads.h> include from ssh-chan.h
    - Use dssh_transport_extra_line_cb typedef in global config struct

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Friday, March 27, 2026 14:34:00
    https://gitlab.synchro.net/main/sbbs/-/commit/9e122282f4d0cea9f7b9da6a
    Modified Files:
    src/ssh/README.md TODO.md deucessh-auth.h server.c ssh-auth.c ssh-conn.c src/ssh/test/CMakeLists.txt test_alloc.c test_auth.c test_conn.c
    Log Message:
    Fix 2 bugs: accept_channel data race, auth username buffer overflow (items 52, 8)

    Item 52: dssh_session_accept_channel() setup-to-normal transition now
    holds buf_mtx. chan_type, buffer union, window_max, and callbacks are initialized atomically; setup_mode set to false last. Prevents demux
    thread from seeing partially initialized channel state.

    Item 8: dssh_auth_server() username_out_len is now in/out Ä input is
    buffer capacity, output is bytes written. Prevents overflow when
    caller buffer is smaller than the internal 255-byte cap. All callers
    updated. New test auth/server/small_username_buffer verifies truncation.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Saturday, March 28, 2026 12:55:00
    https://gitlab.synchro.net/main/sbbs/-/commit/34c2c2297c4ff70efb85720c
    Modified Files:
    src/ssh/README.md TODO.md deucessh.h ssh-conn.c ssh-internal.h ssh-trans.c ssh.c src/ssh/test/test_selftest.c
    Log Message:
    Close items 65, 66: session-wide inactivity timeout for unbounded waits

    Add dssh_session_set_timeout() and DSSH_ERROR_TIMEOUT. Default 75s
    (standard BSD TCP connect timeout). Converts 4 unbounded cnd_wait()
    sites to cnd_timedwait(): open_session_channel, send_channel_request_wait, setup_recv return DSSH_ERROR_TIMEOUT; send_packet rekey wait terminates
    the session (rekey failure is fatal). Shared dssh_deadline_from_ms()
    extracted to ssh-internal.h. 4 new tests.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Saturday, March 28, 2026 12:55:00
    https://gitlab.synchro.net/main/sbbs/-/commit/ccae5b20f5540890d652d140
    Modified Files:
    src/ssh/README.md TODO.md deucessh-algorithms.h deucessh-kex.h src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c dh-gex-sha256.h mlkem768x25519-sha256.c sntrup761x25519-sha512.c src/ssh/server.c ssh-trans.c ssh-trans.h src/ssh/test/test_alloc.c test_dhgex_provider.h test_transport.c
    Log Message:
    Built-in RFC 3526 default provider for DH-GEX, generic dssh_kex_set_ctx() API

    DH-GEX previously leaked algo-specific details (struct dssh_dh_gex_provider, dssh_dh_gex_set_provider()) into the public API, breaking the register-and- forget model every other algorithm uses. Now DH-GEX works out of the box:

    - Add RFC 3526 groups 14-18 (2048-8192-bit) to the DH-GEX module with a
    built-in default_select_group() that picks the best fit for the client's
    requested min/preferred/max range
    - Add void *ctx field to dssh_kex_s (mirrors dssh_key_algo_s pattern)
    - Add dssh_kex_set_ctx() public API for optional override (global, pre-init,
    same gate as dssh_key_algo_set_ctx())
    - Remove per-session dssh_dh_gex_set_provider() and kex_ctx from transport
    state; struct dssh_dh_gex_provider moves to kex/dh-gex-sha256.h only
    - Remove 65 lines of DH-GEX boilerplate from server.c demo
    - Add TODO item 84: investigate DH-GEX group size vs cipher strength mismatch

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Saturday, March 28, 2026 12:55:00
    https://gitlab.synchro.net/main/sbbs/-/commit/f7930e7e170ab1235b2125fd
    Modified Files:
    src/ssh/README.md TODO.md client.c deucessh.h server.c ssh-internal.h ssh.c
    Log Message:
    Close item 83: terminate callback + single-fire set_terminate

    Add dssh_terminate_cb and dssh_session_set_terminate_cb() so the
    application can close sockets or signal its event loop when the session terminates, unblocking I/O callbacks that would otherwise cause dssh_session_cleanup() to hang on thrd_join.

    Make dssh_session_set_terminate() single-fire via atomic_exchange --
    previously it unconditionally re-broadcast all condvars on every call.
    The callback fires exactly once, before condvar broadcasts, from
    whichever thread triggers termination.

    Update I/O callback documentation to state that callbacks MUST return
    promptly when dssh_session_is_terminated() is true. Update client.c
    and server.c to use shutdown(fd, SHUT_RDWR) in the terminate callback.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Saturday, March 28, 2026 12:55:00
    https://gitlab.synchro.net/main/sbbs/-/commit/4ad8e6441308eb32d5faa206
    Modified Files:
    src/ssh/README.md TODO.md
    Log Message:
    Update README and TODO for recent API changes

    README: document version string, termination, algorithm queries, reject/raw-accept APIs, window-change, remove stale test table.
    TODO: add items 92-97 for API definition gaps found during review.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Monday, March 30, 2026 10:39:00
    https://gitlab.synchro.net/main/sbbs/-/commit/18571decc2f3bdc271f48811
    Modified Files:
    src/ssh/README.md TODO.md deucessh.h ssh-trans.c
    Log Message:
    Make rx_line callback optional with built-in default

    The rx_line parameter to dssh_transport_set_callbacks() may now be
    NULL. A built-in default (rxline_from_rx) reads one byte at a time
    via the rx callback with strict CR-LF validation: bare CR or bare LF
    returns DSSH_ERROR_PARSE.

    Also adds TODO item 103 for a pre-existing selftest race under
    parallel load (cleanup while server echo thread still sending).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Monday, March 30, 2026 10:39:00
    https://gitlab.synchro.net/main/sbbs/-/commit/a1ae4721eea366f70e733663
    Modified Files:
    src/ssh/README.md TODO.md deucessh-conn.h deucessh.h ssh-conn.c ssh.c Log Message:
    I got 99 problems but a callback setter ain't one

    Enforce the "must set before dssh_session_start()" contract at
    runtime: all 8 session-level callback/config setters now return int
    and check sess->demux_running, returning DSSH_ERROR_TOOLATE after
    start instead of silently racing the demux thread. NULL cb remains
    allowed (means "no callback").

    Updated headers (deucessh.h, deucessh-conn.h), README.md, and
    TODO.md (item 99 done; items 95/96/101 moved to Closed).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net