1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/CMakeLists.txt audit-hardening.md src/ssh/kex/dh-gex-sha256.c

    From Deucе@VERT to Git commit to main/sbbs/master on Wed Mar 25 23:06:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/3a6fded32d5a7b8597fddc22
    Modified Files:
    src/ssh/CMakeLists.txt audit-hardening.md src/ssh/kex/dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c src/ssh/ssh-arch.c ssh-auth.c ssh-trans.c src/ssh/test/test_algo_key.c test_alloc.c test_conn.c test_selftest.c
    Log Message:
    Enable -Wconversion: range-checked narrowing throughout

    All implicit narrowing conversions replaced with range-checked
    intermediate variables. Library code checks both lower and upper
    bounds before every narrowing assignment, with overflow guards
    before arithmetic. Test code uses explicit casts where safe.

    Hardening audit now 34 of 34 OpenSSF flags.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net