https://gitlab.synchro.net/main/sbbs/-/commit/3c2eb2443df8934ae295f2c3
Modified Files:
src/ssh/deucessh-conn.h src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c src/ssh/ssh-auth.c ssh-conn.c ssh-trans.c ssh.c
Log Message:
Final hardening: timing, scrubbing, threads, NULL, lifetime
1. Constant-time MAC: memcmp → CRYPTO_memcmp (timing side-channel)
2. Sensitive data scrubbing: cleanse_free() helper; OPENSSL_cleanse
on shared_secret, session_id, exchange_hash, derived keys (27
sites), passwords, stack MAC/tmp buffers before free/return
3. Thread safety: buf_mtx in send_data, send_extended_data,
send_eof, send_close, maybe_replenish_window to prevent
data races with demux thread on remote_window/eof/close flags
4. NULL checks: all ~40 DSSH_PUBLIC functions validate pointer
parameters; parse helpers allow NULL data with data_len==0
5. Lifetime docs: channel handle rules in deucessh-conn.h
6. Zero-size write: bufsz==0 returns 0 (no empty DATA message)
7. Callback validation: set_callbacks rejects NULL tx/rx/rx_line
Co-Authored-By: Claude Opus 4.6 (1M context) <
noreply@anthropic.com>
---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net