1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/test/test_auth.c

    From Deucе@VERT to Git commit to main/sbbs/master on Mon Mar 23 20:49:18 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/17d44539e6157fe2cc0edf44
    Modified Files:
    src/ssh/test/test_auth.c
    Log Message:
    Add 11 server auth parse error tests

    Tests send malformed USERAUTH_REQUEST packets through an encrypted
    session to exercise parse_userauth_prefix and method-specific parse
    branches in dssh_auth_server:

    - empty request (just message type byte)
    - truncated username (length > remaining data)
    - no service name field after username
    - truncated service name (length > remaining)
    - no method field after service name
    - truncated method name (length > remaining)
    - password method with no change boolean
    - password method with no password length
    - publickey method with no has_signature boolean
    - first message is not SERVICE_REQUEST
    - username >= 256 bytes (truncation to saved_user)

    ssh-auth.c branch coverage: 63.33% -> 67.27% (-13 missed)

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Deucе@VERT to Git commit to main/sbbs/master on Mon Mar 23 20:49:18 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/27c8a2d516a9d53b603a6e5b
    Modified Files:
    src/ssh/test/test_auth.c
    Log Message:
    Add 12 more server auth parse and callback tests

    Password parse errors:
    - truncated password data (pw_len > remaining)
    - password change with no new_password field
    - password change with truncated new_password

    Missing callbacks:
    - password method with no password_cb (gets FAILURE, retries with none)
    - publickey method with no publickey_cb (gets FAILURE, retries with none)

    Publickey parse errors:
    - no algo length field after has_sig
    - no pubkey blob after algo name
    - has_sig=true but no signature length

    Publickey protocol:
    - unknown algo name with has_sig=true (FAILURE response)
    - key probe (has_sig=false) rejected by callback (FAILURE not PK_OK)

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Deucе@VERT to Git commit to main/sbbs/master on Tue Mar 24 20:58:43 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/8b18695f8e548d3476877ad5
    Modified Files:
    src/ssh/test/test_auth.c
    Log Message:
    ssh-auth.c coverage: server send-failure tests (12 new tests)

    Use pipe-close technique: after client sends the auth request, close
    the s2c pipe so the server's response send_packet fails. Each test
    covers a specific send path in auth_server_impl:

    - SERVICE_ACCEPT send failure
    - none auth: success/failure send
    - password auth: success/failure/no-callback/changereq send
    - publickey: no-callback/probe-ok/probe-rejected/unknown-algo send
    - unknown method: failure send

    ssh-auth.c missed branches: 93 → 71 (71.8% → 77.9%).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Deucе@VERT to Git commit to main/sbbs/master on Wed Mar 25 00:49:07 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/a9b8ad269a7a66caf2f395f3
    Modified Files:
    src/ssh/test/test_auth.c
    Log Message:
    ssh-auth.c coverage: defensive, client, and edge-case tests (23 new)

    Defensive/edge-case tests (11):
    - Server with NULL username_out parameters
    - get_methods with zero-size and small buffer
    - FAILURE response with DEL char in method names
    - 4/8/9-byte method names that don't match none/password/publickey
    - Password change callback returning NULL prompt
    - Publickey auth with algo name > 64 bytes (truncation)
    - Banner with no language field
    - get_methods small buffer (copylen truncation)

    Client-side failure tests (12):
    - SERVICE_REQUEST and get_methods send failures
    - Password CHANGEREQ: callback error and send failure
    - KBI initial send and recv failures
    - Publickey: no key, pubkey fail, sign fail, send fail, recv fail
    - Publickey with BANNER before auth response

    ssh-auth.c missed branches: 71 → 62 (77.9% → 80.6%).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Deucе@VERT to Git commit to main/sbbs/master on Wed Mar 25 00:49:07 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/ebbad235a958da5195d88084
    Modified Files:
    src/ssh/test/test_auth.c
    Log Message:
    ssh-auth.c coverage: server send-fail + edge cases (13 new tests)

    Server send-failure tests for password-change and publickey-with-sig:
    - Password change: success/changereq/failure send failures
    - Publickey with bad signature: verify-fail send failure
    - Publickey accepted: success send failure
    - Publickey rejected after valid sig: failure send failure

    Defensive/edge-case tests:
    - Tiny/short SERVICE_REQUEST (payload <= 5 bytes)
    - PASSWD_CHANGEREQ with no language field / truncated lang data
    - KBI with empty response (response_lens[i] == 0)

    ssh-auth.c missed branches: 55 → 30 (83.3% → 90.6%).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net