Five tests closing gaps identified by cross-referencing the RFC 4250-4254 conformance audits against the test suite:
- rekey/hard_limit_send: send_packet refuses at 2^31 packets
(RFC 4253 s9, RFC 4251 s9.3.3)
- rekey/hard_limit_recv: recv_packet refuses at 2^31 packets
- rekey/seq_preserved: tx_seq/rx_seq never reset across rekey
(RFC 4253 s6.4-3)
- handshake/mac_active: MAC contexts and encryption active after
handshake, digest_size=32 for HMAC-SHA-256 (RFC 4253 s6.4-2)
- auth/banner_delivered: USERAUTH_BANNER delivered to client via
banner callback during password auth (RFC 4252 s5.4)
Tests send malformed USERAUTH_REQUEST packets through an encrypted
session to exercise parse_userauth_prefix and method-specific parse
branches in dssh_auth_server:
- empty request (just message type byte)
- truncated username (length > remaining data)
- no service name field after username
- truncated service name (length > remaining)
- no method field after service name
- truncated method name (length > remaining)
- password method with no change boolean
- password method with no password length
- publickey method with no has_signature boolean
- first message is not SERVICE_REQUEST
- username >= 256 bytes (truncation to saved_user)
Password parse errors:
- truncated password data (pw_len > remaining)
- password change with no new_password field
- password change with truncated new_password
Missing callbacks:
- password method with no password_cb (gets FAILURE, retries with none)
- publickey method with no publickey_cb (gets FAILURE, retries with none)
Publickey parse errors:
- no algo length field after has_sig
- no pubkey blob after algo name
- has_sig=true but no signature length
Publickey protocol:
- unknown algo name with has_sig=true (FAILURE response)
- key probe (has_sig=false) rejected by callback (FAILURE not PK_OK)
Auth server password change flow:
- passwd_change_cb returns FAILURE (USERAUTH_FAILURE sent)
- no passwd_change_cb set when change=true (falls through to FAILURE)
Connection demux edge cases:
- WINDOW_ADJUST from peer (covers WINDOW_ADJUST case + window_add)
- CHANNEL_DATA after EOF (data discarded per eof_received guard)
- Truncated CHANNEL_DATA (payload_len < 9, silently dropped)
Use pipe-close technique: after client sends the auth request, close
the s2c pipe so the server's response send_packet fails. Each test
covers a specific send path in auth_server_impl:
Defensive/edge-case tests (11):
- Server with NULL username_out parameters
- get_methods with zero-size and small buffer
- FAILURE response with DEL char in method names
- 4/8/9-byte method names that don't match none/password/publickey
- Password change callback returning NULL prompt
- Publickey auth with algo name > 64 bytes (truncation)
- Banner with no language field
- get_methods small buffer (copylen truncation)
Client-side failure tests (12):
- SERVICE_REQUEST and get_methods send failures
- Password CHANGEREQ: callback error and send failure
- KBI initial send and recv failures
- Publickey: no key, pubkey fail, sign fail, send fail, recv fail
- Publickey with BANNER before auth response
Server send-failure tests for password-change and publickey-with-sig:
- Password change: success/changereq/failure send failures
- Publickey with bad signature: verify-fail send failure
- Publickey accepted: success send failure
- Publickey rejected after valid sig: failure send failure
Defensive/edge-case tests:
- Tiny/short SERVICE_REQUEST (payload <= 5 bytes)
- PASSWD_CHANGEREQ with no language field / truncated lang data
- KBI with empty response (response_lens[i] == 0)