Merge pull request #35 from m1ngsama/fix/auth-strncpy-nul

fix: correct pubkey auth, strncpy warning, and NUL byte validation

src/ssh_server.c

@@ -1109,9 +1109,8 @@ static void execute_command(client_t *client) {
                     (max_hist - 1) * sizeof(client->command_history[0]));
             client->command_history_count = max_hist - 1;
         }
-        strncpy(client->command_history[client->command_history_count],
+        snprintf(client->command_history[client->command_history_count],
-                cmd, sizeof(client->command_history[0]) - 1);
+                 sizeof(client->command_history[0]), "%s", cmd);
-        client->command_history[client->command_history_count][sizeof(client->command_history[0]) - 1] = '\0';
         client->command_history_count++;
         client->command_history_pos = client->command_history_count;
     }
@@ -1740,10 +1739,11 @@ static int auth_pubkey(ssh_session session, const char *user,
         return SSH_AUTH_DENIED;
     }
 
-    /* Only accept after the signature has been verified by libssh.
+    /* SSH_PUBLICKEY_STATE_NONE = key offer (no signature yet).
-     * SSH_PUBLICKEY_STATE_NONE is just a key offer — no proof of possession. */
+     * Return SUCCESS to tell libssh "I accept this key, verify the signature."
+     * SSH_PUBLICKEY_STATE_VALID = signature verified by libssh. */
     if (signature_state != SSH_PUBLICKEY_STATE_VALID) {
-        return SSH_AUTH_PARTIAL;
+        return SSH_AUTH_SUCCESS;
     }
 
     ctx->auth_success = true;

src/utf8.c

@@ -193,9 +193,9 @@ bool utf8_is_valid_sequence(const char *bytes, int len) {
     uint32_t codepoint = 0;
     switch (len) {
         case 1:
-            /* 0xxxxxxx - valid range: 0x00-0x7F */
+            /* 0xxxxxxx - valid range: 0x01-0x7F (reject NUL) */
             codepoint = b[0];
-            if (codepoint > 0x7F) return false;
+            if (codepoint == 0 || codepoint > 0x7F) return false;
             break;
         case 2:
             /* 110xxxxx 10xxxxxx - valid range: 0x80-0x7FF */