fix(server): eliminate nested mutex acquisition in SSH tunnel handler

[persimmon16]

Summary

• Restructures the per-sandbox SSH connection limit check to release ssh_connections_by_sandbox before acquiring ssh_connections_by_token for rollback
• Eliminates a nested lock pattern (sandbox -> token) that risked deadlock if any other code path locked in reverse order

Related Issue

Production readiness audit finding (P3): SSH connection dual-Mutex lock ordering could cause deadlocks.

Changes

• crates/openshell-server/src/ssh_tunnel.rs: Split the per-sandbox limit check into two phases — check-and-release, then rollback separately

Testing

• cargo check -p openshell-server passes
• cargo clippy clean (only pre-existing warnings)
• Audited decrement_connection_count helper — already acquires each mutex independently

Checklist

• Conventional commit format
• No secrets committed
• Scoped to the issue at hand

[github-actions]

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

---

I have read the DCO document and I hereby sign the DCO.

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.}

[github-actions]

Thank you for your interest in contributing to OpenShell, @persimmon16.

This project uses a vouch system for first-time contributors. Before submitting a pull request, you need to be vouched by a maintainer.

To get vouched:

1. Open a Vouch Request discussion.
2. Describe what you want to change and why.
3. Write in your own words — do not have an AI generate the request.
4. A maintainer will comment /vouch if approved.
5. Once vouched, open a new PR (preferred) or reopen this one after a few minutes.

See CONTRIBUTING.md for details.