update example client for rekey and sanity check on window update after read attempt

JacobBarthelmeh · JacobBarthelmeh · commit af45bc3719dd · 2025-08-26T10:50:14.000-06:00
diff --git a/examples/client/client.c b/examples/client/client.c
@@ -342,6 +342,9 @@ static THREAD_RET readInput(void* in)
         ret = wolfSSH_stream_send(args->ssh, buf, sz);
         wc_UnLockMutex(&args->lock);
         if (ret <= 0) {
+            if (ret == WS_REKEYING) {
+                continue;
+            }
             fprintf(stderr, "Couldn't send data\n");
             return THREAD_RET_SUCCESS;
         }
@@ -472,8 +475,16 @@ static THREAD_RET readPeer(void* in)
                         continue;
                     }
                     #endif /* WOLFSSH_AGENT */
+                    else if (ret == WS_REKEYING) {
+                        wolfSSH_worker(args->ssh, NULL);
+                        ret = 0;
+                    }
                 }
                 else if (ret != WS_EOF) {
+		    if (ret == 0) {
+                        bytes = 0;
+                        continue;
+		    }
                     err_sys("Stream read failed.");
                 }
             }
diff --git a/src/ssh.c b/src/ssh.c
@@ -1135,6 +1135,11 @@ int wolfSSH_stream_read(WOLFSSH* ssh, byte* buf, word32 bufSz)
         return WS_ERROR;
     }
 
+    if (ssh->isKeying) {
+        ssh->error = WS_REKEYING;
+        return WS_FATAL_ERROR;
+    }
+
     inputBuffer = &ssh->channelList->inputBuffer;
     ssh->error = WS_SUCCESS;
 
@@ -1164,7 +1169,7 @@ int wolfSSH_stream_read(WOLFSSH* ssh, byte* buf, word32 bufSz)
     }
 
     /* update internal input buffer based on data read */
-    if (ret == WS_SUCCESS) {
+    if (ret == WS_SUCCESS && !ssh->isKeying) {
         int n;
 
         n = min(bufSz, inputBuffer->length - inputBuffer->idx);
@@ -2901,6 +2906,11 @@ int wolfSSH_ChannelRead(WOLFSSH_CHANNEL* channel, byte* buf, word32 bufSz)
     if (channel == NULL || buf == NULL || bufSz == 0)
         return WS_BAD_ARGUMENT;
 
+    if (channel->ssh->isKeying) {
+        channel->ssh->error = WS_REKEYING;
+        return WS_REKEYING;
+    }
+
     bufSz = _ChannelRead(channel, buf, bufSz);
 
     WLOG(WS_LOG_DEBUG, "Leaving wolfSSH_ChannelRead(), bytesRxd = %d",

Original file line number	Diff line number	Diff line change
`@@ -342,6 +342,9 @@ static THREAD_RET readInput(void* in)`
`342`	`342`	`ret = wolfSSH_stream_send(args->ssh, buf, sz);`
`343`	`343`	`wc_UnLockMutex(&args->lock);`
`344`	`344`	`if (ret <= 0) {`
	`345`	`+ if (ret == WS_REKEYING) {`
	`346`	`+ continue;`
	`347`	`+ }`
`345`	`348`	`fprintf(stderr, "Couldn't send data\n");`
`346`	`349`	`return THREAD_RET_SUCCESS;`
`347`	`350`	`}`
`@@ -472,8 +475,16 @@ static THREAD_RET readPeer(void* in)`
`472`	`475`	`continue;`
`473`	`476`	`}`
`474`	`477`	`#endif /* WOLFSSH_AGENT */`
	`478`	`+ else if (ret == WS_REKEYING) {`
	`479`	`+ wolfSSH_worker(args->ssh, NULL);`
	`480`	`+ ret = 0;`
	`481`	`+ }`
`475`	`482`	`}`
`476`	`483`	`else if (ret != WS_EOF) {`
	`484`	`+ if (ret == 0) {`
	`485`	`+ bytes = 0;`
	`486`	`+ continue;`
	`487`	`+ }`
`477`	`488`	`err_sys("Stream read failed.");`
`478`	`489`	`}`
`479`	`490`	`}`