Fix SFTP rekey transparency in buffer_read and buffer_send

[yosuke-wolfssl]

Background

During a rekey triggered by DEFAULT_HIGHWATER_MARK, two low-level SFTP I/O helpers
fail to handle the rekey condition correctly, forcing every SFTP state machine caller
to implement their own retry logic.

• wolfSSH_SFTP_buffer_read: When wolfSSH_worker or wolfSSH_stream_read returns a negative code during a rekey, the function exits with WS_FATAL_ERROR instead of looping. This prevents any SFTP read from surviving a mid-transfer rekey.
• wolfSSH_SFTP_buffer_send: The pre-send worker guard checks only ssh->error for WS_REKEYING / WS_WINDOW_FULL, but misses the case where ssh->isKeying is set while ssh->error holds a stale non-rekey value (e.g. when highwater fired during a receive that returned WS_CHAN_RXD). The subsequent wolfSSH_stream_send then fails on ssh->isKeying.

Changes

This PR fixes both functions:

• wolfSSH_SFTP_buffer_read: Add the logic to handle WS_REKEYING properly. A genuine failure changes ssh->error and is returned.
• wolfSSH_SFTP_buffer_send: Extend the logic to drive the worker. Only a rekey/window/channel-data status means "keep driving". Any other negative status (fatal error, or WS_WANT_READ/WS_WANT_WRITE on a non-blocking socket) is returned so a stalled or dead rekey cannot spin forever.

Also, this PR adds tests to exercise the highwater-mark scenario during SFTP message exchange on both blocking/non-blocking sockets.

[Copilot]

Pull request overview

This PR improves SFTP robustness during SSH rekey events (notably those triggered by DEFAULT_HIGHWATER_MARK) by making the low-level SFTP I/O helpers handle WS_REKEYING / window pressure internally, reducing the need for retry logic in each SFTP state-machine caller. It also adds API tests that exercise SFTP message exchange across a forced mid-operation rekey in both blocking and non-blocking socket modes.

Changes:

• Update wolfSSH_SFTP_buffer_send() to drive wolfSSH_worker() while rekeying / window-full (including the ssh->isKeying-set-but-stale-ssh->error case), and to avoid infinite spinning by returning non-rekey negative statuses.
• Update wolfSSH_SFTP_buffer_read() to loop through WS_REKEYING rather than failing immediately.
• Add SFTP rekey regression tests covering blocking and non-blocking sockets.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
src/wolfsftp.c	Make SFTP buffer send/read helpers rekey-transparent by driving the worker and looping appropriately during WS_REKEYING / window pressure.
tests/api.c	Add regression tests to force mid-SFTP-operation rekeys (highwater mark) in both blocking and non-blocking modes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[wolfSSL-Fenrir-bot]

Fenrir Automated Review — PR #1001

Scan targets checked: wolfssh-bugs, wolfssh-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

[wolfSSL-Fenrir-bot]

Fenrir Automated Review — PR #1001

Scan targets checked: wolfssh-bugs, wolfssh-src

No new issues found in the changed files. ✅