From 1bd5c2b0434d90161da1366fc8e76aa2d252767b Mon Sep 17 00:00:00 2001
From: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Date: Tue, 28 Apr 2026 10:37:47 +0200
Subject: [PATCH] packet: Fix socket data callback return value on rekey
 failure

Both callers of ssh_packet_socket_callback() assume that it will
always return the number of bytes processed. They don't properly
handle negative return values like SSH_ERROR, even though the
function's doc-comment mentions them.

Handling negative values would not be straightforward because
the return type is unsigned (size_t).

So instead of fixing the callers, adjust the only place where a
negative value is returned right now (rekey failure) and align
it with the handling of all other possible errors in the same
function.

Signed-off-by: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/824>
---
 src/packet.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/packet.c b/src/packet.c
index fcccde48..c3ff4c83 100644
--- a/src/packet.c
+++ b/src/packet.c
@@ -1273,7 +1273,7 @@ static bool ssh_packet_need_rekey(ssh_session session,
  * @param data pointer to the data received
  * @len length of data received. It might not be enough for a complete packet
  * @returns number of bytes read and processed. Zero means only partial packet
- * received and negative value means error.
+ * received.
  */
 size_t
 ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
@@ -1630,7 +1630,7 @@ ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
                 rc = ssh_send_rekex(session);
                 if (rc != SSH_OK) {
                     SSH_LOG(SSH_LOG_PACKET, "Rekey failed: rc = %d", rc);
-                    return rc;
+                    goto error;
                 }
             }