altcp_mbedtls: don't ignore return value of mbedtls_ssl_flush_output

see bug #64045/task #16283
lwip-tcpip · Oct 11, 2023 · 583f352 · 583f352
1 parent 7fd1350
commit 583f352
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/src/apps/altcp_tls/altcp_tls_mbedtls.c b/src/apps/altcp_tls/altcp_tls_mbedtls.c
@@ -133,6 +133,15 @@ static err_t altcp_mbedtls_handle_rx_appldata(struct altcp_pcb *conn, altcp_mbed
 static int altcp_mbedtls_bio_send(void *ctx, const unsigned char *dataptr, size_t size);
 
 
+static void
+altcp_mbedtls_flush_output(altcp_mbedtls_state_t* state)
+{
+  int flushed = mbedtls_ssl_flush_output(&state->ssl_context);
+  if (flushed) {
+    LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_ssl_flush_output failed: %d\n", flushed));
+  }
+}
+
 /* callback functions from inner/lower connection: */
 
 /** Accept callback from lower connection (i.e. TCP)
@@ -531,7 +540,7 @@ altcp_mbedtls_lower_sent(void *arg, struct altcp_pcb *inner_conn, u16_t len)
     /* remove ACKed bytes from overhead adjust counter */
     state->overhead_bytes_adjust -= len;
     /* try to send more if we failed before (may increase overhead adjust counter) */
-    mbedtls_ssl_flush_output(&state->ssl_context);
+    altcp_mbedtls_flush_output(state);
     /* remove calculated overhead from ACKed bytes len */
     app_len = len - (u16_t)overhead;
     /* update application write counter and inform application */
@@ -559,7 +568,7 @@ altcp_mbedtls_lower_poll(void *arg, struct altcp_pcb *inner_conn)
     if (conn->state) {
       altcp_mbedtls_state_t *state = (altcp_mbedtls_state_t *)conn->state;
       /* try to send more if we failed before */
-      mbedtls_ssl_flush_output(&state->ssl_context);
+      altcp_mbedtls_flush_output(state);
       if (altcp_mbedtls_handle_rx_appldata(conn, state) == ERR_ABRT) {
         return ERR_ABRT;
       }
@@ -1233,7 +1242,7 @@ altcp_mbedtls_write(struct altcp_pcb *conn, const void *dataptr, u16_t len, u8_t
      allow sending more if this succeeded (this is a hack because neither
      returning 0 nor MBEDTLS_ERR_SSL_WANT_WRITE worked for me) */
   if (state->ssl_context.out_left) {
-    mbedtls_ssl_flush_output(&state->ssl_context);
+    altcp_mbedtls_flush_output(state);
     if (state->ssl_context.out_left) {
       return ERR_MEM;
     }