Fix not reading last TLS small record with fast closure

Fixes #3104
MbedTLS API fairplay

Author: scaprile

mongoose.c

@@ -8404,7 +8404,7 @@ static void read_conn(struct mg_connection *c) {
         if (c->rtls.len == 0 || m < 0) {
           // Close only when we have fully drained both rtls and TLS buffers
           c->is_closing = 1;  // or there's nothing we can do about it.
-          m = MG_IO_ERR;
+          if (m < 0) m = MG_IO_ERR; // but return last record data, see #3104
         } else { // see #2885
           // TLS buffer is capped to max record size, even though, there can
           // be more than one record, give TLS a chance to process them.
@@ -13647,7 +13647,11 @@ long mg_tls_send(struct mg_connection *c, const void *buf, size_t len) {
   c->is_tls_throttled =
       (n == MBEDTLS_ERR_SSL_WANT_READ || n == MBEDTLS_ERR_SSL_WANT_WRITE);
   if (was_throttled) return MG_IO_WAIT;  // flushed throttled data instead
-  if (c->is_tls_throttled) return len;  // already encripted that when throttled
+  if (c->is_tls_throttled) {
+    tls->throttled_buf = (unsigned char *)buf; // MbedTLS code actually ignores
+    tls->throttled_len = len; //  these, but let's play API rules
+    return (long) len;  // already encripted that when throttled
+  }
   if (n <= 0) return MG_IO_ERR;
   return n;
 }

mongoose.h

@@ -3469,18 +3469,18 @@ struct mg_tcpip_driver_xmc7_data {
 
 #define MG_TCPIP_DRIVER_INIT(mgr)                                 \
   do {                                                            \
-    static struct mg_tcpip_driver_xmc7_data driver_data_;       \
+    static struct mg_tcpip_driver_xmc7_data driver_data_;         \
     static struct mg_tcpip_if mif_;                               \
     driver_data_.mdc_cr = MG_DRIVER_MDC_CR;                       \
     driver_data_.phy_addr = MG_TCPIP_PHY_ADDR;                    \
     mif_.ip = MG_TCPIP_IP;                                        \
     mif_.mask = MG_TCPIP_MASK;                                    \
     mif_.gw = MG_TCPIP_GW;                                        \
-    mif_.driver = &mg_tcpip_driver_xmc7;                        \
+    mif_.driver = &mg_tcpip_driver_xmc7;                          \
     mif_.driver_data = &driver_data_;                             \
     MG_SET_MAC_ADDRESS(mif_.mac);                                 \
     mg_tcpip_init(mgr, &mif_);                                    \
-    MG_INFO(("Driver: xmc7, MAC: %M", mg_print_mac, mif_.mac)); \
+    MG_INFO(("Driver: xmc7, MAC: %M", mg_print_mac, mif_.mac));   \
   } while (0)
 
 #endif

src/sock.c

@@ -291,7 +291,7 @@ static void read_conn(struct mg_connection *c) {
         if (c->rtls.len == 0 || m < 0) {
           // Close only when we have fully drained both rtls and TLS buffers
           c->is_closing = 1;  // or there's nothing we can do about it.
-          m = MG_IO_ERR;
+          if (m < 0) m = MG_IO_ERR; // but return last record data, see #3104
         } else { // see #2885
           // TLS buffer is capped to max record size, even though, there can
           // be more than one record, give TLS a chance to process them.

src/tls_mbed.c

@@ -200,7 +200,11 @@ long mg_tls_send(struct mg_connection *c, const void *buf, size_t len) {
   c->is_tls_throttled =
       (n == MBEDTLS_ERR_SSL_WANT_READ || n == MBEDTLS_ERR_SSL_WANT_WRITE);
   if (was_throttled) return MG_IO_WAIT;  // flushed throttled data instead
-  if (c->is_tls_throttled) return len;  // already encripted that when throttled
+  if (c->is_tls_throttled) {
+    tls->throttled_buf = (unsigned char *)buf; // MbedTLS code actually ignores
+    tls->throttled_len = len; //  these, but let's play API rules
+    return (long) len;  // already encripted that when throttled
+  }
   if (n <= 0) return MG_IO_ERR;
   return n;
 }