Restore mapping BIO_flush errors to -1.

This was originally changed so that flush_flight could forward BIO_write
errors as-is, but we can and probably should still map BIO_flush errors.
This is unlikely to matter (every relevant BIO likely just has a no-op
flush which returns one), but, e.g., our file BIO returns 0, not -1, on
error.

We possibly should also be mapping BIO_write errors, but I'll leave that
alone for now. It's primarily BIO_read where the BIO return value must
be preserved due to error vs. EOF.

(We probably can just remove the BIO_flush calls altogether, but since
the buffer BIO forwarded the flush signal it would be a user-visible
behavior change to confirm.)

Change-Id: Ib495cc5d043867cf964f99b7ee4535114f7b2230
Reviewed-on: https://boringssl-review.googlesource.com/13367
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

ssl/d1_both.c

@@ -795,11 +795,13 @@ int dtls1_flush_flight(SSL *ssl) {
     }
   }
 
-  ret = BIO_flush(ssl->wbio);
-  if (ret <= 0) {
+  if (BIO_flush(ssl->wbio) <= 0) {
     ssl->rwstate = SSL_WRITING;
+    goto err;
   }
 
+  ret = 1;
+
 err:
   OPENSSL_free(packet);
   return ret;

ssl/s3_both.c

@@ -328,10 +328,9 @@ int ssl3_flush_flight(SSL *ssl) {
     ssl->s3->pending_flight_offset += ret;
   }
 
-  int ret = BIO_flush(ssl->wbio);
-  if (ret <= 0) {
+  if (BIO_flush(ssl->wbio) <= 0) {
     ssl->rwstate = SSL_WRITING;
-    return ret;
+    return -1;
   }
 
   BUF_MEM_free(ssl->s3->pending_flight);