From 4da28789acd8a4a9c40d1ccf38c74a9cca9f4348 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Wed, 8 Nov 2017 10:00:10 +0200
Subject: [PATCH] Fix SSL regression

This builds on commit 1287b0e595a5f99026f66df7eeaef091b8ffc774 and cleans
up the original code. This fixes a bug introduced in the aforementioned
commit and cleans up the code.
---
 include/maxscale/protocol/mysql.h             |  5 +++++
 .../protocol/MySQL/MySQLClient/mysql_client.c | 19 +++++++++++++++----
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/include/maxscale/protocol/mysql.h b/include/maxscale/protocol/mysql.h
index b67876630..533b21415 100644
--- a/include/maxscale/protocol/mysql.h
+++ b/include/maxscale/protocol/mysql.h
@@ -335,6 +335,11 @@ static inline uint32_t MYSQL_GET_PAYLOAD_LEN(const uint8_t* header)
     return gw_mysql_get_byte3(header);
 }
 
+static inline uint32_t MYSQL_GET_PACKET_LEN(const GWBUF* buffer)
+{
+    return MYSQL_GET_PAYLOAD_LEN(GWBUF_DATA(buffer)) + MYSQL_HEADER_LEN;
+}
+
 #define MYSQL_GET_ERRCODE(payload)              (gw_mysql_get_byte2(&payload[5]))
 #define MYSQL_GET_STMTOK_NPARAM(payload)        (gw_mysql_get_byte2(&payload[9]))
 #define MYSQL_GET_STMTOK_NATTR(payload)         (gw_mysql_get_byte2(&payload[11]))
diff --git a/server/modules/protocol/MySQL/MySQLClient/mysql_client.c b/server/modules/protocol/MySQL/MySQLClient/mysql_client.c
index 830c88d9a..56f0acdc6 100644
--- a/server/modules/protocol/MySQL/MySQLClient/mysql_client.c
+++ b/server/modules/protocol/MySQL/MySQLClient/mysql_client.c
@@ -502,11 +502,22 @@ int gw_read_client_event(DCB* dcb)
      *
      */
     case MXS_AUTH_STATE_MESSAGE_READ:
-        dcb->dcb_readqueue = gwbuf_append(dcb->dcb_readqueue, read_buffer);
-
-        if ((read_buffer = modutil_get_next_MySQL_packet(&dcb->dcb_readqueue)))
+        if (nbytes_read < 3 ||
+            (0 == max_bytes && nbytes_read < MYSQL_GET_PACKET_LEN(read_buffer)) ||
+            (0 != max_bytes && nbytes_read < max_bytes))
         {
-            return_code = gw_read_do_authentication(dcb, read_buffer, gwbuf_length(read_buffer));
+            dcb->dcb_readqueue = gwbuf_append(dcb->dcb_readqueue, read_buffer);
+        }
+        else
+        {
+            if (nbytes_read > MYSQL_GET_PACKET_LEN(read_buffer))
+            {
+                // We read more data than was needed
+                dcb->dcb_readqueue = gwbuf_append(dcb->dcb_readqueue, read_buffer);
+                read_buffer = modutil_get_next_MySQL_packet(&dcb->dcb_readqueue);
+            }
+
+            return_code = gw_read_do_authentication(dcb, read_buffer, nbytes_read);
         }
         break;