From ec5347d5efb806ff0891e2b7e4500c7d95ee8e1b Mon Sep 17 00:00:00 2001
From: "496148326@qq.com" <496148326@qq.com>
Date: Mon, 13 Nov 2023 12:39:14 +0000
Subject: [PATCH] [CP] fix the issue that encrypted login request from client
 will be unprocessed when sql protocl use ssl

---
 deps/oblib/src/lib/ssl/ob_ssl_config.cpp | 5 ++++-
 deps/ussl-hook/ssl/ssl_config.c          | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/deps/oblib/src/lib/ssl/ob_ssl_config.cpp b/deps/oblib/src/lib/ssl/ob_ssl_config.cpp
index ec94cf108..cc4eaa9b3 100644
--- a/deps/oblib/src/lib/ssl/ob_ssl_config.cpp
+++ b/deps/oblib/src/lib/ssl/ob_ssl_config.cpp
@@ -420,7 +420,10 @@ static SSL_CTX* ob_ssl_create_ssl_ctx(const ObSSLConfig& ssl_config)
     SSL_CTX_set_options(ctx, SSL_OP_TLS_BLOCK_PADDING_BUG);
     SSL_CTX_set_options(ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
     SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
-    SSL_CTX_set_read_ahead(ctx, 1);
+    /*set_read_ahead may cause the first application data that been sent after
+    * SSL handshake being unprocessed, forbid it.
+    */
+    SSL_CTX_set_read_ahead(ctx, 0);
   }
   return ctx;
 }
diff --git a/deps/ussl-hook/ssl/ssl_config.c b/deps/ussl-hook/ssl/ssl_config.c
index efabaf441..bb1f793d4 100644
--- a/deps/ussl-hook/ssl/ssl_config.c
+++ b/deps/ussl-hook/ssl/ssl_config.c
@@ -475,7 +475,10 @@ static SSL_CTX *ob_ssl_create_ssl_ctx(const ssl_config_item_t *ssl_config, int t
     SSL_CTX_set_options(ctx, SSL_OP_TLS_BLOCK_PADDING_BUG);
     SSL_CTX_set_options(ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
     SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
-    SSL_CTX_set_read_ahead(ctx, 1);
+    /*set_read_ahead may cause the first application data that been sent after
+    * SSL handshake being unprocessed, forbid it.
+    */
+    SSL_CTX_set_read_ahead(ctx, 0);
   }
   if (0 != ret) {
     SSL_CTX_free(ctx);