client_msg_cb: Pass correct size to SSL_read_ex()

The amount of space remaining is "buf->size - buf->len" not
"buf->size".  The non-TLS path already used the correct size.

Thanks to Joshua Rogers for finding this.

Author: millert

logsrvd/logsrvd.c

@@ -1,7 +1,7 @@
 /*
  * SPDX-License-Identifier: ISC
  *
- * Copyright (c) 2019-2023 Todd C. Miller <[email protected]>
+ * Copyright (c) 2019-2025 Todd C. Miller <[email protected]>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -1043,7 +1043,7 @@ client_msg_cb(int fd, int what, void *v)
 #if defined(HAVE_OPENSSL)
     if (closure->ssl != NULL) {
 	const int result = SSL_read_ex(closure->ssl, buf->data + buf->len,
-	    buf->size, &nread);
+	    buf->size - buf->len, &nread);
         if (result <= 0) {
 	    const char *errstr;
             switch (SSL_get_error(closure->ssl, result)) {