Don't limit message sizes in ssl3_get_cert_verify.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)
PR#319 (reoponed version).

ssl/s3_srvr.c

index 00fa679..20e76cc 100644 (file)
@@ -3052,7 +3052,7 @@ int ssl3_get_cert_verify(SSL *s)
                SSL3_ST_SR_CERT_VRFY_A,
                SSL3_ST_SR_CERT_VRFY_B,
                -1,
-               516, /* Enough for 4096 bit RSA key with TLS v1.2 */
+               SSL3_RT_MAX_PLAIN_LENGTH,
                &ok);
 
        if (!ok) return((int)n);