Don't limit message sizes in ssl3_get_cert_verify.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:30:55 +0000 (13:30 +0100)
PR#319 (reoponed version).
(cherry picked from commit 7f6e9578648728478e84246fd3e64026b8b6a48e)

ssl/s3_srvr.c

index 503bed3..eb25093 100644 (file)
@@ -2918,7 +2918,7 @@ int ssl3_get_cert_verify(SSL *s)
                SSL3_ST_SR_CERT_VRFY_A,
                SSL3_ST_SR_CERT_VRFY_B,
                -1,
-               516, /* Enough for 4096 bit RSA key with TLS v1.2 */
+               SSL3_RT_MAX_PLAIN_LENGTH,
                &ok);
 
        if (!ok) return((int)n);