Don't limit message sizes in ssl3_get_cert_verify.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 5 Jul 2014 12:30:55 +0000 (13:30 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 12:30:55 +0000 (13:30 +0100)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c

index 503bed3fe0b496eac84bac015db81392c55acc8c..eb250931ff4deee33582af37fb9afeb732752bee 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2918,7 +2918,7 @@ int ssl3_get_cert_verify(SSL *s)
                 SSL3_ST_SR_CERT_VRFY_A,
                 SSL3_ST_SR_CERT_VRFY_B,
                 -1,
-               516, /* Enough for 4096 bit RSA key with TLS v1.2 */
+               SSL3_RT_MAX_PLAIN_LENGTH,
                 &ok);
  
         if (!ok) return((int)n);
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 5 Jul 2014 12:19:12 +0000 (13:19 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 5 Jul 2014 12:30:55 +0000 (13:30 +0100)