From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 5 Jul 2014 12:19:12 +0000 (+0100)
Subject: Don't limit message sizes in ssl3_get_cert_verify.
X-Git-Tag: OpenSSL_1_0_1i~52
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c923132e9dfc9bb42c5dda822033b822d1d5cbe8;p=oweals%2Fopenssl.git

Don't limit message sizes in ssl3_get_cert_verify.

PR#319 (reoponed version).
(cherry picked from commit 7f6e9578648728478e84246fd3e64026b8b6a48e)
---

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 503bed3fe0..eb250931ff 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2918,7 +2918,7 @@ int ssl3_get_cert_verify(SSL *s)
 		SSL3_ST_SR_CERT_VRFY_A,
 		SSL3_ST_SR_CERT_VRFY_B,
 		-1,
-		516, /* Enough for 4096 bit RSA key with TLS v1.2 */
+		SSL3_RT_MAX_PLAIN_LENGTH,
 		&ok);
 
 	if (!ok) return((int)n);