On Tue, Jul 31, 2001 at 07:41:32PM +0400, Antony Uspensky wrote: > Problem description: > > Trying to use 4096 bit RSA keys I get a error in SSL_accept (): > > error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size > > The error is signaled only if RSA key length is more then ~3500 bits > (3072 bit keys are still OK). > #0 ssl3_get_message (s=0x80e39f8, > st1=8592 (SSL3_ST_SR_KEY_EXCH_A), > stn=8593 (SSL3_ST_SR_KEY_EXCH_B), > mt=16 (SSL3_MT_CLIENT_KEY_EXCHANGE), > max=400, > ok=0xbfff757c) at s3_both.c:415 Thanks for the report. Actually, in the development tree, the maximum accepted size for client key exchange messages has been increased to 2048 quite some time ago. I don't know why I did not change it for 0.9.6a and 0.9.6b too. The next release will use 2048, be it 0.9.6c or 0.9.7. -- Bodo M�ller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
