SSLv3 clients call ssl3_get_key_exchange regardless of whether this
message is required for the chosen cipher.
As a result, ssl3_get_message called from ssl3_get_key_exchange ends up
reading the certificate request message (when doing client auth and the
key exchange message is absent):
n=ssl3_get_message(s,
SSL3_ST_CR_KEY_EXCH_A,
SSL3_ST_CR_KEY_EXCH_B,
-1,
1024*8, /* ?? */
&ok);
This results in a limit of 8K for the certificate request list, whereas
the limit should be 100K.
This bug manifests itself when using s_client to connect to apache-modssl.
Apache sends all the CA's listed in ca-bundle.crt, which exceeds the 8K
limit and causes the client to barf:
28537:error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message
size:s3_both.c:418:
Nagendra Modadugu
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
