Thanks for the notification and patch. It's now applied and
committed, and this ticket is now resolved.
[[EMAIL PROTECTED] - Mon Oct 7 13:46:07 2002]:
openssl will read max 31 bytes of client auth challenge,
because the following line assumes total message length
is
openssl will read max 31 bytes of client auth challenge,
because the following line assumes total message length
is SSL2_MAX_CERT_CHALLENGE_LENGTH+1, where it's really
SSL2_MAX_CERT_CHALLENGE_LENGTH+2:
in static int client_certificate(SSL *s), s2_clnt.c:772
i=ssl2_read(s,(char