> Wait, is OpenSSL "sanity checking" a message size dictated by the same ends > local configuration against a fixed arbitrary limit rather than a limit computed > from that local configuration? Yup. Call it a limitation of C, if you want. "#define MAX_..." is just too hard to avoid. It has been this way forever. There was an open ticket about removing all fixed-sized limits, I think. But I doubt that will happen.
