--- contrib/mod_sftp/cipher.c
+++ contrib/mod_sftp/cipher.c
@@ -70,6 +70,9 @@ static size_t cipher_blockszs[2] = {
   SFTP_CIPHER_DEFAULT_BLOCK_SZ,
 };
 
+/* Buffer size for reading/writing keys */
+#define SFTP_CIPHER_BUFSZ			1536
+
 static unsigned int read_cipher_idx = 0;
 static unsigned int write_cipher_idx = 0;
 
@@ -355,7 +358,7 @@ int sftp_cipher_set_read_key(pool *p, co
    */
   EVP_CIPHER_CTX_init(cipher_ctx);
 
-  bufsz = buflen = 1024;
+  bufsz = buflen = SFTP_CIPHER_BUFSZ;
   ptr = buf = sftp_msg_getbuf(p, bufsz);
 
   /* Need to use SSH2-style format of K for the IV and key. */
@@ -517,7 +520,7 @@ int sftp_cipher_set_write_key(pool *p, c
    */
   EVP_CIPHER_CTX_init(cipher_ctx);
 
-  bufsz = buflen = 1024;
+  bufsz = buflen = SFTP_CIPHER_BUFSZ;
   ptr = buf = sftp_msg_getbuf(p, bufsz);
 
   /* Need to use SSH2-style format of K for the IV and key. */
--- contrib/mod_sftp/dhparams.pem
+++ contrib/mod_sftp/dhparams.pem
@@ -5,131 +5,142 @@
 #
 # The file was generated using the following OpenSSL command:
 #
-#   openssl dhparam -outform PEM -2|-5 1024|1536|2048|3072|4096 >> dhparams.pem
+#   openssl dhparam -outform PEM -2|-5 1024|1536|2048|4096|6144|8192 >> dhparams.pem
 #
 # Note that these DH parameters should be refreshed every so often (e.g.
-# every few years).  These parameters were last updated on 2008-09-07.
+# every few years).  These parameters were last updated on 2013-01-14.
 
+# 1024-bit DH group params
 -----BEGIN DH PARAMETERS-----
-MIGHAoGBAL1klKb7HRp8xd5Q/bg8V3ZwqUg3IHtYt8Wj3gnWqvNYoWvfm29E7XTd
-Quxo6gbqELBhjvHjZL3LRcvoG+fkXvtni5AW/3cImU2V1NOu6r6GqZTPmbMx0S/2
-XN0fij5kELsXN0GWhMnd+//3seg2qxqeSDvuAPo6s5mP/i61nIFLAgEC
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEAlWOEyCrWQg2fe22ZF/Uhjjl+kOBRkfsGz+ClmJqZ25V8OSv6gkFS
-UjOQ50n7L2yP1qyVxeez63dP18IFtqAZMCUav/BbMgt1LooHDmjCIkU7kJVp9r/b
-0lpawVygzrfhf8X+0CqoZ0AOr++jl6x/k2vTpJbWhbGI04ZC9LFDB4tg9o8MLuK4
-0EPjsyfNtq+MbcuZXe6N0fxC1UB1ioBEzS4jVyfB0mqwcXOUxCLh4ejtXX/IL46Q
-RjRR3P52AdO+L+0CRRQhrYyf4bllkDhHs82V5xdQ/a7+ZRbsvHDb9JDFTZhexMhw
-Y/tSBQ8blmE50dioe6VlYkGLA+e7vqaJIwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIHHAoHBALOPItPXrqsiUjPIuJJp6VujphDhwZm4ppzhANDLc0kvphQQ4/QqbNZd
-G2QLKzC7R/HPX0JWsYk0sbqnxQ3sc22M8qzlSWNDQv7yaFRGTKmLWDQIyfTM7EnI
-oGCP5uKBcRgkFnBtrNMTD2vCCXWb/7CZvMGEYFK+GNIvGGAnGzuwlM4ZpaOXnW5v
-oDFCoeKip3lhrrQ/VXPfqYs2wVTrEtBrFUmqBmQ9U3R+sNOrx03Fjne2EuwCxhxn
-/YoKL/FV1wIBBQ==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJTimNd8/geU7EhynM43DgfsK16oJF7NZWIUUdRc704eKwaCaqEYKyYz
-aA7NMBTT8HEpLHvmBK7KOzY9nn7J4Po+Y8HoV5UUpl23WtwePceaTZ2S7oDkXnLy
-JLK9oAQOOsJeNnvSYSs9k263MPoHWyh67VqATWwrsnH0YiXdUU4LAgEF
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIGHAoGBAK9UWSbL+3jV2SPvE28dK11Evdi9813vfTV49TS1xCGRhHMQKFmpCHQP
-GIa/kbrONOkJ7WbRVQHuohN3K6XOzBDlvBLx59pOL5KWE0KX5y5tiCbpksyJ6jnL
-84yi95u/zHiWQi9eAbFI8K40sR7KC0YXq1gqBTW04o4DT6746LqjAgEC
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIHHAoHBANwf0HdsXC5BkFrUv80XYQl84eZIRbcllfBU466t2DNWw6kDl9ArsTYo
-LVhoAbws1SSqtQWtlDNg+cJ9SWIFRKS8RrNoHzacJvWH1utJFwtNtOYdnOSnyxzt
-caQwSH4pKm1S+4TwMHG1js1n9IcNEkADa0VHTsEZWhGvMYqZ9LsRsTf167lYvJ5B
-GVJnN8RxThkRUl23iE2Wa/5I9lNQeAVb9BAVZCMw9p/1/IWkAzC2571TGQE6oXfR
-hAMNXHDHKwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJVRHDXca5zLOiUtl8dCD56IoIlppP6jmF2WAeE11GapRy9IT7LhdZTl
-Ku1ZB/vnBL3sRsRjksgv7gWH5Zqo4kVWmsDDqErWW0b7z7WpvP3KpS5nMYGnT86C
-nGVzE2/kOtdtul+QAhTDzdbm+kHhjHoH5OX0STto0GB2uXbHkWB7AgEC
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIHHAoHBAOQWHYV1Q6nICm4gcSthgCvEnatBfN/sZpC3vQD6rc6Dp1R9WhiVdKML
-kRABgYwKSP/+xq37Qs0uyFz2ir3EPxk5u/Rkx76770KqFBM7hx5MuMeivK3Qw9qo
-6tkbco7K0ZE7YGCgyy4b++rhfhyNhbI3qprxN1h4WPxouFXYjyXNVZq9mFe0gbPD
-0xA7yHzsJvU6gQ/RuhChhqCiirjmfnuSE7ej0fdW2hXIzwThnz7AiAqP0VNQiHBd
-/K9hLRGqmwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJ5fowbgIsajHjtkHicf1EpLP/OoYoexGHWvKEB9KdoXNKSTXmSYcagP
-gm3axwtp7CbmpzcNipc8MfIMQEozkwsvsy/h5fgVIxfeKvPaA9oA8PCwZ8kIVzaf
-vkVxPWRu+Azd0I+DULJuEwBqUDd4cJE1WQ2BFIdaH5nz7X2ATPePAgEF
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA8tUOZyM0dTIj0ehiRUeX5Y5S/BNl2HLbQHxcYtb/vpDM58ebADuC
-xSESbYcjAxBXbppWZOlDFP5VWr/fTd+5357MQvlFMZM32GLUidrF82Ur9u/GN3jX
-w1Z3TO7tOiIp2uxXbRvlJhUE0O+/G+pvnQsmbS0aBFDmZdd+u7HBa/3LIAlbBpdg
-aPiEgbXM5E52F5BK/5L47KKAzSLCgH7YxVFyWgKXicryMgJ3Kh0+gMVTBF+9iw6/
-n5Eam0m8f9bry2mE3Gi8ROebIHNYCa+JaUytLPD/kXRAbU5lUXp7eE2DO90+OhJa
-wjEMoNGY1OTbNLaXg3WkhF2PPxQoTSTfAwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEAiWDATfwSP6kPZTeSaLlu4IV5gW1nsutKK1l/CQVbNHxDFtt/JeIT
-cppatvo239b0bfgVApt1+i5SY+z0LeU+1RG2s3pgaASeCYz0CxogYEF2/v7Byrtx
-HOtNu9qeJH2mR2m0pZsV3ob6wtIXAbGI/JQkbuLTmsa90pLr8kJZ6vHk3N+71ZWG
-ndHwYn4iM23bFo4gQ92qgBMfeLrfCDaHvTdKNpIEyPLTLiSwSq+TuOPApGJ3s7qV
-pV3vx51QcCQN7EjMt5i2yjIHJwxI3ivRsGCQPgphHy1mfNoY9e3OrDX6fvhKaaPV
-r7EUc2uF1Qd74no9pUsco5NZqC+vNc9pqIRuV0WP68L2VyIxZDxaWsS4F01w7JAT
-syfswu3IwlNUdk4EAE8JaVviqhTCfdYgJ6j4N7xvpOm03tJycbLcDmNKSuVWvKx7
-9r51Wjc4ItRG+MCdKGMzQ8SJlN/ZK2Xb78E2WDVYoaai2VCbdx/rbT3kIGEckYIU
-l81rNYVFiYTw3Zo/+kh5IUPYs83OplMf4YUixc+jDRXELbR4hLeV/5teyl6qC7RY
-abbrBvvDqw1wj8IeVm5Cf6SJGXX6inFTRzsRMmv/UgnYUg44Ysw7iRfgP81uXfWb
-3St3OxGYsfZf5sgDTvWD27UFOndAlQS4iZGvX9t+zT8h0/EBBh/+U6MCAQU=
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIGHAoGBANX1fgb+NbhP/B1UBb2K5uj1+26LXi3+ng2SRUQJiNQT12OhzEPnIiCV
-F3VTbFjmp9gd8ReJNAMzImSS1XVw9iMYClsRxkctygprYe0oi+Wx8xb1sAaJmnxQ
-Oz4pwKBbaz2/pwykVkSYO+/3Fcgb176FFbwdzM9icXLb5IkpgKpDAgEC
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIDCAKCAwEAjkFOPge0h7o3ogiTDJgkwk85Xwkqd+kFM1NVy4HFZXUcPH2B+f2X
-rwrhuzGbDNURS0QCtVsTdJSMY4qfNhYZBeHi8bpfZSZ93KivUJaSi1E3hF+8mJey
-MC7Byi0rYdZSORd2n7oomqMNR/CIMBSgct05+CHbmnNWi1fqsnfdsjESV8b/Gu+4
-oJP6mdazE0jOjOcX1o0/fiQVQDM8+krSbvOA/DXabUAEU5n4X1bO909aUIJL9M99
-aAUN8w11uAy50elGgu2y/A+Ap7kgrCgQ4A2/OyRmq5+MBgILIq7L7HWxA72wKc5Q
-iNNBLjSySFmUf8kT4yo1PpO8j5kSqJT5KXG8Q8FxvECww5vuKC4mNA1E13ITnDgf
-qcG1KfIT1hTW1GXSoqYQfO4kVmUk5AnKK6K4eUFVZkZWE2Kys17YsYepG6TKxCU6
-xBwcivDoKqr0NQ/8NLerdNOurDj7myurWsh7l9RJIDSuTCHOPysy+5xvE1upQBSh
-BxtRXKL6cQ3yTqo4Tqg6hrYACcNatXyPBbF1B0dF7uQ1O+Qjdrg4WHF296T4YKTF
-aa73jb+x/DAMXUejLVDb6Oi6wapYVUZtLIgY9ezToPNnTtMISNISNesZZGb166Dj
-+k9InPD60Yk0wjQge2CRAUrlMOrOuSpUkYLXPzqQT7wYTZLuxXdpJXqdjrcg6ru+
-e95vBSluapMezMtRF0ZBZSPq9NuKez37gqB4XuxYWyXK1Zt6ler8U5WO6iEPsotF
-h69pKvuTYbtP20SF2nZYDxbHgGjXugnjI6rD6plYih97Y5Nak6IvuYA3F+FAtpXr
-kS3qbDBKIsPkNtyXOaUuQY0PZZRzl1+0upSdkmewyAz3qoC5dzb19xBfHrvpwUjc
-kBhmkYzole3dUQuxVU1Eu+zlq0VPedOAJdhZs7BDDnOWRZwd14teo6hhxuleT8Of
-fA1zSuozB/YNpGxdtYt5XMO3kNR4gNsurDz/5JWxRaz21QxpFVodZmy5WHeddj79
-aMXQhuG1qpc7AgEC
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIECAKCBAEA2uLCDvJnPy9O5w9VnUJWlXlo6/bUZbYSCqgsUUHU3ZUyWZV00M/h
-SFECq78SvsqeVpdDqLkaiq667AsmXUkIcZIfPfp/lgwsxcPjOICQItxYWqs6OauO
-QmY9OTeIXzEt+XSoGIW7r6mJcPFbs2CGI5VOMcdCDeIAQC3PP66ZHjwnifqjpmPK
-6fXCa9imq35EE5SAc+zBgf2Tv14TR5T0sHzViMxVSo2tAyTu5vmZJebZk2S9Kj4M
-CotC7Hv+Xj7zO1gxQns3ourbaRfPh/C6uQgBNBOBbVcCYHSbzuGYn0B4xm7et6c0
-3rXFLpf7x0kka0sG/6PMLYI7qCztqVa/e3SupG1S69CsY+UiwKUxjZlPYz4DelHT
-IfJ0Anz6qQqSkdr4b8HcSL0X4OCAci1xpC/9OW1Tx4iW2fXr8TYIhY1+aE63ARyn
-qpWFfWhE8usd61UyHeVjHWgugYhjHAUgW/2iGS1O8gZz7tcuq20IuOvWennbvRgq
-8j9QyRIgNcoSj41Y8Tm89pOxFHkuU6UeQ9B7sgMjCi2g3baehKKGVRbH+SC2SVm7
-yKEAcyx4fKKlNkOxivX4gVAo8GtEWguVIo0e/bqBDqf8L+PyGdbbJ7E+oiJ00hiS
-UU+go6WBwrrbgxwvbZBFQb4RDZukYe89kmwIV0cmLd4CUWkg04ABH1C39AoGvfAh
-e5oFk+1omSQNMDKVlW4EZ8C9ZiaC89R1DNijk4SWkNQJKl6R3DSy++Papsh+b3tb
-Ct/OujxcuuNeURy5P526IAZ+5aOq9WYwHrcfGGgp19Mq/f1M4JGvHd7C7+T4PHLL
-Vulu3OubOT3Le1q7c0gzw43hlGj0dAImvJYOdQymHBmQYmMgRjVSYHkZQLXkLhAR
-v2dGQnlA91AMLu8/WLgzilPORSbTf2zFujVbbRdXlBoQA5bj8A/aQCaHfZFV313z
-c5VgfwwGFx56NH7wRmVaIu6yTnCLro1mBv4/grH/KZa88+gYhbOFtlkkPVmnr+dA
-mexO24xVLOY+AU6Pqxae6NBT+FCbGPNM6xb0L4UMnD3hLbKf9+S1u5uCeNYtFtXx
-PYkwp42MMM5sXRcEOFncEoEf+g0EckYceV2SlyqLpxGYg1fT74gp6AooBPAtHAko
-5QuqvQqf8IwnP5iHYOGkuzPSVyTgknK0nRYvipC2T+3zlBBHj/vSwCQvXSY/zym4
-572KJXxdoBT9ZYjW5m9pKb636Ai2bh0tnAVbyZRuDWP5v/MbBs7lXYh+dNLhLkpu
-vWvGa6JMHp5GYlfSgpD0JZhu93/RshPc6GgizJyHbgKvDNzHyYUzSZQ7PzSKU83O
-f4pMJdYHvuGVdOJG7nwIYouX8t/zYxQzOwIBBQ==
+MIGHAoGBALbvOMiSzkUDxrpE0v150A1+hi9R0xSbwk2nyGBHznfZtvi3prJWIZwS
+5WPTZI9QCUCGIfGt8xfVrzzzfmruEFUZK9Tz27mR+7dPiet3c51niPIOrBlUCeTB
+Kz/urIJMeUcoUcDSbIeajAyLfwkWvLP44i/n7fDW9rsuzef6Eq+bAgEC
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAM5hpw0SGB0LHC0hN3Cp2rwnRPQtgvywaj1Ju3odzswLaxYriqQODBCH
+psywSpi5WAU2R/WUITW5VWLHlI7HpCJwNXG9s9GmHTelCGvBEd/c63jJlL6VjyOe
+M2OW+RDONoNFTXXVMmPayuUq3vfWFPGcSRZg5CI+d4Xma4eRPRxbAgEF
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAKP/HXSZf3Pbpczrl3tvL9L5g+vWsoBQWFA0PglX/RUV7wd/hgiRdcJG
+MXktBIkBDxtdKZM5JKu8d99e5Lmbw6puluLF1lA8ZJ/lcIhojnDWQZ8bFBXx2DJ9
+DpDMMX/htR8u+cnPxeKDw2gnKjuN39Ku+1IdBLYSl9iu4GEwk9rDAgEC
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAMLOI4dbum16dz3CVufbtZ/90kC92QElRU2yfEwQdxsufkcYd+uEPgfx
+vD0PCMdCl2zAHfMjMtGCrb+8pTiO2eaC/4/wd6z0LUciawZo/dSE3n7S+D51ZH1I
+IN1OyvIhMMBq+DyujB6t9jUlrpXriXdcvmv78R83uT6TwwhFtRXnAgEF
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAO7i+5IQHjs6tHh5LXAwvD3XXgxyE6j7e1KWmgHDFg6GeEo2UZLu07Zt
+Ynu9srvka3KsnzdDEqtQgZk9C1aRMpqYoy0DFptVHNFjyhydIwB23Eh5a5xmpCzg
+X4yDC+2ADrU2PC0M+T8FuAOWvd3VBBrnm3msoRBRy26IKBAeDi5jAgEC
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAIBl4JEof+IcUS/j+PnkmeYNLUtGwi/PrQ4xv5Q3V0aiy/qIOX8yYFIA
+gwBidaoqPkG0CAAYO9o8gvFhHfJHd8B296mYybSHSGI2G6TVP3xdZYNmqG1lAqd/
+Vqmj+CvmkYsgacDVD6P8yOLrF6gzBb9PxVNOFqPhNX/0yOXBr6YTAgEF
+-----END DH PARAMETERS-----
+
+# 1536-bit DH group params
+-----BEGIN DH PARAMETERS-----
+MIHHAoHBAJkp+TbtcuMfeImd5XIA7pKwGjtrcVtNpRXB4wlRbpJpbGGQcyCe65MJ
+Kmxs8sndPv1S19fTH+3Fcp9jl7JmChHs+TcWqIpvmrBFRZ/5N2bf2fgimi7hSWWF
+JwFdb9zpxUNWbAcNnR/jZdqQ61wweyUT0sfGPH+0xNRbtc1Ct1E95o4+7Os82Lh1
+TKokivVwwBf9m2vmCFEXDTgW0bLLqNRH1CQ8juEiw6i/zabmkutPPhKN0uxA7j75
++eMc/DVzlwIBBQ==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIHHAoHBAKhfKa4EANC76yzSGF+/8UKQnSzjhMDyqOmWlrvb66CTe4T6gTtpECkm
+8KDmxuN3HrlXgkEQoMh4rgazpx3UG0z8T6aqQXFZmAVMK/Yp++9H/EzJhTyntJ31
+hz3QqkoZgznvKx2vF+Gmx7C4imd+EIi7b/Lz/yw1P3wIGt1t3rznudc46BfPbRMf
+7sEQ20na5PEY5XwX3V9u2X61HM4YGto9XuNVL3uU70bxW6pceFBzdzVEadnXaJyW
+00bevXWw2wIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIHHAoHBANdeoQj9jcGLATPLTqI4vpKMgqJ5fuOe+8yiVVTmDGuNzDL7lDj5JMSF
+lrpG99IPVb6Cy+kSAyO/PBbTkj9nPzls42GKmABjb3PHYiDIBcYq4xfP7Z/PEH9J
+YIT/9PQVqVRFPHnzdZcXtaS3H6ve6npiwvgwPCNz7s7MX9C153XF99T0qCA8L/a+
+KsnKD2aaqsxi/6Njr7sBly9l6qre70lONzeOLzcwQSRq9l2pjSMEekJPY6E3yPPy
+MA4GLMlaKwIBAg==
+-----END DH PARAMETERS-----
+
+# 2048-bit DH group params
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA6Y/KjtYFfcVooSk1p2pvVbqttLQNsMIC5t9GSyWlfCBoFPqffXsm
+XVkXuy3k8zAjrdL3rGx5/+c5wlYfVAzz/q3rUR+mFEPQKgkvHKUFy0ubG0Wp/dBI
+KZ+vkK+CK0NToKAdXv8G3TfCefw9dI/Nzy2j/wxlUFapFwnZocPXUlgQd52mdCsX
+ACqZ5imBZcNQzwcEKTr2jen2l+NE2CKs8nJFVwcSlsFPqEB+7Yh1GwZik1wmBxrT
+PwPMrTk1u9CqttF7aTZBHjn++e4TkqrQs1J04s0LjdvzNVaEcUfPPiTH+68KpMwj
+NcAuMC6BV3L42Cald1HocD18s07VPcqiUwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAo+GoaemZ9KjBgLgwGZuObOQ/hQSoK1Aka/fPoSk3ECokqb0KeeI4
+Ai8YVup6WIJigf//UTZFgHXENUsJM3sSTKHe5l7LtQIkb2oPQFfzTpp2OOMceRkK
+eXpgDYBct0T0KDAJXV4uB+l6PZfL4cOLfSMNCKTg2ptGGLbbqYPLd7LNwudpe1wO
+0KB1GFEkB2ZEPTIkQx2W1ia5EHta5zlXRqa962Rbo1t5fdiM3whVTqlgKNNC5/zv
+wH7vHqyJyqVOKQyjXPsT95iBTo1GsXRz8oLXchrTybs7yfilve1eTCnQKfiZHqKw
+50XSRbAiSV8ephW8mbwCOLthruMKT7GDTwIBBQ==
+-----END DH PARAMETERS-----
+
+# 4096-bit DH group params
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEAnlCYvstlmd2VCDwdI8u0khgNwpuGmjPv17RSGCnSjx6DjuYeOqGn
+AqOjSEyDuoNx8KC6mZF5HKBoQ+nDeJ3O4y4NnZj1MaEFViu3a7XXu6Ff/fLB2nl+
+E1ryt9vk6d9GNgOF+JfB40SYsPnfX0FHd/MqJh4KQbkWoPzgfK4bgxNZUmdtFxbP
+9jO0t08nEoBGAL6a6nx7AN/mSgdOh/CEjNP7xKGTuNLv0Lq3FAAJ4e0PDjFYb9TI
+KRcwVIYpqt/DmN1+hCQ8O9GaC8gs99Gqyi4G6Iowq7oMqV8KRNdTNnfD1t3SjupE
+xFTUeBw5FiB/44Vwjiahz0PJVQggrAUadqCrqOi1k/C7z/UpwOvpBVz5162p633H
+XntMUzmi0JoomT+nR5je6wlJnpcvOeIn21rLOwkXDWmzrb1J7KYxnEa0F3fEck4P
+V9L/dICTCBiTSq9bQGjCy6Mtc0pbW8AkhpoBtmJGhsB0+t6J5nLrleD68ePPEC1e
+4kRPc3cJJPIvbMNxXPCYwjsP+AQcbxYvOlPPyDeWNj7AWQjMIAEOpBw76itfy7JP
+o+Wz5EkpUtvK9Zqo4E8719U9R0aIVhsn+DX5l5Z8XKU8wZjUwK/Fg2tIVq8tXi7/
+WuXBUe8mHU+7bUQR1GRgBaLYiOERkNS87MPtbQ4I/pmfx63HIfOj67sCAQI=
+-----END DH PARAMETERS-----
+
+# 6144-bit DH group params
+-----BEGIN DH PARAMETERS-----
+MIIDCAKCAwEA7WbPJRW6ZqHQQo6DFNV/exYBDYXTgHI8sOtX4ZsmckeLnn4MNWDx
+rHymGA6EJqz7Iu3tlPqrZnAe/mOXJZVnWMdDrXaqufXCWA1GA1nOBsX2zjEAA4Yr
+kOtE2JyNQ647gVWkZlAPNB1f0Tt4wuR2jvzMYmV+mcMfxurBoOhki7SibHs2UEvb
+iFwJQM11b5W5NRQZpKnIpU6hWPGZMkSIBX7sIoMX9y/a0BVFqAXS8rLgmWh5RcQu
+WqZPyZWHh+ctKaR3YPHyxX1kKUdFMxZVwXmnDJJeeT7NiNZd5OSJ5Z26XBoZufED
+kzvpWigSJmMmfKXaGcxExrizRSBjjAPhc784yXZcnwR2nJB3svvuCnbfO6aoIbVF
+78FtqXFiKd75mGTrPTdgfQH3OdjTaFZUp5JScpCfNwtDaWtvbgQ5x8dfxHcu/7CL
+W9SeEvlCOwWiFvd0BkE4kRElUIzzLh0ufHHEhywkVGZIicL1qz+eeeTX8V6FmdRC
+u2xHK5VtT2/yTMtDA48J5H7YTrSOiC+kgmaud5EAhxMidg4QqJa8jZYJIZpvwsEw
+AC3mUv36RkJIhuePybaoa1U1TwSWwGg2dHqidQ6gXv0t+AXxxicKFBiKKMN7DxKo
+DgA5asnrUv4Z/bfMU4yGgU3gkiJ7Sczra5N6UEJhCBScBbCI+KUXSsWpeZd2dwim
+ELxyC2Da7wIYqJhe9KYRXOoauRUy+LMBzwbKQ7nS2Abw5zON5ANlR/KJJ4H+D19+
+LN7WDc1Z8SoF59wbboAmNKjTuUV3Whh0GZuxnd88Fw7DoSWIMe++DoxIvdCRwrFz
+Ra/20ZCi99N96IX4r0WocACIG4ukPUInsup2qxMS7757gzcabD2T24irn9N9aJDf
+BefKcId/iJBFRK/loSOXT4jcyTWQqID+spA9VhIcuGEBir21R29fU9fActctWOby
+URKTuULh6Wqaf46B4suoL8jmvtyEJIwZ6zzD7mWLKv1665UD9SbKciKoy2CQ+AfC
+wnKl1+O4DPcbAgEC
+-----END DH PARAMETERS-----
+
+# 8192-bit DH group params
+-----BEGIN DH PARAMETERS-----
+MIIECAKCBAEAxcFcwEBebGISxZbtnocUuiv8Z5GoFb1fi3szRz1y1j6Hwe8mTzVM
+oKeZ5QvXE8ZWk5Alnw1phfe7yDZan4BVqJ7U00w+jaUy5Y8Tmo34uSTTRX61dpYS
+vBZsSTUEkteqWBbVQRz4l1NQ9eTVXchGAJeL9JzlUFZQbwUXfQPf95wg7y56jcqK
+fYjqQWZZgpsxFyn/MFOq7+HQeLYGqRbA1wnKkKTF8ERH16PjChsnjA1i6rH5Tb9C
+k0rpIYkZGj2pPoiNoWBEiJagYbt7XjnMGX8UPsQW8ImzoW+JIGUAHCzFZSnFp5eE
+ZCL7Q7T8Z3/9RAxHhDUh8bxhWsd9K1pGZ9XYCF4b4TKBsc6GCCmhApgbcTE3/BOO
+qLc0tu3sl75GU3wGMpiw97J8SO4LIgMKH5f+g30YBYXPY7z1Msytf6lVKrC8Lzxi
+h69nckj9QjtPY4lYHH0q7K3bq4yuQob4EPF9WBrMzWw2roH6Jv8clc9gDcqzqBkk
+zn2pKDlR2rFQ955O8A1/yjLIc21T+JwmpYYF7agRZcertzHipyoRkTfS08yQQJjg
+cKovqCueVqBNZQvogJKzJRIs5YNQX7i25bH/4JPOG1YIiV7AQ41FQLItbsnB6qS+
+U/AzGLH/hd+y2fYsHFCLdNIbsvpmPiyEwJBMCtJ6YDSu3CqMhg4YddR0X9UszIhV
+6wo/IhjNJur5AxYmVANjTyVgP48wDGwZN1V6KyCSYLjQk/tt/PY2CybRAON2ac8B
+ud5RN0PT7vJcw6EiE5gv/IB5dNIllhqAcjBx/lbbc08uwjN+5LN/MWCIy2CyZCOz
+wj3Pzqvl9QfFSFLTKFXMzxQcCKNrBmQL0t0n4X2YAD4ZJPiT/sRYQ8twXpmtKcmr
+reXQdxuphB5XRfkawT7yJBVWKAxYiVWRfAqNHs8gjt967YK7nV7Xt0wwb+r9N79/
+rYqJFtXiGV/Z8/pUfCSAUoe79NftuzV7AH9C2gMOo7iP6uOeevv7oAlOnjpoOcRl
+UnHTC4mZU5JvOF3Nbu/KRvwbX4B+mqq+O47OQm3tvNoACejMYihMlT48G2wgB5bb
+0QJ8BxmgpLL4P+K1tZsvu0V5oRHkQ10QTFFsPddwGA+8Vw74dYXT+41RQBNpWgP+
+j/zRPUAXCl3FPQ/Hj7hMnBHPQc0HWaQF7XvQzAsWj8EtvyiqZoR4mIkGHOxGCV79
+/2Ko2JCsWLqo3y9dwX09Pf2pPhBUeX1GWfCTZGEerLch/I3Cihf9JQHQ03H6gMRM
+FSRogNR62d2YmBjZM/xwWdBjpLdWNLuPRnYnbwJXs30R/oQY55iRdZdjvwPQl2uR
+9ubWhepIOmE7t5+1o0JiA3x1TX82NHwsGwIBAg==
 -----END DH PARAMETERS-----
--- contrib/mod_sftp/kex.c
+++ contrib/mod_sftp/kex.c
@@ -1915,7 +1915,7 @@ static int write_dh_reply(struct ssh2_pa
   }
 
   /* XXX Is this large enough?  Too large? */
-  buflen = bufsz = 4096;
+  buflen = bufsz = 8192;
   ptr = buf = palloc(pkt->pool, bufsz);
 
   sftp_msg_write_byte(&buf, &buflen, SFTP_SSH2_MSG_KEX_DH_REPLY);
@@ -2293,7 +2293,7 @@ static int write_dh_gex_group(struct ssh
   }
 
   /* XXX Is this large enough?  Too large? */
-  buflen = bufsz = 1024;
+  buflen = bufsz = 2048;
   ptr = buf = palloc(pkt->pool, bufsz);
 
   sftp_msg_write_byte(&buf, &buflen, SFTP_SSH2_MSG_KEX_DH_GEX_GROUP);
--- contrib/mod_sftp/mac.c
+++ contrib/mod_sftp/mac.c
@@ -69,6 +69,9 @@ static HMAC_CTX write_ctxs[2];
 
 static size_t mac_blockszs[2] = { 0, 0 };
 
+/* Buffer size for reading/writing keys */
+#define SFTP_MAC_BUFSZ				1536
+
 static unsigned int read_mac_idx = 0;
 static unsigned int write_mac_idx = 0;
 
@@ -367,7 +370,7 @@ int sftp_mac_set_read_key(pool *p, const
   mac = &(read_macs[read_mac_idx]);
   mac_ctx = &(read_ctxs[read_mac_idx]);
 
-  bufsz = buflen = 1024;
+  bufsz = buflen = SFTP_MAC_BUFSZ;
   ptr = buf = sftp_msg_getbuf(p, bufsz);
 
   /* Need to use SSH2-style format of K for the key. */
@@ -527,7 +530,7 @@ int sftp_mac_set_write_key(pool *p, cons
   mac = &(write_macs[write_mac_idx]);
   mac_ctx = &(write_ctxs[write_mac_idx]);
 
-  bufsz = buflen = 1024;
+  bufsz = buflen = SFTP_MAC_BUFSZ;
   ptr = buf = sftp_msg_getbuf(p, bufsz);
 
   /* Need to use SSH2-style format of K for the key. */