]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e95c956)
Allow EAP-Message APVs > 253 octets in EAP-TTLS module 143/head
authorTobias Brunner <tobias@strongswan.org>
Wed, 5 Dec 2012 11:51:31 +0000 (12:51 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 5 Dec 2012 17:45:15 +0000 (18:45 +0100)
According to RFC 5281, section 11.2.1 tunneled EAP packets that are
larger than 253 octets MUST be contained in a single EAP-Message AVP.

Also fixed the debug statement.

src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c patch | blob | blame | history

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index 6c9bd13dc62a1ae39b99a91e5c21b6f9e0899c27..3344c53f624a2ab26e8350b995b187eacd6d20a2 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -201,8 +201,11 @@ static VALUE_PAIR *diameter2vp(REQUEST *request, SSL *ssl,
                        goto next_attr;
                }
 
-               if (size > 253) {
-                       RDEBUG2("WARNING: diameter2vp skipping long attribute %u, attr");
+               /*
+                * EAP-Message AVPs can be larger than 253 octets.
+                */
+               if ((size > 253) && !((vendor == 0) && (attr == PW_EAP_MESSAGE))) {
+                       RDEBUG2("WARNING: diameter2vp skipping long attribute %u", attr);
                        goto next_attr;
                }
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git