Patch AVP parsing in EAP-TTLS module in FreeRADIUS

[strongswan.git] / testing / scripts / recipes / patches / freeradius-avp-size

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index 6c9bd13..3344c53 100644
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -201,8 +201,11 @@ static VALUE_PAIR *diameter2vp(REQUEST *request, SSL *ssl,
                        goto next_attr;
                }
 
-               if (size > 253) {
-                       RDEBUG2("WARNING: diameter2vp skipping long attribute %u, attr");
+               /*
+                * EAP-Message AVPs can be larger than 253 octets.
+                */
+               if ((size > 253) && !((VENDOR(attr) == 0) && (attr == PW_EAP_MESSAGE))) {
+                       RDEBUG2("WARNING: diameter2vp skipping long attribute %u", attr);
                        goto next_attr;
                }