Patch AVP parsing in EAP-TTLS module in FreeRADIUS
authorTobias Brunner <tobias@strongswan.org>
Tue, 4 Dec 2012 17:43:30 +0000 (18:43 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 17 Jan 2013 14:22:08 +0000 (15:22 +0100)
testing/scripts/recipes/freeradius.mk
testing/scripts/recipes/patches/freeradius-avp-size [new file with mode: 0644]

index ec530a8..7b7a5fe 100644 (file)
@@ -16,6 +16,7 @@ CONFIG_OPTS = \
 
 PATCHES = \
        freeradius-eap-sim-identity \
+       freeradius-avp-size \
        freeradius-tnc-fhh
 
 all: install
diff --git a/testing/scripts/recipes/patches/freeradius-avp-size b/testing/scripts/recipes/patches/freeradius-avp-size
new file mode 100644 (file)
index 0000000..e7e1f63
--- /dev/null
@@ -0,0 +1,18 @@
+diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+index 6c9bd13..3344c53 100644
+--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
++++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+@@ -201,8 +201,11 @@ static VALUE_PAIR *diameter2vp(REQUEST *request, SSL *ssl,
+                       goto next_attr;
+               }
+-              if (size > 253) {
+-                      RDEBUG2("WARNING: diameter2vp skipping long attribute %u, attr");
++              /*
++               * EAP-Message AVPs can be larger than 253 octets.
++               */
++              if ((size > 253) && !((VENDOR(attr) == 0) && (attr == PW_EAP_MESSAGE))) {
++                      RDEBUG2("WARNING: diameter2vp skipping long attribute %u", attr);
+                       goto next_attr;
+               }