include_length and EAP-TTLS

Gong Cheng chengg11 at yahoo.com
Fri Dec 5 02:26:21 CET 2008


I wonder if this is a small violation of the EAP-TTLS RFC (5281).

In RFC 5281 http://tools.ietf.org/html/rfc5281#section-9.2.2, it states:

"  .... Fragments other than the first MUST NOT have the L
   bit set. ...
"

while this behavior is configurable in eap.conf:

"
                        #  include_length is a flag which is
                        #  by default set to yes If set to
                        #  yes, Total Length of the message is
                        #  included in EVERY packet we send.
                        #  If set to no, Total Length of the
                        #  message is included ONLY in the
                        #  First packet of a fragment series.
                        #
                #       include_length = yes
"

I understand that it is for EAP-TLS (which does not have this restriction) but I think EAP-TTLS is controlled by the same line. (?)

I confess that I only actually SEE the behavior in the now ancient 1.1.6 version, and only took a quick look at the 2.1.0 config file and source code. I apologize if  I missed something or this had been brought up before.

-gong



More information about the Freeradius-Users mailing list