RadSec FR3.0 to Radiator: "Received packet will be too large"

Brian Julin BJulin at clarku.edu
Wed Feb 22 20:42:47 CET 2012



Hello again,

We're piloting RadSec as a federation server uplink.  They use Radiator.  When we first attempted to connect we'd get 
a "Received packet will be too large!" carp from main/tls.c.  They checked on their end and say they have no fragment
size option for RadSec TLS connections, only for EAP-TLS connections.

So we applied the below as a test and it works, but I was wondering as to the wisdom of it...


diff --git a/src/main/tls.c b/src/main/tls.c
index 10caec4..947409f 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -2709,7 +2709,7 @@ int proxy_tls_recv(rad_listen_t *listener)
        size_t length;
        listen_socket_t *sock = listener->data;
        char buffer[256];
-       uint8_t data[1024];
+       uint8_t data[2048];
        RADIUS_PACKET *packet;
        RAD_REQUEST_FUNP fun = NULL;




More information about the Freeradius-Users mailing list