I wonder if this is a small violation of the EAP-TTLS RFC (5281).
In RFC 5281 http://tools.ietf.org/html/rfc5281#section-9.2.2, it states:
" .... Fragments other than the first MUST NOT have the L
bit set. ...
"
while this behavior is configurable in eap.conf:
"
# include_length is a flag which is
# by default set to yes If set to
# yes, Total Length of the message is
# included in EVERY packet we send.
# If set to no, Total Length of the
# message is included ONLY in the
# First packet of a fragment series.
#
# include_length = yes
"
I understand that it is for EAP-TLS (which does not have this restriction) but
I think EAP-TTLS is controlled by the same line. (?)
I confess that I only actually SEE the behavior in the now ancient 1.1.6
version, and only took a quick look at the 2.1.0 config file and source code. I
apologize if I missed something or this had been brought up before.
-gong
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
