Skip to content
Snippets Groups Projects
Commit c2333696 authored by Ján Sebechlebský's avatar Ján Sebechlebský Committed by Guillaume Valadon
Browse files

Fix EAP (#557) 

* Add message field in EAP-Indentity request

EAP-Identity request may contain message as stated in RFC3748.

* Fix fragmented EAP-TLS

Current implementation fails to dissect fragmented EAP-TLS.
Fragmented EAP-TLS messages are quite common, in this case only
first EAP-TLS will contain tls_message_len field (indicated by L bit),
which will be total length of reassembled tls message.

Length of tls payload in single EAP-TLS message should therefore
be determined by EAP.len field (see RFC5216-Fragmentation).

To implement this I find reasonable to make EAP-TLS subclass of EAP.

* Fix fragmented EAP-FAST

Implementation of EAP-FAST suffers from the same issue as EAP-TLS,
see previous commit message.

* Fix EAP-MD5 Dissection

Implementation of EAP-MD5 was not following RFC3748 (which is
referencing RFC1994) properly.

Field value_size is determining only size of value_field.
It might have length different than 16B in EAP-MD5 request,
because in that case it is not used to transmit MD5 hash,
but random challenge value.
Size of optional_name(extra data) is determined as "rest of" EAP message
(len field of EAP).
parent 14be8ac4
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 43 additions and 16 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment