eap: check MTU when loading identity

If the MTU was set very low an identity could exceed the maximum.
author: James Prestwood <prestwoj@gmail.com> 2020-03-06 09:48:41 -0800
committer: Denis Kenzior <denkenz@gmail.com> 2020-03-06 12:17:09 -0600
commit: 77cfb615e5c7501e8aee2a5212f82879e0f45bc4 (patch)
tree: 3f2b772572630f59c9274a41a2a3afdd48fc50fa
parent: 53ea9adfb5c550d3dbe8ec55ab51a3ec9340e862 (diff)
download: iwd-77cfb615e5c7501e8aee2a5212f82879e0f45bc4.tar.gz
1 files changed, 10 insertions, 3 deletions
diff --git a/src/eap.c b/src/eap.c
index 012bd58e6..816b5f9a2 100644
--- a/src/eap.c
+++ b/src/eap.c
@@ -568,10 +568,17 @@ bool eap_load_settings(struct eap_state *eap, struct l_settings *settings,
 	 * octets. Support for an NAI length of 253 octets is RECOMMENDED.
 	 * ...
 	 * RADIUS is unable to support NAI lengths beyond 253 octets
+	 *
+	 * We also need to fail if the identity is too large for the set MTU
+	 * size minus 5 (header).
 	 */
-	if (eap->identity && strlen(eap->identity) > 253) {
-		l_error("Identity is too long");
-		goto err;
+	if (eap->identity) {
+		size_t id_len = strlen(eap->identity);
+
+		if (id_len > 253 || id_len > eap->mtu - 5) {
+			l_error("Identity is too long");
+			goto err;
+		}
 	}
 
 	return true;
author	James Prestwood <prestwoj@gmail.com>	2020-03-06 09:48:41 -0800
committer	Denis Kenzior <denkenz@gmail.com>	2020-03-06 12:17:09 -0600
commit	77cfb615e5c7501e8aee2a5212f82879e0f45bc4 (patch)
tree	3f2b772572630f59c9274a41a2a3afdd48fc50fa
parent	53ea9adfb5c550d3dbe8ec55ab51a3ec9340e862 (diff)
download	iwd-77cfb615e5c7501e8aee2a5212f82879e0f45bc4.tar.gz