mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-02-16 17:13:05 -05:00
a2fbf12524
When Linux has Path MTU discovery enabled, it sets by default the DF bit on all outgoing datagrams, also UDP ones. If a RADIUS message is bigger than the smallest MTU size to the target, it will be discarded. This effectively limits RADIUS messages to ~ 1500 Bytes, while they can be up to 4k according to RFC2865. In practice, this can mean trouble when doing EAP-TLS with many RADIUS attributes besides the EAP-Message. [Bug 326]