aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--man/strongswan.conf.5.in8
-rw-r--r--src/libtls/tls_eap.c2
2 files changed, 5 insertions, 5 deletions
diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in
index da6013c59..af46c3cd1 100644
--- a/man/strongswan.conf.5.in
+++ b/man/strongswan.conf.5.in
@@ -302,7 +302,7 @@ PAM service to be used for authentication
Maximum size of an EAP-PEAP packet
.TP
.BR charon.plugins.eap-peap.max_message_count " [32]"
-Maximum number of processed EAP-PEAP packets
+Maximum number of processed EAP-PEAP packets (0 = no limit)
.TP
.BR charon.plugins.eap-peap.include_length " [no]"
Include length in non-fragmented EAP-PEAP packets
@@ -394,7 +394,7 @@ Number of sockets (ports) to use, increase for high load
Maximum size of an EAP-TLS packet
.TP
.BR charon.plugins.eap-tls.max_message_count " [32]"
-Maximum number of processed EAP-TLS packets
+Maximum number of processed EAP-TLS packets (0 = no limit)
.TP
.BR charon.plugins.eap-tls.include_length " [yes]"
Include length in non-fragmented EAP-TLS packets
@@ -403,7 +403,7 @@ Include length in non-fragmented EAP-TLS packets
Maximum size of an EAP-TNC packet
.TP
.BR charon.plugins.eap-tnc.max_message_count " [10]"
-Maximum number of processed EAP-TNC packets
+Maximum number of processed EAP-TNC packets (0 = no limit)
.TP
.BR charon.plugins.eap-tnc.include_length " [yes]"
Include length in non-fragmented EAP-TNC packets
@@ -412,7 +412,7 @@ Include length in non-fragmented EAP-TNC packets
Maximum size of an EAP-TTLS packet
.TP
.BR charon.plugins.eap-ttls.max_message_count " [32]"
-Maximum number of processed EAP-TTLS packets
+Maximum number of processed EAP-TTLS packets (0 = no limit)
.TP
.BR charon.plugins.eap-ttls.include_length " [yes]"
Include length in non-fragmented EAP-TTLS packets
diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c
index 9cd572103..1354fa144 100644
--- a/src/libtls/tls_eap.c
+++ b/src/libtls/tls_eap.c
@@ -320,7 +320,7 @@ METHOD(tls_eap_t, process, status_t,
eap_tls_packet_t *pkt;
status_t status;
- if (++this->processed > this->max_msg_count)
+ if (this->max_msg_count && ++this->processed > this->max_msg_count)
{
DBG1(DBG_TLS, "%N packet count exceeded (%d > %d)",
eap_type_names, this->type,
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-28 09:18:10 +0000