Changed RADIUS MTU and small fixes

source/6LoWPAN/ws/ws_config.h

@@ -273,4 +273,11 @@ extern uint8_t DEVICE_MIN_SENS;
 #define RADIUS_CLIENT_RETRY_IMAX           30       // First retry maximum 3 seconds
 #define RADIUS_CLIENT_TIMER_EXPIRATIONS    3        // Number of retries is three
 
+/*
+ *  EAP-TLS fragment length
+ *
+ *  Configures both EAP-TLS and the RADIUS client (Framed-MTU on RFC 2864)
+ */
+#define EAP_TLS_FRAGMENT_LEN_VALUE         600       // EAP-TLS fragment length
+
 #endif /* WS_CONFIG_H_ */

source/6LoWPAN/ws/ws_pae_controller.c

@@ -1221,7 +1221,8 @@ int8_t ws_pae_controller_radius_address_set(int8_t interface_id, const uint8_t *
     }
 
     if (ws_pae_auth_radius_address_set(controller->interface_ptr, radius_cfg->radius_addr) < 0) {
-        return -1;
+        // If not set here since authenticator not created, then set on authenticator initialization
+        return 0;
     }
 
     return 0;

source/Security/kmp/kmp_socket_if.c

@@ -91,7 +91,7 @@ int8_t kmp_socket_if_register(kmp_service_t *service, uint8_t *instance_id, bool
     if (*instance_id == 0) {
         socket_if->instance_id = kmp_socket_if_instance_id++;
         if (socket_if->instance_id == 0) {
-            socket_if->instance_id++;
+            socket_if->instance_id = kmp_socket_if_instance_id++;
         }
         *instance_id = socket_if->instance_id;
     }

source/Security/protocols/eap_tls_sec_prot/eap_tls_sec_prot_lib.c

@@ -201,8 +201,8 @@ static int8_t eap_tls_sec_prot_lib_ack_update(tls_data_t *tls)
         return false;
     }
 
-    if (tls->handled_len + TLS_FRAGMENT_LEN < tls->total_len) {
-        tls->handled_len += TLS_FRAGMENT_LEN;
+    if (tls->handled_len + EAP_TLS_FRAGMENT_LEN_VALUE < tls->total_len) {
+        tls->handled_len += EAP_TLS_FRAGMENT_LEN_VALUE;
         return false;
     }
 
@@ -236,8 +236,8 @@ static uint8_t *eap_tls_sec_prot_lib_fragment_write(uint8_t *data, uint16_t tota
         data_begin[0] = *flags;
     }
 
-    if (total_len - handled_len > TLS_FRAGMENT_LEN) {
-        *message_len += TLS_FRAGMENT_LEN;
+    if (total_len - handled_len > EAP_TLS_FRAGMENT_LEN_VALUE) {
+        *message_len += EAP_TLS_FRAGMENT_LEN_VALUE;
 
         if (handled_len == 0) {
             data_begin -= 4; // length

source/Security/protocols/eap_tls_sec_prot/eap_tls_sec_prot_lib.h

@@ -54,7 +54,6 @@ typedef struct {
     uint16_t                      handled_len;    /**< Handled length of the data buffer (e.g. acked by other end) */
 } tls_data_t;
 
-#define TLS_FRAGMENT_LEN          600   //EAP-TLS fragment length
 #define TLS_HEAD_LEN              5      //EAP-TLS flags and EAP-TLS length
 
 extern const uint8_t eap_msg_trace[4][10];

source/Security/protocols/eap_tls_sec_prot/radius_eap_tls_sec_prot.c

@@ -495,7 +495,7 @@ static void radius_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
 
             // On timeout
             if (sec_prot_result_timeout_check(&data->common)) {
-                // Do nothing for now
+                // Do nothing (trickle timer not running, so should not happen)
                 return;
             }
 

source/Security/protocols/radius_sec_prot/avp_helper.h

@@ -46,8 +46,8 @@
 // EUI-64 in ascii string: 00-11-..-77
 #define STATION_ID_LEN                           16 + 7
 
-// MTU value TBD
-#define FRAMED_MTU                               1400
+// MTU value is set by EAP-TLS fragment length
+#define FRAMED_MTU                               EAP_TLS_FRAGMENT_LEN_VALUE
 
 #define NAS_PORT                                 1
 

source/Security/protocols/radius_sec_prot/radius_client_sec_prot.c

@@ -508,7 +508,9 @@ static int8_t radius_client_sec_prot_receive(sec_prot_t *prot, void *pdu, uint16
             if (radius_client_sec_prot_ms_mppe_recv_key_pmk_decrypt(prot, recv_key,
                                                                     recv_key_len - AVP_FIXED_LEN, data->request_authenticator, data->new_pmk) >= 0) {
                 data->new_pmk_set = true;
+#ifdef EXTRA_DEBUG_INFO
                 tr_info("RADIUS PMK: %s %s", tr_array(data->new_pmk, 16), tr_array(data->new_pmk + 16, 16));
+#endif
             }
         }
     }