EXT PW: Fix hash return in password fetching

The hash return buffer was previously left uninitialized in case
externally stored password ("password=ext:...") was used. This could
result in MSCHAPv2 failure if that uninitialized memory happened to be
something else than zero.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 98abd4ef7d21c6eb81e047cdf50a0bf0f6c3f9b9..3068b69c6d6fdf4e11c1b51d56106744bb8d5f11 100644 (file)
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -2046,6 +2046,8 @@ const u8 * eap_get_config_password2(struct eap_sm *sm, size_t *len, int *hash)
        if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
                if (eap_get_ext_password(sm, config) < 0)
                        return NULL;
+               if (hash)
+                       *hash = 0;
                *len = wpabuf_len(sm->ext_pw_buf);
                return wpabuf_head(sm->ext_pw_buf);
        }