From 9d78b2f53c48ddbc2f978e3365af183c69a33c84 Mon Sep 17 00:00:00 2001
From: Yaroslav Isakov <yaroslav.isakov@gmail.com>
Date: Sat, 14 Feb 2026 19:35:06 +0100
Subject: [PATCH] hostapd: fix EAP-PWD in experimental hostapd-radius server

Without initializing pwd_group, it's set to 0, which is reserved value.
When EAP-PWD is used in wpa_supplicant/eapol_test, next error is seen:
EAP-PWD: Server EAP-pwd-ID proposal: group=0 random=1 prf=1 prep=0
EAP-pwd: Unsupported or disabled proposal

Signed-off-by: Yaroslav Isakov <yaroslav.isakov@gmail.com>
---
 package/network/services/hostapd/src/hostapd/radius.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/network/services/hostapd/src/hostapd/radius.c b/package/network/services/hostapd/src/hostapd/radius.c
index 7685d4d6743..0b4f76ee2f1 100644
--- a/package/network/services/hostapd/src/hostapd/radius.c
+++ b/package/network/services/hostapd/src/hostapd/radius.c
@@ -568,6 +568,7 @@ static int radius_setup(struct radius_state *s, struct radius_config *c)
 	eap->max_auth_rounds = 100;
 	eap->max_auth_rounds_short = 50;
 	eap->ssl_ctx = tls_init(&conf);
+	eap->pwd_group = 19;
 	if (!eap->ssl_ctx) {
 		wpa_printf(MSG_INFO, "TLS init failed\n");
 		return 1;
-- 
2.47.3