From 7b88b64cd3cb22aceb8abf5143323e03a914bbb7 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Tue, 7 Jan 2014 22:30:25 +0200
Subject: [PATCH] EXT PW: Fix hash return in password fetching

The hash return buffer was previously left uninitialized in case
externally stored password ("password=ext:...") was used. This could
result in MSCHAPv2 failure if that uninitialized memory happened to be
something else than zero.

Signed-hostap: Jouni Malinen <j@w1.fi>
---
 src/eap_peer/eap.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 98abd4ef7..3068b69c6 100644
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -2046,6 +2046,8 @@ const u8 * eap_get_config_password2(struct eap_sm *sm, size_t *len, int *hash)
 	if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
 		if (eap_get_ext_password(sm, config) < 0)
 			return NULL;
+		if (hash)
+			*hash = 0;
 		*len = wpabuf_len(sm->ext_pw_buf);
 		return wpabuf_head(sm->ext_pw_buf);
 	}