From 15b5a25b3ce48cc9cf6aec7e9fbd736df833450a Mon Sep 17 00:00:00 2001
From: "Alan T. DeKok" <aland@freeradius.org>
Date: Thu, 25 Jul 2024 08:39:14 -0700
Subject: set Message-Authenticator to zero each time we send a packet.  Fixes
 #96

---
 src/pam_radius_auth.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c
index 560b141..cc7bf2d 100644
--- a/src/pam_radius_auth.c
+++ b/src/pam_radius_auth.c
@@ -1130,6 +1130,7 @@ static int talk_radius(radius_conf_t * conf, AUTH_HDR * request,
 		}
 
 		if (request->code == PW_AUTHENTICATION_REQUEST) {
+			memset(conf->message_authenticator, 0, AUTH_VECTOR_LEN);
 			hmac_md5(conf->message_authenticator, (uint8_t *) request, ntohs(request->length),
 				 (const uint8_t *) server->secret, strlen(server->secret));
 
-- 
cgit v1.2.3