Clear hostapd configuration keys explicitly

Use an explicit memset call to clear any hostapd configuration parameter
that contains private information like keys or identity. This brings in
an additional layer of protection by reducing the length of time this
type of private data is kept in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>

src/ap/ap_config.c

@@ -379,7 +379,7 @@ void hostapd_config_free_eap_user(struct hostapd_eap_user *user)
 {
 	hostapd_config_free_radius_attr(user->accept_attr);
 	os_free(user->identity);
-	os_free(user->password);
+	bin_clear_free(user->password, user->password_len);
 	os_free(user);
 }
 
@@ -388,7 +388,7 @@ static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
 {
 	int i;
 	for (i = 0; i < NUM_WEP_KEYS; i++) {
-		os_free(keys->key[i]);
+		bin_clear_free(keys->key[i], keys->len[i]);
 		keys->key[i] = NULL;
 	}
 }
@@ -406,10 +406,10 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
 	while (psk) {
 		prev = psk;
 		psk = psk->next;
-		os_free(prev);
+		bin_clear_free(prev, sizeof(*prev));
 	}
 
-	os_free(conf->ssid.wpa_passphrase);
+	str_clear_free(conf->ssid.wpa_passphrase);
 	os_free(conf->ssid.wpa_psk_file);
 	hostapd_config_free_wep(&conf->ssid.wep);
 #ifdef CONFIG_FULL_DYNAMIC_VLAN