Changed PEAPv0 cryptobinding to be disabled by default

There are some interoperability issues with Windows Server 2008 NPS, so
better disable cryptobinding use by default for now.

src/eap_peer/eap_config.h

@@ -353,8 +353,8 @@ struct eap_peer_config {
 	 *
 	 * crypto_binding option can be used to control PEAPv0 cryptobinding
 	 * behavior:
-	 * 0 = do not use cryptobinding
+	 * 0 = do not use cryptobinding (default)
-	 * 1 = use cryptobinding if server supports it (default)
+	 * 1 = use cryptobinding if server supports it
 	 * 2 = require cryptobinding
 	 */
 	char *phase1;

src/eap_peer/eap_peap.c

@@ -140,7 +140,7 @@ static void * eap_peap_init(struct eap_sm *sm)
 	data->peap_version = EAP_PEAP_VERSION;
 	data->force_peap_version = -1;
 	data->peap_outer_success = 2;
-	data->crypto_binding = OPTIONAL_BINDING;
+	data->crypto_binding = NO_BINDING;
 
 	if (config && config->phase1 &&
 	    eap_peap_parse_phase1(data, config->phase1) < 0) {

wpa_supplicant/wpa_supplicant.conf

@@ -394,8 +394,8 @@ fast_reauth=1
 #	protected result indication.
 #	'crypto_binding' option can be used to control PEAPv0 cryptobinding
 #	behavior:
-#	 * 0 = do not use cryptobinding
+#	 * 0 = do not use cryptobinding (default)
-#	 * 1 = use cryptobinding if server supports it (default)
+#	 * 1 = use cryptobinding if server supports it
 #	 * 2 = require cryptobinding
 # phase2: Phase2 (inner authentication with TLS tunnel) parameters
 #	(string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or