From 86116bb022f0b885638ff9ba21b359fc9f55286a Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 6 Oct 2012 21:15:19 +0200
Subject: [PATCH] Clear connection options and status fields in
 free_connection_partially().

Most fields should be zero when reusing a connection. In particular, when an
outgoing connection to a node which is reachable on more than one address is
made, the second connection to that node will have status.encryptout set but
outctx will be NULL, causing a NULL pointer dereference when
EVP_EncryptUpdate() is called in send_meta() when it shouldn't.
---
 src/connection.c | 12 ++++++++++++
 src/connection.h |  2 +-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/connection.c b/src/connection.c
index fafec5db..0293100e 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -83,9 +83,21 @@ void free_connection_partially(connection_t *c) {
 
 	c->socket = -1;
 
+	c->options = 0;
+	c->status.pinged = false;
+	c->status.connecting = false;
+	c->status.encryptout = false;
+	c->status.decryptin = false;
+	c->status.mst = false;
+	c->status.control = false;
+	c->status.pcap = false;
+	c->status.log = false;
+
 	c->protocol_major = 0;
 	c->protocol_minor = 0;
 	c->allow_request = 0;
+	c->tcplen = 0;
+	c->last_ping_time = 0;
 }
 
 void free_connection(connection_t *c) {
diff --git a/src/connection.h b/src/connection.h
index 854e29f2..3ed0e317 100644
--- a/src/connection.h
+++ b/src/connection.h
@@ -38,7 +38,7 @@ typedef struct connection_status_t {
 		unsigned int pinged:1;			/* sent ping */
 		unsigned int active:1;			/* 1 if active.. */
 		unsigned int connecting:1;		/* 1 if we are waiting for a non-blocking connect() to finish */
-		unsigned int termreq:1;			/* the termination of this connection was requested */
+		unsigned int unused_termreq:1;		/* the termination of this connection was requested */
 		unsigned int remove_unused:1;		/* Set to 1 if you want this connection removed */
 		unsigned int timeout_unused:1;		/* 1 if gotten timeout */
 		unsigned int encryptout:1;		/* 1 if we can encrypt outgoing traffic */
-- 
2.39.5