From 158c7663683005a9baf2032e66eb892fba441af0 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 4 Nov 2015 01:10:27 +0100
Subject: [PATCH] Set initial previous peer nonce to zero

---
 lfd_encrypt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lfd_encrypt.c b/lfd_encrypt.c
index e61976d..e45f6fd 100644
--- a/lfd_encrypt.c
+++ b/lfd_encrypt.c
@@ -72,6 +72,7 @@ alloc_encrypt(struct vtun_host *host)
     if (init_nonce(ctx.nonce, crypto_aead_NPUBBYTES) != 0) {
         return -1;
     }
+    memset(ctx.previous_decrypted_nonce, 0, crypto_aead_NPUBBYTES);
     crypto_aead_aes256gcm_beforenm(ctx.state, host->key);
     sodium_free(host->key);
     host->key = NULL;