Revert "Merge branch 'stretch' of ssh://git.debian.org/git/collab-maint/openvpn into stretch"

This reverts commit 3804bc2606a92e2f2f4b3a2b043af0d77d92b386, reversing
changes made to 678cfd249add7ca758e4c41933c7b730132c99f4.

1 files changed, 10 insertions, 8 deletions

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index d94a421..cff4052 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -830,7 +830,14 @@ print_key_id(struct tls_multi *multi, struct gc_arena *gc)
     return BSTR(&out);
 }
 
-bool
+/*
+ * Given a key_method, return true if op
+ * represents the required form of hard_reset.
+ *
+ * If key_method = 0, return true if any
+ * form of hard reset is used.
+ */
+static bool
 is_hard_reset(int op, int key_method)
 {
     if (!key_method || key_method == 1)
@@ -2240,7 +2247,7 @@ push_peer_info(struct buffer *buf, struct tls_session *session)
         buf_printf(&out, "IV_PLAT=mac\n");
 #elif defined(TARGET_NETBSD)
         buf_printf(&out, "IV_PLAT=netbsd\n");
-#elif defined(TARGET_FREEBSD) || defined(__FreeBSD_kernel__)
+#elif defined(TARGET_FREEBSD)
         buf_printf(&out, "IV_PLAT=freebsd\n");
 #elif defined(TARGET_ANDROID)
         buf_printf(&out, "IV_PLAT=android\n");
@@ -3701,12 +3708,7 @@ tls_pre_decrypt(struct tls_multi *multi,
                                 /* Save incoming ciphertext packet to reliable buffer */
                                 struct buffer *in = reliable_get_buf(ks->rec_reliable);
                                 ASSERT(in);
-                                if(!buf_copy(in, buf))
-                                {
-                                    msg(D_MULTI_DROPPED,
-                                        "Incoming control channel packet too big, dropping.");
-                                    goto error;
-                                }
+                                ASSERT(buf_copy(in, buf));
                                 reliable_mark_active_incoming(ks->rec_reliable, in, id, op);
                             }