1 files changed, 0 insertions, 87 deletions

diff --git a/debian/patches/upstream-issue-879.patch b/debian/patches/upstream-issue-879.patch
deleted file mode 100644
index 2139afc..0000000
--- a/debian/patches/upstream-issue-879.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-Index: openvpn/src/openvpn/forward.c
-===================================================================
---- openvpn.orig/src/openvpn/forward.c	2017-05-22 14:59:09.634938195 +0200
-+++ openvpn/src/openvpn/forward.c	2017-05-22 14:59:09.630937170 +0200
-@@ -866,9 +866,16 @@
-              * will load crypto_options with the correct encryption key
-              * and return false.
-              */
-+            uint8_t opcode = *BPTR(&c->c2.buf) >> P_OPCODE_SHIFT;
-             if (tls_pre_decrypt(c->c2.tls_multi, &c->c2.from, &c->c2.buf, &co,
-                                 floated, &ad_start))
-             {
-+                /* Restore pre-NCP frame parameters */
-+                if (is_hard_reset(opcode, c->options.key_method))
-+                {
-+                    c->c2.frame = c->c2.frame_initial;
-+                }
-+
-                 interval_action(&c->c2.tmp_int);
- 
-                 /* reset packet received timer if TLS packet */
-Index: openvpn/src/openvpn/init.c
-===================================================================
---- openvpn.orig/src/openvpn/init.c	2017-05-22 14:59:09.634938195 +0200
-+++ openvpn/src/openvpn/init.c	2017-05-22 14:59:09.634938195 +0200
-@@ -4055,6 +4055,8 @@
-         c->c2.did_open_tun = do_open_tun(c);
-     }
- 
-+    c->c2.frame_initial = c->c2.frame;
-+
-     /* print MTU info */
-     do_print_data_channel_mtu_parms(c);
- 
-Index: openvpn/src/openvpn/openvpn.h
-===================================================================
---- openvpn.orig/src/openvpn/openvpn.h	2017-05-22 14:59:09.634938195 +0200
-+++ openvpn/src/openvpn/openvpn.h	2017-05-22 14:59:09.634938195 +0200
-@@ -263,7 +263,8 @@
-     struct link_socket_actual from;             /* address of incoming datagram */
- 
-     /* MTU frame parameters */
--    struct frame frame;
-+    struct frame frame;                         /* Active frame parameters */
-+    struct frame frame_initial;                 /* Restored on new session */
- 
- #ifdef ENABLE_FRAGMENT
-     /* Object to handle advanced MTU negotiation and datagram fragmentation */
-Index: openvpn/src/openvpn/ssl.c
-===================================================================
---- openvpn.orig/src/openvpn/ssl.c	2017-05-22 14:59:09.634938195 +0200
-+++ openvpn/src/openvpn/ssl.c	2017-05-22 14:59:09.634938195 +0200
-@@ -830,14 +830,7 @@
-     return BSTR(&out);
- }
- 
--/*
-- * Given a key_method, return true if op
-- * represents the required form of hard_reset.
-- *
-- * If key_method = 0, return true if any
-- * form of hard reset is used.
-- */
--static bool
-+bool
- is_hard_reset(int op, int key_method)
- {
-     if (!key_method || key_method == 1)
-Index: openvpn/src/openvpn/ssl.h
-===================================================================
---- openvpn.orig/src/openvpn/ssl.h	2017-05-22 14:59:09.634938195 +0200
-+++ openvpn/src/openvpn/ssl.h	2017-05-22 14:59:09.634938195 +0200
-@@ -591,6 +591,14 @@
- /*#define EXTRACT_X509_FIELD_TEST*/
- void extract_x509_field_test(void);
- 
-+/**
-+ * Given a key_method, return true if opcode represents the required form of
-+ * hard_reset.
-+ *
-+ * If key_method == 0, return true if any form of hard reset is used.
-+ */
-+bool is_hard_reset(int op, int key_method);
-+
- #endif /* ENABLE_CRYPTO */
- 
- #endif /* ifndef OPENVPN_SSL_H */