diff -Nru gnutls28-3.5.3/debian/changelog gnutls28-3.5.3/debian/changelog --- gnutls28-3.5.3/debian/changelog 2016-09-06 08:55:35.000000000 -0400 +++ gnutls28-3.5.3/debian/changelog 2016-09-18 08:03:47.000000000 -0400 @@ -1,3 +1,23 @@ +gnutls28 (3.5.3-5ubuntu1) yakkety; urgency=medium + + * Merge with Debian (LP: #1624856). Remaining changes: + - debian/patches/disable_global_init_override_test.patch: disable failing + test. + - debian/patches/add-openssl-test-link.patch: add link for libssl + + -- Anders Kaseorg Sun, 18 Sep 2016 08:03:47 -0400 + +gnutls28 (3.5.3-5) experimental; urgency=medium + + * Pull DTLS fixes from upstream GIT master. + 45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch + 45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch + 45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch + 45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch + Closes: #835587 + + -- Andreas Metzler Wed, 07 Sep 2016 19:56:58 +0200 + gnutls28 (3.5.3-4ubuntu1) yakkety; urgency=medium * Merge with Debian; remaining changes: diff -Nru gnutls28-3.5.3/debian/patches/45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch gnutls28-3.5.3/debian/patches/45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch --- gnutls28-3.5.3/debian/patches/45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.5.3/debian/patches/45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch 2016-09-18 08:03:05.000000000 -0400 @@ -0,0 +1,70 @@ +From d4122565ba7c2551d727cf812c65bf6f2f8666a3 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 29 Aug 2016 13:25:23 +0200 +Subject: [PATCH 1/3] tests: enhance the DTLS window unit test to account for + lost packets + +This adds tests for cases where many lost packets are encountered, +such as 50% of the packets received, as well as 3 consequent packets +being lost. +--- + tests/dtls-sliding-window.c | 36 +++++++++++++++++++++++++++++++++++- + 1 file changed, 35 insertions(+), 1 deletion(-) + +diff --git a/tests/dtls-sliding-window.c b/tests/dtls-sliding-window.c +index eeec757..1ad1529 100644 +--- a/tests/dtls-sliding-window.c ++++ b/tests/dtls-sliding-window.c +@@ -147,6 +147,38 @@ static void check_dtls_window_19(void **glob_state) + assert_int_equal(_dtls_record_check(&state, &t), 0); + } + ++static void check_dtls_window_skip1(void **glob_state) ++{ ++ struct record_parameters_st state; ++ uint64 t; ++ unsigned i; ++ ++ RESET_WINDOW; ++ SET_WINDOW_START(0); ++ SET_WINDOW_LAST_RECV(1); ++ ++ for (i=2;i<256;i+=2) { ++ uint64_set(&t, BSWAP64(i)); ++ assert_int_equal(_dtls_record_check(&state, &t), 0); ++ } ++} ++ ++static void check_dtls_window_skip3(void **glob_state) ++{ ++ struct record_parameters_st state; ++ uint64 t; ++ unsigned i; ++ ++ RESET_WINDOW; ++ SET_WINDOW_START(0); ++ SET_WINDOW_LAST_RECV(1); ++ ++ for (i=5;i<256;i+=2) { ++ uint64_set(&t, BSWAP64(i)); ++ assert_int_equal(_dtls_record_check(&state, &t), 0); ++ } ++} ++ + static void check_dtls_window_21(void **glob_state) + { + struct record_parameters_st state; +@@ -491,7 +523,9 @@ int main(void) + cmocka_unit_test(check_dtls_window_very_large_12), + cmocka_unit_test(check_dtls_window_very_large_19), + cmocka_unit_test(check_dtls_window_very_large_91), +- cmocka_unit_test(check_dtls_window_very_large_outside) ++ cmocka_unit_test(check_dtls_window_very_large_outside), ++ cmocka_unit_test(check_dtls_window_skip3), ++ cmocka_unit_test(check_dtls_window_skip1) + }; + return cmocka_run_group_tests(tests, NULL, NULL); + } +-- +2.9.3 + diff -Nru gnutls28-3.5.3/debian/patches/45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch gnutls28-3.5.3/debian/patches/45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch --- gnutls28-3.5.3/debian/patches/45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.5.3/debian/patches/45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch 2016-09-18 08:03:05.000000000 -0400 @@ -0,0 +1,35 @@ +From 3ca24f24d9322256bc4c6d3bd237f8b98f073030 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 29 Aug 2016 13:02:54 +0200 +Subject: [PATCH 2/3] dtls: ensure that the DTLS window doesn't get stalled + +That is ensure that it is forwarded at least one place if more than 16 +packets have been received since the first one. +--- + lib/dtls-sw.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/lib/dtls-sw.c b/lib/dtls-sw.c +index 616bd5a..8c334c0 100644 +--- a/lib/dtls-sw.c ++++ b/lib/dtls-sw.c +@@ -51,7 +51,15 @@ + + #define DTLS_WINDOW_MARK(W, S) ((W)->dtls_sw_bits |= ((uint64_t) 1 << DTLS_WINDOW_OFFSET(W, S))) + +-#define DTLS_WINDOW_UPDATE(W) while ((W)->dtls_sw_bits & (uint64_t) 1) { \ ++/* We forcefully advance the window once we have received more than ++ * 8 packets since the first one. That way we ensure that we don't ++ * get stuck on connections with many lost packets. */ ++#define DTLS_WINDOW_UPDATE(W) \ ++ if (((W)->dtls_sw_bits & 0xffffffffffff0000LL) != 0) { \ ++ (W)->dtls_sw_bits = (W)->dtls_sw_bits >> 1; \ ++ (W)->dtls_sw_start++; \ ++ } \ ++ while ((W)->dtls_sw_bits & (uint64_t) 1) { \ + (W)->dtls_sw_bits = (W)->dtls_sw_bits >> 1; \ + (W)->dtls_sw_start++; \ + } +-- +2.9.3 + diff -Nru gnutls28-3.5.3/debian/patches/45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch gnutls28-3.5.3/debian/patches/45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch --- gnutls28-3.5.3/debian/patches/45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.5.3/debian/patches/45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch 2016-09-18 08:03:05.000000000 -0400 @@ -0,0 +1,26 @@ +From c7779ea25baa7856c650073658bffb13eaa5deb9 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 29 Aug 2016 13:48:04 +0200 +Subject: [PATCH 3/3] tests: mini-dtls-record: modified expected order to + account for new SW behavior + +--- + tests/mini-dtls-record.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/mini-dtls-record.c b/tests/mini-dtls-record.c +index 1b5a055..8d32d8f 100644 +--- a/tests/mini-dtls-record.c ++++ b/tests/mini-dtls-record.c +@@ -163,7 +163,7 @@ static ssize_t n_push(gnutls_transport_ptr_t tr, const void *data, size_t len) + + /* The first five messages are handshake. Thus corresponds to msg_seq+5 */ + static int recv_msg_seq[] = +- { 1, 2, 3, 4, 5, 6, 12, 28, 7, 8, 9, 10, 11, 13, 15, 16, 14, 18, 20, ++ { 1, 2, 3, 4, 5, 6, 12, 28, 8, 9, 10, 11, 13, 15, 16, 14, 18, 20, + 19, 21, 22, 23, 25, 24, 26, 27, 29, 30, 31, 33, 32, 34, 35, 38, 36, 37, + -1 + }; +-- +2.9.3 + diff -Nru gnutls28-3.5.3/debian/patches/45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch gnutls28-3.5.3/debian/patches/45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch --- gnutls28-3.5.3/debian/patches/45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnutls28-3.5.3/debian/patches/45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch 2016-09-18 08:03:05.000000000 -0400 @@ -0,0 +1,488 @@ +From 9eec15db0f1d5d9c1e3c2bbcd61bbedaa7f12c85 Mon Sep 17 00:00:00 2001 +From: David Woodhouse +Date: Tue, 30 Aug 2016 15:26:27 +0100 +Subject: [PATCH] Import DTLS sliding window validation from OpenConnect ESP + code + +In this implementation, the end of the sliding window is always advanced +to the latest received packet, and we accept up to 64 packets before +that one. We no longer refuse to accept packets because they are +*too* far ahead of what we've already seen. + +Some of the test cases are fixed up accordingly. + +This matches the code in OpenConnect esp-seqno.c at commit 314ac65. +--- + lib/dtls-sw.c | 137 +++++++++++++++++++++++++++++--------------- + lib/gnutls_int.h | 2 +- + tests/dtls-sliding-window.c | 60 +++++++++---------- + tests/mini-dtls-record.c | 3 +- + 4 files changed, 123 insertions(+), 79 deletions(-) + +diff --git a/lib/dtls-sw.c b/lib/dtls-sw.c +index 8c334c0..36630ab 100644 +--- a/lib/dtls-sw.c ++++ b/lib/dtls-sw.c +@@ -37,42 +37,26 @@ + */ + #define DTLS_EPOCH_SHIFT (6*CHAR_BIT) + #define DTLS_SEQ_NUM_MASK 0x0000FFFFFFFFFFFF +-#define DTLS_WINDOW_HAVE_RECV_PACKET(W) ((W)->dtls_sw_have_recv != 0) + +-#define DTLS_WINDOW_INIT_AT(W, S) (W)->dtls_sw_bits = ((W)->dtls_sw_have_recv) = 0; (W)->dtls_sw_start = (S&DTLS_SEQ_NUM_MASK) +-#define DTLS_WINDOW_INIT(W) DTLS_WINDOW_INIT_AT(W, 0) ++#define DTLS_EMPTY_BITMAP (0xFFFFFFFFFFFFFFFFULL) + +-#define DTLS_WINDOW_INSIDE(W, S) ((((S) & DTLS_SEQ_NUM_MASK) > (W)->dtls_sw_start) && \ +- (((S) & DTLS_SEQ_NUM_MASK) - (W)->dtls_sw_start <= (sizeof((W)->dtls_sw_bits) * CHAR_BIT))) ++/* We expect the compiler to be able to spot that this is a byteswapping ++ * load, and emit instructions like 'movbe' on x86_64 where appropriate. ++*/ ++#define LOAD_UINT64(out, ubytes) \ ++ out = (((uint64_t)ubytes[0] << 56) | \ ++ ((uint64_t)ubytes[1] << 48) | \ ++ ((uint64_t)ubytes[2] << 40) | \ ++ ((uint64_t)ubytes[3] << 32) | \ ++ ((uint64_t)ubytes[4] << 24) | \ ++ ((uint64_t)ubytes[5] << 16) | \ ++ ((uint64_t)ubytes[6] << 8) | \ ++ ((uint64_t)ubytes[7] << 0) ) + +-#define DTLS_WINDOW_OFFSET(W, S) ((((S) & DTLS_SEQ_NUM_MASK) - (W)->dtls_sw_start) - 1) +- +-#define DTLS_WINDOW_RECEIVED(W, S) (((W)->dtls_sw_bits & ((uint64_t) 1 << DTLS_WINDOW_OFFSET(W, S))) != 0) +- +-#define DTLS_WINDOW_MARK(W, S) ((W)->dtls_sw_bits |= ((uint64_t) 1 << DTLS_WINDOW_OFFSET(W, S))) +- +-/* We forcefully advance the window once we have received more than +- * 8 packets since the first one. That way we ensure that we don't +- * get stuck on connections with many lost packets. */ +-#define DTLS_WINDOW_UPDATE(W) \ +- if (((W)->dtls_sw_bits & 0xffffffffffff0000LL) != 0) { \ +- (W)->dtls_sw_bits = (W)->dtls_sw_bits >> 1; \ +- (W)->dtls_sw_start++; \ +- } \ +- while ((W)->dtls_sw_bits & (uint64_t) 1) { \ +- (W)->dtls_sw_bits = (W)->dtls_sw_bits >> 1; \ +- (W)->dtls_sw_start++; \ +- } +- +-#define LOAD_UINT64(out, ubytes) \ +- for (i = 0; i < 8; i++) { \ +- out <<= 8; \ +- out |= ubytes[i] & 0xff; \ +- } + + void _dtls_reset_window(struct record_parameters_st *rp) + { +- DTLS_WINDOW_INIT(rp); ++ rp->dtls_sw_have_recv = 0; + } + + /* Checks if a sequence number is not replayed. If a replayed +@@ -82,7 +66,6 @@ void _dtls_reset_window(struct record_parameters_st *rp) + int _dtls_record_check(struct record_parameters_st *rp, uint64 * _seq) + { + uint64_t seq_num = 0; +- unsigned i; + + LOAD_UINT64(seq_num, _seq->i); + +@@ -90,24 +73,86 @@ int _dtls_record_check(struct record_parameters_st *rp, uint64 * _seq) + return gnutls_assert_val(-1); + } + +- if (!DTLS_WINDOW_HAVE_RECV_PACKET(rp)) { +- DTLS_WINDOW_INIT_AT(rp, seq_num); ++ seq_num &= DTLS_SEQ_NUM_MASK; ++ ++ /* ++ * rp->dtls_sw_next is the next *expected* packet (N), being ++ * the sequence number *after* the latest we have received. ++ * ++ * By definition, therefore, packet N-1 *has* been received. ++ * And thus there's no point wasting a bit in the bitmap for it. ++ * ++ * So the backlog bitmap covers the 64 packets prior to that, ++ * with the LSB representing packet (N - 2), and the MSB ++ * representing (N - 65). A received packet is represented ++ * by a zero bit, and a missing packet is represented by a one. ++ * ++ * Thus we can allow out-of-order reception of packets that are ++ * within a reasonable interval of the latest packet received. ++ */ ++ if (!rp->dtls_sw_have_recv) { ++ rp->dtls_sw_next = seq_num + 1; ++ rp->dtls_sw_bits = DTLS_EMPTY_BITMAP; + rp->dtls_sw_have_recv = 1; + return 0; +- } ++ } else if (seq_num == rp->dtls_sw_next) { ++ /* The common case. This is the packet we expected next. */ + +- /* are we inside sliding window? */ +- if (!DTLS_WINDOW_INSIDE(rp, seq_num)) { +- return gnutls_assert_val(-2); +- } ++ rp->dtls_sw_bits <<= 1; + +- /* already received? */ +- if (DTLS_WINDOW_RECEIVED(rp, seq_num)) { +- return gnutls_assert_val(-3); ++ /* This might reach a value higher than 48-bit DTLS sequence ++ * numbers can actually reach. Which is fine. When that ++ * happens, we'll do the right thing and just not accept ++ * any newer packets. Someone needs to start a new epoch. */ ++ rp->dtls_sw_next++; ++ return 0; ++ } else if (seq_num > rp->dtls_sw_next) { ++ /* The packet we were expecting has gone missing; this one is newer. ++ * We always advance the window to accommodate it. */ ++ uint64_t delta = seq_num - rp->dtls_sw_next; ++ ++ if (delta >= 64) { ++ /* We jumped a long way into the future. We have not seen ++ * any of the previous 32 packets so set the backlog bitmap ++ * to all ones. */ ++ rp->dtls_sw_bits = DTLS_EMPTY_BITMAP; ++ } else if (delta == 63) { ++ /* Avoid undefined behaviour that shifting by 64 would incur. ++ * The (clear) top bit represents the packet which is currently ++ * rp->dtls_sw_next, which we know was already received. */ ++ rp->dtls_sw_bits = DTLS_EMPTY_BITMAP >> 1; ++ } else { ++ /* We have missed (delta) packets. Shift the backlog by that ++ * amount *plus* the one we would have shifted it anyway if ++ * we'd received the packet we were expecting. The zero bit ++ * representing the packet which is currently rp->dtls_sw_next-1, ++ * which we know has been received, ends up at bit position ++ * (1<dtls_sw_bits <<= delta + 1; ++ rp->dtls_sw_bits |= (1ULL << delta) - 1; ++ } ++ rp->dtls_sw_next = seq_num + 1; ++ return 0; ++ } else { ++ /* This packet is older than the one we were expecting. By how much...? */ ++ uint64_t delta = rp->dtls_sw_next - seq_num; ++ ++ if (delta > 65) { ++ /* Too old. We can't know if it's a replay */ ++ return gnutls_assert_val(-2); ++ } else if (delta == 1) { ++ /* Not in the bitmask since it is by definition already received. */ ++ return gnutls_assert_val(-3); ++ } else { ++ /* Within the sliding window, so we remember whether we've seen it or not */ ++ uint64_t mask = 1ULL << (rp->dtls_sw_next - seq_num - 2); ++ ++ if (!(rp->dtls_sw_bits & mask)) ++ return gnutls_assert_val(-3); ++ ++ rp->dtls_sw_bits &= ~mask; ++ return 0; ++ } + } +- +- DTLS_WINDOW_MARK(rp, seq_num); +- DTLS_WINDOW_UPDATE(rp); +- +- return 0; + } +diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h +index a984b49..25d4b3a 100644 +--- a/lib/gnutls_int.h ++++ b/lib/gnutls_int.h +@@ -622,8 +622,8 @@ struct record_parameters_st { + const mac_entry_st *mac; + + /* for DTLS sliding window */ ++ uint64_t dtls_sw_next; /* The end point (next expected packet) of the sliding window without epoch */ + uint64_t dtls_sw_bits; +- uint64_t dtls_sw_start; /* The starting point of the sliding window without epoch */ + unsigned dtls_sw_have_recv; /* whether at least a packet has been received */ + + record_state_st read; +diff --git a/tests/dtls-sliding-window.c b/tests/dtls-sliding-window.c +index 1ad1529..c6a5e3d 100644 +--- a/tests/dtls-sliding-window.c ++++ b/tests/dtls-sliding-window.c +@@ -36,7 +36,7 @@ + + struct record_parameters_st { + uint64_t dtls_sw_bits; +- uint64_t dtls_sw_start; ++ uint64_t dtls_sw_next; + unsigned dtls_sw_have_recv; + unsigned epoch; + }; +@@ -75,8 +75,8 @@ static void uint64_set(uint64* t, uint64_t v) + #define RESET_WINDOW \ + memset(&state, 0, sizeof(state)) + +-#define SET_WINDOW_START(x) \ +- state.dtls_sw_start = ((x)&DTLS_SEQ_NUM_MASK) ++#define SET_WINDOW_NEXT(x) \ ++ state.dtls_sw_next = (((x)&DTLS_SEQ_NUM_MASK)) + + #define SET_WINDOW_LAST_RECV(x) \ + uint64_set(&t, BSWAP64(x)); \ +@@ -88,7 +88,7 @@ static void check_dtls_window_uninit_0(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + + uint64_set(&t, 0); + +@@ -125,7 +125,7 @@ static void check_dtls_window_12(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(1); + + uint64_set(&t, BSWAP64(2)); +@@ -139,7 +139,7 @@ static void check_dtls_window_19(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(1); + + uint64_set(&t, BSWAP64(9)); +@@ -154,7 +154,7 @@ static void check_dtls_window_skip1(void **glob_state) + unsigned i; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(1); + + for (i=2;i<256;i+=2) { +@@ -170,7 +170,7 @@ static void check_dtls_window_skip3(void **glob_state) + unsigned i; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(1); + + for (i=5;i<256;i+=2) { +@@ -185,7 +185,7 @@ static void check_dtls_window_21(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(2); + + uint64_set(&t, BSWAP64(1)); +@@ -199,7 +199,7 @@ static void check_dtls_window_91(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(9); + + uint64_set(&t, BSWAP64(1)); +@@ -213,7 +213,7 @@ static void check_dtls_window_large_21(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT); ++ SET_WINDOW_NEXT(LARGE_INT); + SET_WINDOW_LAST_RECV(LARGE_INT+2); + + uint64_set(&t, BSWAP64(LARGE_INT+1)); +@@ -227,7 +227,7 @@ static void check_dtls_window_large_12(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT); ++ SET_WINDOW_NEXT(LARGE_INT); + SET_WINDOW_LAST_RECV(LARGE_INT+1); + + uint64_set(&t, BSWAP64(LARGE_INT+2)); +@@ -241,7 +241,7 @@ static void check_dtls_window_large_91(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT); ++ SET_WINDOW_NEXT(LARGE_INT); + SET_WINDOW_LAST_RECV(LARGE_INT+9); + + uint64_set(&t, BSWAP64(LARGE_INT+1)); +@@ -255,7 +255,7 @@ static void check_dtls_window_large_19(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT); ++ SET_WINDOW_NEXT(LARGE_INT); + SET_WINDOW_LAST_RECV(LARGE_INT+1); + + uint64_set(&t, BSWAP64(LARGE_INT+9)); +@@ -269,7 +269,7 @@ static void check_dtls_window_very_large_12(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(INT_OVER_32_BITS); ++ SET_WINDOW_NEXT(INT_OVER_32_BITS); + SET_WINDOW_LAST_RECV(INT_OVER_32_BITS+1); + + uint64_set(&t, BSWAP64(INT_OVER_32_BITS+2)); +@@ -283,7 +283,7 @@ static void check_dtls_window_very_large_91(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(INT_OVER_32_BITS); ++ SET_WINDOW_NEXT(INT_OVER_32_BITS); + SET_WINDOW_LAST_RECV(INT_OVER_32_BITS+9); + + uint64_set(&t, BSWAP64(INT_OVER_32_BITS+1)); +@@ -297,7 +297,7 @@ static void check_dtls_window_very_large_19(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(INT_OVER_32_BITS); ++ SET_WINDOW_NEXT(INT_OVER_32_BITS); + SET_WINDOW_LAST_RECV(INT_OVER_32_BITS+1); + + uint64_set(&t, BSWAP64(INT_OVER_32_BITS+9)); +@@ -311,12 +311,12 @@ static void check_dtls_window_outside(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(0); ++ SET_WINDOW_NEXT(0); + SET_WINDOW_LAST_RECV(1); + + uint64_set(&t, BSWAP64(1+64)); + +- assert_int_equal(_dtls_record_check(&state, &t), -2); ++ assert_int_equal(_dtls_record_check(&state, &t), 0); + } + + static void check_dtls_window_large_outside(void **glob_state) +@@ -325,12 +325,12 @@ static void check_dtls_window_large_outside(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT); ++ SET_WINDOW_NEXT(LARGE_INT); + SET_WINDOW_LAST_RECV(LARGE_INT+1); + + uint64_set(&t, BSWAP64(LARGE_INT+1+64)); + +- assert_int_equal(_dtls_record_check(&state, &t), -2); ++ assert_int_equal(_dtls_record_check(&state, &t), 0); + } + + static void check_dtls_window_very_large_outside(void **glob_state) +@@ -339,12 +339,12 @@ static void check_dtls_window_very_large_outside(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(INT_OVER_32_BITS); ++ SET_WINDOW_NEXT(INT_OVER_32_BITS); + SET_WINDOW_LAST_RECV(INT_OVER_32_BITS+1); + + uint64_set(&t, BSWAP64(INT_OVER_32_BITS+1+64)); + +- assert_int_equal(_dtls_record_check(&state, &t), -2); ++ assert_int_equal(_dtls_record_check(&state, &t), 0); + } + + static void check_dtls_window_dup1(void **glob_state) +@@ -353,7 +353,7 @@ static void check_dtls_window_dup1(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT-1); ++ SET_WINDOW_NEXT(LARGE_INT-1); + SET_WINDOW_LAST_RECV(LARGE_INT); + + uint64_set(&t, BSWAP64(LARGE_INT)); +@@ -366,7 +366,7 @@ static void check_dtls_window_dup1(void **glob_state) + assert_int_equal(_dtls_record_check(&state, &t), 0); + + uint64_set(&t, BSWAP64(LARGE_INT+1)); +- assert_int_equal(_dtls_record_check(&state, &t), -2); ++ assert_int_equal(_dtls_record_check(&state, &t), -3); + } + + static void check_dtls_window_dup2(void **glob_state) +@@ -375,7 +375,7 @@ static void check_dtls_window_dup2(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT-1); ++ SET_WINDOW_NEXT(LARGE_INT-1); + SET_WINDOW_LAST_RECV(LARGE_INT); + + uint64_set(&t, BSWAP64(LARGE_INT)); +@@ -397,7 +397,7 @@ static void check_dtls_window_dup3(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT-1); ++ SET_WINDOW_NEXT(LARGE_INT-1); + SET_WINDOW_LAST_RECV(LARGE_INT); + + uint64_set(&t, BSWAP64(LARGE_INT)); +@@ -425,7 +425,7 @@ static void check_dtls_window_out_of_order(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT-1); ++ SET_WINDOW_NEXT(LARGE_INT-1); + SET_WINDOW_LAST_RECV(LARGE_INT); + + uint64_set(&t, BSWAP64(LARGE_INT)); +@@ -465,7 +465,7 @@ static void check_dtls_window_epoch_higher(void **glob_state) + uint64 t; + + RESET_WINDOW; +- SET_WINDOW_START(LARGE_INT-1); ++ SET_WINDOW_NEXT(LARGE_INT-1); + SET_WINDOW_LAST_RECV(LARGE_INT); + + uint64_set(&t, BSWAP64(LARGE_INT)); +@@ -484,7 +484,7 @@ static void check_dtls_window_epoch_lower(void **glob_state) + uint64_set(&t, BSWAP64(0x1000000000000LL)); + + state.epoch = 1; +- SET_WINDOW_START(0x1000000000000LL); ++ SET_WINDOW_NEXT(0x1000000000000LL); + SET_WINDOW_LAST_RECV((0x1000000000000LL) + 1); + + uint64_set(&t, BSWAP64(2 | 0x1000000000000LL)); +diff --git a/tests/mini-dtls-record.c b/tests/mini-dtls-record.c +index 8d32d8f..63bba89 100644 +--- a/tests/mini-dtls-record.c ++++ b/tests/mini-dtls-record.c +@@ -163,7 +163,7 @@ static ssize_t n_push(gnutls_transport_ptr_t tr, const void *data, size_t len) + + /* The first five messages are handshake. Thus corresponds to msg_seq+5 */ + static int recv_msg_seq[] = +- { 1, 2, 3, 4, 5, 6, 12, 28, 8, 9, 10, 11, 13, 15, 16, 14, 18, 20, ++ { 1, 2, 3, 4, 5, 6, 12, 28, 7, 8, 9, 10, 11, 13, 15, 16, 14, 18, 20, + 19, 21, 22, 23, 25, 24, 26, 27, 29, 30, 31, 33, 32, 34, 35, 38, 36, 37, + -1 + }; +@@ -248,7 +248,6 @@ static void client(int fd) + fail("received message sequence differs\n"); + terminate(); + } +- + if (((uint32_t)recv_msg_seq[current]) != useq) { + fail("received message sequence differs (current: %u, got: %u, expected: %u)\n", + (unsigned)current, (unsigned)useq, (unsigned)recv_msg_seq[current]); +-- +2.9.3 + diff -Nru gnutls28-3.5.3/debian/patches/series gnutls28-3.5.3/debian/patches/series --- gnutls28-3.5.3/debian/patches/series 2016-09-06 08:55:35.000000000 -0400 +++ gnutls28-3.5.3/debian/patches/series 2016-09-18 08:03:22.000000000 -0400 @@ -5,5 +5,9 @@ 37_openssl-format-fix-from-openconnect.patch 39_ocsptool-corrected-bug-in-session-establishment.patch 40_ocsp-corrected-the-comparison-of-the-serial-size-in-.patch +45_01-tests-enhance-the-DTLS-window-unit-test-to-account-f.patch +45_02-dtls-ensure-that-the-DTLS-window-doesn-t-get-stalled.patch +45_03-tests-mini-dtls-record-modified-expected-order-to-ac.patch +45_04-Import-DTLS-sliding-window-validation-from-OpenConne.patch disable_global_init_override_test.patch add-openssl-test-link.patch