commit ea22ce577e89a9a937a4d0d15010bad548e2e388
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Sep 24 09:46:10 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:32:33 2014 +0200
tree 8f01c4caa361e5a97ef8995c77520055795dc378
parent 6312e0f4e6a0a6de5fbc9922d726495d5a28c79e

Rm unneeded counter increment with DTLS

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fff5a1f..8546ed0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1705,17 +1705,24 @@
     else
         ssl->nb_zero = 0;
 
-    /* Input counter not used with DTLS right now,
-     * but it doesn't hurt to have this part ready */
-    for( i = 8; i > ssl_ep_len( ssl ); i-- )
-        if( ++ssl->in_ctr[i - 1] != 0 )
-            break;
-
-    /* The loop goes to its end iff the counter is wrapping */
-    if( i == ssl_ep_len( ssl ) )
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+    if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
     {
-        SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
-        return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
+        ; /* in_ctr handled differently in DTLS */
+    }
+    else
+#endif
+    {
+        for( i = 8; i > ssl_ep_len( ssl ); i-- )
+            if( ++ssl->in_ctr[i - 1] != 0 )
+                break;
+
+        /* The loop goes to its end iff the counter is wrapping */
+        if( i == ssl_ep_len( ssl ) )
+        {
+            SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
+            return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
+        }
     }
 
     SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );