From 774c0c5c3c4792934daba9a48ed6e32f494b5c45 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Thu, 10 Oct 2019 14:21:14 -0700
Subject: [PATCH] Remove a redundant sequence number check for epoch 0.

---
 src/internal.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index a809817d3..bfe03251c 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -7768,9 +7768,7 @@ static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     }
 
 #ifdef WOLFSSL_DTLS
-    if (IsDtlsNotSctpMode(ssl) &&
-        (!DtlsCheckWindow(ssl) ||
-         (ssl->options.handShakeDone && ssl->keys.curEpoch == 0))) {
+    if (IsDtlsNotSctpMode(ssl) && !DtlsCheckWindow(ssl)) {
             WOLFSSL_LEAVE("GetRecordHeader()", SEQUENCE_ERROR);
             return SEQUENCE_ERROR;
     }