ssl: don't say we consumed bytes if we didn't consume them

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index dde63d61a9f8f5a18d263a5fb5955c11873ae356..29ff56d6cc24b58dc4360d2950e59ab55cc5d375 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -461,6 +461,7 @@ static inline int TlsDecodeHSCertificateAddCertToChain(SSLState *ssl_state,
     return 0;
 }
 
+/** \retval consumed bytes consumed or -1 on error */
 static int TlsDecodeHSCertificate(SSLState *ssl_state,
                                   const uint8_t * const initial_input,
                                   const uint32_t input_len)
@@ -471,7 +472,7 @@ static int TlsDecodeHSCertificate(SSLState *ssl_state,
     X509 *x509 = NULL;
 
     if (!(HAS_SPACE(3)))
-        return 1;
+        return 0;
 
     uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
     input += 3;