Client accepts CSN which are incremented by more than one.

[rustonaut]

Following code checks the CSN:

saltyrtc-client-java/src/main/java/org/saltyrtc/client/signaling/Signaling.java

Lines 1088 to 1096 in d01e553

	final long previous = peer.getCsnPair().getTheirs();
	final long current = nonce.getCombinedSequence();
	if (current < previous) {
	throw new ValidationError(peer.getName() + " CSN is lower than last time");
	} else if (current == previous) {
	throw new ValidationError(peer.getName() + " CSN hasn't been incremented");
	} else {
	peer.getCsnPair().setTheirs(current);
	}

accepting any CSN which is larger then the previous CSN.

But the spec states it must have been incremented by 1:

If the message is received by a client or received by and intended for a server (the destination address is 0x00), the peer does the following checks:
[...]

• In case that the peer does make use of the combined sequence number, it MUST check that the combined sequence number of the source peer has been increased by 1 and has not reset to 0. Implementations that use the combined sequence number SHALL ignore the following three checks.

[lgrahl]

It should be noted that although this being a spec violation it's not security relevant since the CSN is only allowed to monotonically increase.