Remove peer CRT from cache if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE

2019-02-06 15:57:49 +00:00 · 2019-02-06 15:57:49 +00:00 · a887d1a5b6
commit a887d1a5b6
parent c966bd16be
2 changed files with 14 additions and 9 deletions
--- a/include/mbedtls/ssl_cache.h
+++ b/include/mbedtls/ssl_cache.h
@ -70,7 +70,8 @@ struct mbedtls_ssl_cache_entry
    mbedtls_time_t timestamp;           /*!< entry timestamp    */
 #endif
    mbedtls_ssl_session session;        /*!< entry session      */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
    mbedtls_x509_buf peer_cert;         /*!< entry peer_cert    */
 #endif
    mbedtls_ssl_cache_entry *next;      /*!< chain pointer      */