From 13c327d5003dc6f4e15c175379d4f1d718f7dbf2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 7 Feb 2019 13:17:53 +0000
Subject: [PATCH] Adapt ssl_clear_peer_cert() to removal of `peer_cert` field

---
 library/ssl_tls.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b3e50a64e..f012fb6a8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5775,14 +5775,14 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
 
 static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
 {
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
     if( session->peer_cert != NULL )
     {
         mbedtls_x509_crt_free( session->peer_cert );
         mbedtls_free( session->peer_cert );
         session->peer_cert = NULL;
     }
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#else
     if( session->peer_cert_digest != NULL )
     {
         /* Zeroization is not necessary. */
@@ -5791,7 +5791,7 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
         session->peer_cert_digest_type = MBEDTLS_MD_NONE;
         session->peer_cert_digest_len  = 0;
     }
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 }
 
 /*