The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain) The real peer certificate is copied into a x509_buf in the ssl_cache_entry and reinstated upon cache retrieval. The information about the rest of the certificate chain is lost in the process. As the handshake (and certificate verification) has already been performed, no issue is foreseen.

commit: e81beda60f1e9931314b270b4cc82dd10eb91d2f [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Mar 06 17:40:46 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Mar 06 18:01:03 2013 +0100
tree: 0256b407f388af1b4f608a5516ebd0a8626cfa6f
parent: a35aa54967e3b1b9ba7630e9cf6ddd8560aa3db7 [diff]
diff --git a/include/polarssl/ssl_cache.h b/include/polarssl/ssl_cache.h
index 85e0ed1..10cff20 100644
--- a/include/polarssl/ssl_cache.h
+++ b/include/polarssl/ssl_cache.h

@@ -46,6 +46,7 @@
 {
     time_t timestamp;           /*!< entry timestamp    */
     ssl_session session;        /*!< entry session      */
+    x509_buf peer_cert;         /*!< entry peer_cert    */
     ssl_cache_entry *next;      /*!< chain pointer      */
 };
commit	e81beda60f1e9931314b270b4cc82dd10eb91d2f	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Mar 06 17:40:46 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Mar 06 18:01:03 2013 +0100
tree	0256b407f388af1b4f608a5516ebd0a8626cfa6f
parent	a35aa54967e3b1b9ba7630e9cf6ddd8560aa3db7 [diff]