From 49def96998f962fbd6ee2b9a3b2599b310b7fe3b Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Mon, 27 Jan 2020 13:34:16 -0700
Subject: [PATCH] add test for get0 session peer certificate

---
 src/ssl.c   |  2 +-
 tests/api.c | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index 2e951a931..05b617d0a 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -13465,7 +13465,7 @@ WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session)
             WOLFSSL_MSG("bad count found");
             return NULL;
         }
-        return wolfSSL_get_chain_X509(&session->chain, count - 1);
+        return wolfSSL_get_chain_X509(&session->chain, 0);
     }
     WOLFSSL_MSG("No session passed in");
     return NULL;
diff --git a/tests/api.c b/tests/api.c
index fd93059e2..d46e813a8 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -24305,6 +24305,20 @@ static void test_wolfSSL_SESSION(void)
     fdOpenSession(Task_self());
 #endif
 
+#if defined(SESSION_CERTS)
+    {
+        X509 *x509;
+        char buf[30];
+        int  bufSz;
+
+        AssertNotNull(x509 = SSL_SESSION_get0_peer(sess));
+        AssertIntEQ((bufSz = X509_NAME_get_text_by_NID(
+                    X509_get_subject_name(x509), NID_organizationalUnitName,
+                    buf, sizeof(buf))), 7);
+        AssertIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
+    }
+#endif
+
     AssertNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
     wolfSSL_SESSION_free(sess_copy);