From 85ce959031810469ab0e171284ce563687817b09 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 10 Jul 2019 16:04:42 -0600
Subject: [PATCH] free peer cert overwritten by secure renegotiation

---
 src/internal.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 2f49b5bf3..c0f303b6e 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -5652,6 +5652,10 @@ void FreeHandshakeResources(WOLFSSL* ssl)
 #ifdef HAVE_SECURE_RENEGOTIATION
     if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled) {
         WOLFSSL_MSG("Secure Renegotiation needs to retain handshake resources");
+    #ifdef KEEP_PEER_CERT
+        /* free peer cert in preparation for new handshake */
+        FreeX509(&ssl->peerCert);
+    #endif
         return;
     }
 #endif