Introduce CRT counter to CRT chain parsing function So far, we've used the `peer_cert` pointer to detect whether we're parsing the first CRT, but that will soon be removed if `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is unset.

commit: a028c5bbd82d1d46a4fae5b374dfe7077cc5527a [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Feb 05 12:38:45 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Feb 26 14:38:09 2019 +0000
tree: 8c370f8fb8dcaf938cdb7f5d9b6ebe8937d96e37
parent: 1294a0b260997b6d0ae3927d00dab59156324511 [diff]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1ccb278..d2cb893 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -5757,7 +5757,7 @@
  */
 static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
 {
-    int ret;
+    int ret, crt_cnt=0;
     size_t i, n;
     uint8_t alert;
 
@@ -5884,7 +5884,7 @@
         }
 
         /* Check if we're handling the first CRT in the chain. */
-        if( ssl->session_negotiate->peer_cert == NULL )
+        if( crt_cnt++ == 0 )
         {
             /* During client-side renegotiation, check that the server's
              * end-CRTs hasn't changed compared to the initial handshake,
commit	a028c5bbd82d1d46a4fae5b374dfe7077cc5527a	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Feb 05 12:38:45 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Feb 26 14:38:09 2019 +0000
tree	8c370f8fb8dcaf938cdb7f5d9b6ebe8937d96e37
parent	1294a0b260997b6d0ae3927d00dab59156324511 [diff]