On 10/10/18 23:04, Dave Wang wrote: > Hi there, > > I have a client can talk with server, where the client certificate is > loaded in client_cert_cb based on matching the server side certificate. > > it works perfectly in openssl 1.1.0h, however it stops working after I > upgrade to openssl 1.1.1. > > In client_cert_cb , when I call SSL_get_peer_certificate, it returns > NULL, which is different from openssl 1.1.0h. > > I do set SSL_VERIFY_PEER on both sides. > > > any thoughts on this? I assume this only happens with a TLSv1.3 handshake? >From the documentation, the client_cert_cb is called: "when a client certificate is requested by a server". In practice this means when we have received the CertificateRequest message from the server. In TLSv1.2 (and below) the server's first flight of messages for a client-auth full handshake in response to a ClientHello looks like this: ServerHello Certificate ServerKeyExchange CertificateRequest ServerHelloDone In TLSv1.3 it looks like this: ServerHello EncryptedExtensions CertificateRequest Certificate CertificateVerify Finished Note that in TLSv1.2 the CertificateRequest message comes *after* the server has sent the Certificate but in TLSv1.3 it comes *before*. That means of course that in TLSv1.3 the client_cert_cb gets called before we have processed the server's certificate and hence SSL_get_peer_certificate() returns NULL. I'm wondering whether we should delay calling the client_cert_cb in TLSv1.3 until after the CertificateVerify has been processed. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
