On Fri, Sep 02, 2022 at 12:22:35AM +0000, Wall, Stephen wrote:
> > A compromised server could easily still request the client certificate, no?
>
> > But as noted, even a compromised server can ask for client credentials and then
>
> Yes, that's true. If the intruder knew to do so. Also, a thief can
> break your window and get into your car, so you might as well leave
> them rolled down all the time.
>
> The question wasn't "Should I care that..." or "Is it a good idea
> to...". It was "Can OpenSSL 3 do this".
At the conclusion of the handshake you can enquire whether the
server sent a CertificateRequest by asking for the list of peer_CA_DNs,
via SSL_get0_peer_CA_list(3).
If I am not mistaken, the documentation fails to make clear that NULL is
returned when the server did not solicit a client certificate, and a
non-null (possibly empty) stack of X509_NAME is returned otherwise.
Of course this test should only be applied for a full handshake, reused
sessions piggyback on the certificates exchanged in the original full
handshake.
--
Viktor.
