From 85e965e5bb7032fbd27630aa6a1a8480f17ada47 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Thu, 23 Jan 2020 10:48:36 +0000
Subject: Implement sending client certificate requests for 1.3 server

ok jsing@
---
 src/lib/libssl/tls13_server.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 87a2ebc947..e56d4c16fd 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.10 2020/01/23 08:44:31 beck Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.11 2020/01/23 10:48:36 beck Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -359,6 +359,18 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
 int
 tls13_server_certificate_request_send(struct tls13_ctx *ctx, CBB *cbb)
 {
+	CBB certificate_request_context;
+
+	if (!CBB_add_u8_length_prefixed(cbb, &certificate_request_context))
+		goto err;
+	if (!tlsext_server_build(ctx->ssl, cbb, SSL_TLSEXT_MSG_CR))
+		goto err;
+
+	if (!CBB_flush(cbb))
+		goto err;
+
+	return 1;
+ err:
 	return 0;
 }
 
-- 
cgit v1.2.3-55-g6feb