From 818b625d6c906ef40bfaf4403c278db8ba7bfa09 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 2 Jan 2018 15:51:23 +0000
Subject: [PATCH] Fix trace of TLSv1.3 Certificate Request message

A TLSv1.3 Certificate Request message was issuing a "Message length parse
error" using the -trace option to s_server/s_client.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5008)
---
 ssl/t1_trce.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 59d0efc036..173268c727 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1244,6 +1244,10 @@ static int ssl_print_cert_request(BIO *bio, int indent, const SSL *ssl,
     if (SSL_IS_TLS13(ssl)) {
         if (!ssl_print_hexbuf(bio, indent, "request_context", 1, &msg, &msglen))
             return 0;
+        if (!ssl_print_extensions(bio, indent, 1,
+                                  SSL3_MT_CERTIFICATE_REQUEST, &msg, &msglen))
+            return 0;
+        return 1;
     } else {
         if (msglen < 1)
             return 0;
-- 
2.34.1