+ /*
+ * In TLSv1.3 we don't prepare the client certificate yet. We wait until
+ * after the CertificateVerify message has been received. This is because
+ * in TLSv1.3 the CertificateRequest arrives before the Certificate message
+ * but in TLSv1.2 it is the other way around. We want to make sure that
+ * SSL_get_peer_certificate() returns something sensible in
+ * client_cert_cb.
+ */
+ if (SSL_IS_TLS13(s) && s->post_handshake_auth != SSL_PHA_REQUESTED)
+ return MSG_PROCESS_CONTINUE_READING;
+