For posterity, here is an example of the relevant part of the client trace output when the bug is active, i.e. data is sent in response to the CertificateRequest:
$ grep -B1 -A4 CertificateRequest s_client.log Inner Content Type = Handshake (22) CertificateRequest, Length=1570 request_context (len=0): extensions, length = 1567 extension_type=status_request(5), length=1521 0000 - 01 00 05 ed 30 82 05 e9-0a 01 00 a0 82 05 e2 ....0..........
Here is an example of the relevant part of the client trace output when this is fixed:
$ grep -B1 -A4 CertificateRequest s_client.log Inner Content Type = Handshake (22) CertificateRequest, Length=45 request_context (len=0): extensions, length = 42 extension_type=signature_algorithms(13), length=38 ecdsa_secp256r1_sha256 (0x0403)
For posterity, here is an example of the relevant part of the client trace output when the bug is active, i.e. data is sent in response to the CertificateRequest:
$ grep -B1 -A4 CertificateRequest s_client.log Request, Length=1570 context (len=0):
extension_ type=status_ request( 5), length=1521
Inner Content Type = Handshake (22)
Certificate
request_
extensions, length = 1567
0000 - 01 00 05 ed 30 82 05 e9-0a 01 00 a0 82 05 e2 ....0..........
Here is an example of the relevant part of the client trace output when this is fixed:
$ grep -B1 -A4 CertificateRequest s_client.log Request, Length=45 context (len=0):
extension_ type=signature_ algorithms( 13), length=38
ecdsa_ secp256r1_ sha256 (0x0403)
Inner Content Type = Handshake (22)
Certificate
request_
extensions, length = 42