* Kurt Roeckx <k...@roeckx.be> [2019-03-19 22:59]: > On Tue, Mar 19, 2019 at 10:28:06PM +0100, Holger Weiß wrote: > > Yes, it's an OpenSSL bug. If TLSv1.3 is used, SSL_get_psk_identity()¹ > > unexpectedly returns NULL. I now avoid the function to work around the > > issue. > > This is documented here: > https://wiki.openssl.org/index.php/TLS1.3#PSKs
Thanks. I'm still using the TLSv1.2 callbacks indeed, but from reading that text it's not obvious to me why SSL_get_psk_identity() would fail. (Note that I'm not using identity *hints* anywhere, which is the thing TLSv1.3 dropped.) However, I can easily imagine the bug(?) being related to the changes mentioned in that text.
