On Wed, May 20, 2020, Matt Caswell wrote: > SSL_accept:TLSv1.3 early data > What happens in the application code? What was the function being called > (SSL_accept?) and what return value do you get? What does > SSL_get_error() return at this point? It's: r = SSL_accept(srv_ssl); if (r <= 0) ssl_err = SSL_get_error(srv_ssl, r); return value=-1 ssl_err=5 SSL_ERROR_SYSCALL errno=0 It seems to me server and client get "out of sync" at the I/O layer if I understand the SSL traces correctly: S8: sends 2 records at the end: - handshake - ChangeCipherSpec M1: receives handshake but seemingly not ChangeCipherSpec Instead it sends only its own ChangeCipherSpec then its handshake again and only then it receives ChangeCipherSpec and S8 seemingly tries to interprete the out-of-sync data as TLSv1.3 early data and fails, thus returning an error from SSL_accept(). If that analysis is correct (can someone check please?), then I need to look at the I/O layers of both programs -- they are rather different :-(
