Hello, I did few experiments with early data but was not successful in solving my exotic use case: "Using early data dependent on the SNI" I control the server (linux, supports http2) based on OpenSSL 111q and use a recent firefox as client: 1) Setting SSL_CTX_set_max_early_data in the SSL_CTX* works (FF sends early data) 2) Setting SSL_set_max_early_data on the just created SSL* works (FF sends early data) 3) Setting SSL_set_max_early_data in the SNI callback during the handshake does not work (FF does not send early data) I guess there is a dirty way to "peek" into the client hello and parse it without OpenSSL, extracting the SNI and make it then like in 2), but I wonder if there is a better way. Any idea? Thanks Dirk
