How to debug a TLSv1.3 protocol problem?

Claus Assmann ca+ssl-users at
Wed May 20 12:44:13 UTC 2020

On Wed, May 20, 2020, Matt Caswell wrote:

> SSL_accept:TLSv1.3 early data

> What happens in the application code? What was the function being called
> (SSL_accept?) and what return value do you get? What does
> SSL_get_error() return at this point?

	r = SSL_accept(srv_ssl);
	if (r <= 0)
		ssl_err = SSL_get_error(srv_ssl, r);

return value=-1

It seems to me server and client get "out of sync" at the I/O layer
if I understand the SSL traces correctly:

S8: sends 2 records at the end:
  - handshake
  - ChangeCipherSpec

M1: receives
  but seemingly not
  Instead it sends only its own
  then its handshake again
  and only then it receives ChangeCipherSpec

and S8 seemingly tries to interprete the out-of-sync data as TLSv1.3
early data and fails, thus returning an error from SSL_accept().

If that analysis is correct (can someone check please?), then I
need to look at the I/O layers of both programs -- they are rather
different :-(

More information about the openssl-users mailing list