Don't fail if the PSK identity doesn't match
[openssl.git] / apps / s_server.c
index 4e8a9e27bcc74c2fd6185546853679b278aedb5b..94c18266f73676152423de509667662921aa7dfc 100644 (file)
@@ -192,8 +192,11 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
     const SSL_CIPHER *cipher = NULL;
 
     if (strlen(psk_identity) != identity_len
-            || memcmp(psk_identity, identity, identity_len) != 0)
-        return 0;
+            || memcmp(psk_identity, identity, identity_len) != 0) {
+        BIO_printf(bio_s_out,
+                   "PSK warning: client identity not what we expected"
+                   " (got '%s' expected '%s')\n", identity, psk_identity);
+    }
 
     if (psksess != NULL) {
         SSL_SESSION_up_ref(psksess);