From e0bcb4f97f7496af032013ead15b7472b60e85fa Mon Sep 17 00:00:00 2001
From: raja-ashok <rashok.svks@gmail.com>
Date: Wed, 13 May 2020 23:32:44 +0530
Subject: [PATCH] Update limitation of psk_client_cb and psk_server_cb in usage
 with TLSv1.3

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11816)
---
 doc/man3/SSL_CTX_set_psk_client_callback.pod | 4 +++-
 doc/man3/SSL_CTX_use_psk_identity_hint.pod   | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/doc/man3/SSL_CTX_set_psk_client_callback.pod b/doc/man3/SSL_CTX_set_psk_client_callback.pod
index 55ffb31c49..70eefa0265 100644
--- a/doc/man3/SSL_CTX_set_psk_client_callback.pod
+++ b/doc/man3/SSL_CTX_set_psk_client_callback.pod
@@ -123,7 +123,9 @@ and it will use that in preference. If no such callback is present then it will
 check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or
 SSL_set_psk_client_callback() and use that. In this case the B<hint> value will
 always be NULL and the handshake digest will default to SHA-256 for any returned
-PSK.
+PSK. TLSv1.3 early data exchanges are possible in PSK connections only with the
+B<SSL_psk_use_session_cb_func> callback, and are not possible with the
+B<SSL_psk_client_cb_func> callback.
 
 =head1 NOTES
 
diff --git a/doc/man3/SSL_CTX_use_psk_identity_hint.pod b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
index 937c91a3c8..0e70d4d531 100644
--- a/doc/man3/SSL_CTX_use_psk_identity_hint.pod
+++ b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
@@ -83,7 +83,9 @@ via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback
 and it will use that in preference. If no such callback is present then it will
 check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or
 SSL_set_psk_server_callback() and use that. In this case the handshake digest
-will default to SHA-256 for any returned PSK.
+will default to SHA-256 for any returned PSK. TLSv1.3 early data exchanges are
+possible in PSK connections only with the B<SSL_psk_find_session_cb_func>
+callback, and are not possible with the B<SSL_psk_server_cb_func> callback.
 
 A connection established via a TLSv1.3 PSK will appear as if session resumption
 has occurred so that L<SSL_session_reused(3)> will return true.
-- 
2.25.1