Openssl s_server return different value for `PSK identity` field.

[yuhaoth]

For PSK mode in tls1.3 s_server, PSK identity field in http response does not contain value. And tls1.2 psk mode return the psk identity provide by client.

I tried the issue with 1.1.1a and 3.0.2. Both got same result. I guess the behavior of TLS1.3 should be same with TLS1.2 for PSK mode.

To reproduce the issue with below commands. All certification files can be found in https://github.com/Mbed-TLS/mbedtls/tree/development/tests/data_files

openssl s_server -www -cert data_files/server5.crt -key data_files/server5.key -accept 15198 -msg -debug -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -allow_no_dhe_kex -nocert &

# GnuTLS TLSv1.3 client, `PSK identity: None`
echo 'GET / HTTP/1.0' | gnutls-cli --x509cafile data_files/test-ca_cat12.crt -p 15198 -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3                          --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70                          localhost

# GnuTLS TLSv1.2 client, `PSK identity: Client_identity`
echo 'GET / HTTP/1.0' | gnutls-cli --x509cafile data_files/test-ca_cat12.crt -p 15198 -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.2                          --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70                          localhost

[kaduk]

TLS 1.2 PSK identities and TLS 1.3 PSK identities are fundamentally different objects at the protocol level. IMO it would be misleading to report them in the same place. I would be somewhat amenable to adding distinct functionality for s_server -www to report the TLS 1.3 PSK identity selected (if any; note that multiple identities can be provided), modulo the general unmaintainability of the s_server codebase.

[yuhaoth]

Thanks @kaduk . I expect that.