Hello all, while playing with DTLS and PSK in HEAD, I ran into this
problem:

$ ./openssl s_server -dtls1 -nocert -psk deadbeef
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT

then:

$ ./openssl s_client -dtls1 -psk deadbeef

which causes the following in s_server:

ERROR
12767:error:140B6044:SSL routines:SSL_GET_SERVER_SEND_CERT:
internal error:ssl_lib.c:1992:
12767:error:14109044:SSL routinesTLS1_SEND_SERVER_CERTIFICATE:
internal error:d1_srvr.c:1117:
shutting down SSL
CONNECTION CLOSED
ACCEPT

while s_client gets stuck in "writing client hello A" state.

It seems that s_server does not honour the -nocert argument, trying
anyway to
retrieve and send its certificate; curiously enough, the SSL state
machine - as
a side effect - goes out of sync.

Note that this does not happen when -dtls1 is omitted.

t.