We use OpenSSL with PSK+AES256. As we don't use multiple preshared keys, the relevant callback (SSL_set_psk_client_callback()) returns an empty string for the PSK identifier, which worked fine with OpenSSL 1.1.0h and earlier.

When using an empty string as PSK identifier with OpenSSL 1.1.1b, SSL_do_handshake() will result in ERR_R_INTERNAL_ERROR from tls_construct_ctos_early_data() (in line 819 of .\ssl\statem\extensions_clnt.c). This error is queued because the PSK identifier is duplicated with OPENSSL_memdup(id, idlen), which can't allocate a memory block of size 0, 0 being the length of the empty string excluding the terminating '\0'.

Considering the documentation for SSL_CTX_set_psk_client_callback(), which states:

... a buffer identity of length max_identity_len bytes where the resulting NUL-terminated identity is to be stored, ...

the PSK identifier is expected to be a NUL-terminated string. To me this means that OPENSSL_memdup() should be called with idlen+1, to duplicate the string including the terminating '\0'. Using an OpenSSL 1.1.1b built with this change worked as expected, at least for manual tests.