I think that explains the mysterious ERRNO=5 Input/Output errors we've all been seeing intermittently.

It's that little load-bearing sentence from the Linux kTLS docs:

If no cmsg buffer is provided, an error is returned if a control message is received.

I'm going to test my theory but for now I believe if a control message is received (such as a TLS 1.3 session ticket) then we get this error:

--- STDERR:              ktls::integration_test ktls_client_rustls_server_tls_1_3_aes_256_gcm ---
thread 'ktls_client_rustls_server_tls_1_3_aes_256_gcm' panicked at 'called `Result::unwrap()` on an `Err` value: Os { code: 5, kind: Uncategorized, message: "Input/output error" }', tests/integration_test.rs:346:39
stack backtrace:

However if we configure the server not to send session tickets, like so:

    server_config.send_tls13_tickets = 0;

Then the same test passes. The logs show that four tickets are sent by default:

And Wireshark confirms that:

This was closed by #28