untrusted comment: signature from openbsd 6.0 base secret key RWSho3oKSqgLQ9h1PPDo5hFSxeqy0mO4oEQq78+JeE/qS3I3BEztDzZYrZX4LruPq8ymAVL9EfidIM7V1pPRXCUC/gnM3KlRaAI= OpenBSD 6.0 errata 8, Sep 22, 2016: Avoid unbounded memory growth in libssl, which can be triggered by a TLS client repeatedly renegotiating and sending OCSP Status Request TLS extensions. Apply by doing: signify -Vep /etc/signify/openbsd-60-base.pub -x 008_libssl.patch.sig \ -m - | (cd /usr/src && patch -p0) And then rebuild and install libssl: cd /usr/src/lib/libssl make obj make depend make make install Index: lib/libssl/src/ssl/t1_lib.c =================================================================== RCS file: /cvs/src/lib/libssl/src/ssl/Attic/t1_lib.c,v retrieving revision 1.87 diff -u -p -r1.87 t1_lib.c --- lib/libssl/src/ssl/t1_lib.c 30 May 2016 13:42:54 -0000 1.87 +++ lib/libssl/src/ssl/t1_lib.c 22 Sep 2016 17:43:51 -0000 @@ -1438,10 +1438,28 @@ ssl_parse_clienthello_tlsext(SSL *s, uns /* Read in responder_id_list */ n2s(data, dsize); size -= 2; - if (dsize > size ) { + if (dsize > size) { *al = SSL_AD_DECODE_ERROR; return 0; } + + /* + * We remove any OCSP_RESPIDs from a + * previous handshake to prevent + * unbounded memory growth. + */ + sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, + OCSP_RESPID_free); + s->tlsext_ocsp_ids = NULL; + if (dsize > 0) { + s->tlsext_ocsp_ids = + sk_OCSP_RESPID_new_null(); + if (s->tlsext_ocsp_ids == NULL) { + *al = SSL_AD_INTERNAL_ERROR; + return 0; + } + } + while (dsize > 0) { OCSP_RESPID *id; int idsize; @@ -1467,13 +1485,6 @@ ssl_parse_clienthello_tlsext(SSL *s, uns if (data != sdata) { OCSP_RESPID_free(id); *al = SSL_AD_DECODE_ERROR; - return 0; - } - if (!s->tlsext_ocsp_ids && - !(s->tlsext_ocsp_ids = - sk_OCSP_RESPID_new_null())) { - OCSP_RESPID_free(id); - *al = SSL_AD_INTERNAL_ERROR; return 0; } if (!sk_OCSP_RESPID_push(