untrusted comment: signature from openbsd 6.0 base secret key RWSho3oKSqgLQxiq51WTIK3qrNKc5AWhXdPYQuvyLDUcT1XyY0eMjaeMElPHQNTmLhh71i2s2ioVSx7VX+y78HVn9KT09SJItA4= OpenBSD 6.0 errata 022, May 7, 2017: Incorrect DTLS cookie handling can result in a NULL pointer dereference. Apply by doing: signify -Vep /etc/signify/openbsd-60-base.pub -x 022_libssl.patch.sig \ -m - | (cd /usr/src && patch -p0) And then rebuild and install libssl: cd /usr/src/lib/libssl/ssl make obj make depend make make install Index: lib/libssl/src/ssl/s3_srvr.c =================================================================== RCS file: /cvs/src/lib/libssl/src/ssl/Attic/s3_srvr.c,v retrieving revision 1.126.2.1 retrieving revision 1.126.2.2 diff -u -p -r1.126.2.1 -r1.126.2.2 --- lib/libssl/src/ssl/s3_srvr.c 3 Oct 2016 11:23:13 -0000 1.126.2.1 +++ lib/libssl/src/ssl/s3_srvr.c 30 Apr 2017 00:06:09 -0000 1.126.2.2 @@ -721,7 +721,7 @@ ssl3_send_hello_request(SSL *s) int ssl3_get_client_hello(SSL *s) { - int i, j, ok, al, ret = -1; + int i, j, ok, al, ret = -1, cookie_valid = 0; unsigned int cookie_len; long n; unsigned long id; @@ -887,7 +887,7 @@ ssl3_get_client_hello(SSL *s) goto f_err; } - ret = 2; + cookie_valid = 1; } p += cookie_len; @@ -1070,8 +1070,8 @@ ssl3_get_client_hello(SSL *s) goto err; } - if (ret < 0) - ret = 1; + ret = cookie_valid ? 2 : 1; + if (0) { truncated: al = SSL_AD_DECODE_ERROR;