Commit adb83a4678 for openssl.org

commit adb83a4678c7588c269e706cea0aa5d63146639c
Author: Matt Caswell <matt@openssl.foundation>
Date:   Fri Apr 10 10:58:50 2026 +0100

    Limit the number of PSKs we accept

    To prevent attacks where an unauthenticated client sends us a large
    number of PSKs, we place a limit on the number we are prepared to
    accept.

    Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
    Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
    MergeDate: Thu Apr 16 17:07:37 2026
    (Merged from https://github.com/openssl/openssl/pull/30761)

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 61b496b677..8e66fd7230 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -21,6 +21,7 @@

 #define MAX_SUPPORTED_GROUPS 128
 #define MAX_KEY_SHARES 16
+#define MAX_PRE_SHARED_KEYS 16

 /*
  * 2 bytes for packet length, 2 bytes for format version, 2 bytes for
@@ -1341,7 +1342,7 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
     }

     s->ext.ticket_expected = 0;
-    for (id = 0; PACKET_remaining(&identities) != 0; id++) {
+    for (id = 0; PACKET_remaining(&identities) != 0 && id < MAX_PRE_SHARED_KEYS; id++) {
         PACKET identity;
         unsigned long ticket_agel;
         size_t idlen;