untrusted comment: signature from openbsd 6.2 base secret key
RWRVWzAMgtyg7n1TV+GdjqX6KJGYXyKwMscorv7kp+AQkbCgSs/+ZIP6A1QHtMlI2E9uFWvzEeL4MeYsbRviLXvQ6T2ELgUV9gU=

OpenBSD 6.2 errata 004, Jan 15, 2018:

An incorrect TLS extensions block is generated when no extensions are present,
which can result in handshake failures.

Apply by doing:
   signify -Vep /etc/signify/openbsd-62-base.pub -x 004_libssl.patch.sig \
       -m - | (cd /usr/src && patch -p0)

And then rebuild and install libssl:
       cd /usr/src/lib/libssl
       make obj
       make depend
       make
       make install

Index: lib/libssl/bs_cbb.c
===================================================================
RCS file: /cvs/src/lib/libssl/bs_cbb.c,v
retrieving revision 1.17
retrieving revision 1.17.4.1
diff -u -p -r1.17 -r1.17.4.1
--- lib/libssl/bs_cbb.c 12 Aug 2017 02:50:05 -0000      1.17
+++ lib/libssl/bs_cbb.c 9 Dec 2017 13:43:25 -0000       1.17.4.1
@@ -271,6 +271,20 @@ CBB_flush(CBB *cbb)
       return 1;
}

+void
+CBB_discard_child(CBB *cbb)
+{
+       if (cbb->child == NULL)
+               return;
+
+       cbb->base->len = cbb->offset;
+
+       cbb->child->base = NULL;
+       cbb->child = NULL;
+       cbb->pending_len_len = 0;
+       cbb->pending_is_asn1 = 0;
+       cbb->offset = 0;
+}

static int
cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len)
Index: lib/libssl/bytestring.h
===================================================================
RCS file: /cvs/src/lib/libssl/bytestring.h,v
retrieving revision 1.15
retrieving revision 1.15.6.1
diff -u -p -r1.15 -r1.15.6.1
--- lib/libssl/bytestring.h     4 Nov 2016 18:28:58 -0000       1.15
+++ lib/libssl/bytestring.h     9 Dec 2017 13:43:25 -0000       1.15.6.1
@@ -392,6 +392,12 @@ int CBB_finish(CBB *cbb, uint8_t **out_d
 * on error.
 */
int CBB_flush(CBB *cbb);
+
+/*
+ * CBB_discard_child discards the current unflushed child of |cbb|. Neither the
+ * child's contents nor the length prefix will be included in the output.
+ */
+void CBB_discard_child(CBB *cbb);

/*
 * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The
Index: lib/libssl/ssl_tlsext.c
===================================================================
RCS file: /cvs/src/lib/libssl/ssl_tlsext.c,v
retrieving revision 1.17
retrieving revision 1.17.4.1
diff -u -p -r1.17 -r1.17.4.1
--- lib/libssl/ssl_tlsext.c     25 Sep 2017 18:02:27 -0000      1.17
+++ lib/libssl/ssl_tlsext.c     9 Dec 2017 13:43:25 -0000       1.17.4.1
@@ -1296,6 +1296,7 @@ tlsext_clienthello_build(SSL *s, CBB *cb
{
       CBB extensions, extension_data;
       struct tls_extension *tlsext;
+       int extensions_present = 0;
       size_t i;

       if (!CBB_add_u16_length_prefixed(cbb, &extensions))
@@ -1313,8 +1314,13 @@ tlsext_clienthello_build(SSL *s, CBB *cb
                       return 0;
               if (!tls_extensions[i].clienthello_build(s, &extension_data))
                       return 0;
+
+               extensions_present = 1;
       }

+       if (!extensions_present)
+               CBB_discard_child(cbb);
+
       if (!CBB_flush(cbb))
               return 0;

@@ -1351,6 +1357,7 @@ tlsext_serverhello_build(SSL *s, CBB *cb
{
       CBB extensions, extension_data;
       struct tls_extension *tlsext;
+       int extensions_present = 0;
       size_t i;

       if (!CBB_add_u16_length_prefixed(cbb, &extensions))
@@ -1368,7 +1375,12 @@ tlsext_serverhello_build(SSL *s, CBB *cb
                       return 0;
               if (!tlsext->serverhello_build(s, &extension_data))
                       return 0;
+
+               extensions_present = 1;
       }
+
+       if (!extensions_present)
+               CBB_discard_child(cbb);

       if (!CBB_flush(cbb))
               return 0;