Remove compat hack that disabled ECDHE-ECDSA on OS X.

For a few old releases, ECDHE-ECDSA was broken on OS X.  This option
cannot differentiate between working and broken OS X so it disabled
ECDHE-ECDSA support on all OS X >= 10.6.  10.8-10.8.3 were the faulty
releases but these are no longer relevant.  Tested on OS X 10.10 by jsing.

ok jsing@

1 files changed, 1 insertions, 9 deletions

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index c838409bf7..9167257546 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.97 2015/07/14 05:20:46 doug Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.98 2015/07/17 15:50:37 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2087,8 +2087,6 @@ ssl3_clear(SSL *s)
         EC_KEY_free(s->s3->tmp.ecdh);
         s->s3->tmp.ecdh = NULL;
 
-        s->s3->is_probably_safari = 0;
-
         rp = s->s3->rbuf.buf;
         wp = s->s3->wbuf.buf;
         rlen = s->s3->rbuf.len;
@@ -2618,12 +2616,6 @@ ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                         continue;
                 ii = sk_SSL_CIPHER_find(allow, c);
                 if (ii >= 0) {
-                        if ((alg_k & SSL_kECDHE) &&
-                            (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
-                                if (!ret)
-                                        ret = sk_SSL_CIPHER_value(allow, ii);
-                                continue;
-                        }
                         ret = sk_SSL_CIPHER_value(allow, ii);
                         break;
                 }