From 1dfd1cf6c439ce0e41c7f3ac112e6531381c6af7 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Fri, 17 Jul 2015 15:50:37 +0000
Subject: Remove compat hack that disabled ECDHE-ECDSA on OS X.

For a few old releases, ECDHE-ECDSA was broken on OS X.  This option
cannot differentiate between working and broken OS X so it disabled
ECDHE-ECDSA support on all OS X >= 10.6.  10.8-10.8.3 were the faulty
releases but these are no longer relevant.  Tested on OS X 10.10 by jsing.

ok jsing@
---
 src/lib/libssl/doc/SSL_CTX_set_options.3 | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'src/lib/libssl/doc')

diff --git a/src/lib/libssl/doc/SSL_CTX_set_options.3 b/src/lib/libssl/doc/SSL_CTX_set_options.3
index 922522a33c..91a1c9ad92 100644
--- a/src/lib/libssl/doc/SSL_CTX_set_options.3
+++ b/src/lib/libssl/doc/SSL_CTX_set_options.3
@@ -1,5 +1,5 @@
 .\"
-.\"	$OpenBSD: SSL_CTX_set_options.3,v 1.7 2015/07/17 07:04:40 doug Exp $
+.\"	$OpenBSD: SSL_CTX_set_options.3,v 1.8 2015/07/17 15:50:37 doug Exp $
 .\"
 .Dd $Mdocdate: July 17 2015 $
 .Dt SSL_CTX_SET_OPTIONS 3
@@ -116,8 +116,9 @@ this option has no effect.
 .It Dv SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
 \&...
 .It Dv SSL_OP_SAFARI_ECDHE_ECDSA_BUG
-Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
-OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
+As of
+.Ox 5.8 ,
+this option has no effect.
 .It Dv SSL_OP_SSLEAY_080_CLIENT_DH_BUG
 As of
 .Ox 5.8 ,
-- 
cgit v1.2.3-55-g6feb