From 1dfd1cf6c439ce0e41c7f3ac112e6531381c6af7 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Fri, 17 Jul 2015 15:50:37 +0000
Subject: Remove compat hack that disabled ECDHE-ECDSA on OS X.

For a few old releases, ECDHE-ECDSA was broken on OS X.  This option
cannot differentiate between working and broken OS X so it disabled
ECDHE-ECDSA support on all OS X >= 10.6.  10.8-10.8.3 were the faulty
releases but these are no longer relevant.  Tested on OS X 10.10 by jsing.

ok jsing@
---
 src/lib/libssl/ssl3.h | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'src/lib/libssl/ssl3.h')

diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 8bcf9e37e8..4de50428a8 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.38 2015/07/17 07:04:41 doug Exp $ */
+/* $OpenBSD: ssl3.h,v 1.39 2015/07/17 15:50:37 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -490,9 +490,10 @@ typedef struct ssl3_state_st {
 	unsigned char *alpn_selected;
 	unsigned int alpn_selected_len;
 
-	/* This is set to true if we believe that this is a version of Safari
-	 * running on OS X 10.6 or newer. We wish to know this because Safari
-	 * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */
+	/*
+	 * XXX delete on next major bump.  This was for old OS X releases
+	 * with broken ECDHE-ECDSA support.
+	 */
 	char is_probably_safari;
 } SSL3_STATE;
 
-- 
cgit v1.2.3-55-g6feb