projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
[oweals/openssl.git]
/
ssl
/
s3_lib.c
diff --git
a/ssl/s3_lib.c
b/ssl/s3_lib.c
index a40621822b37dd7010ca724b7da839e72e5cfe62..fc723a00a9759a637f54dd0c71174f02870e97a0 100644
(file)
--- a/
ssl/s3_lib.c
+++ b/
ssl/s3_lib.c
@@
-1734,6
+1734,11
@@
void ssl3_clear(SSL *s)
s->s3->tmp.ecdh = NULL;
}
#endif
s->s3->tmp.ecdh = NULL;
}
#endif
+#ifndef OPENSSL_NO_TLSEXT
+#ifndef OPENSSL_NO_EC
+ s->s3->is_probably_safari = 0;
+#endif /* !OPENSSL_NO_EC */
+#endif /* !OPENSSL_NO_TLSEXT */
rp = s->s3->rbuf.buf;
wp = s->s3->wbuf.buf;
rp = s->s3->rbuf.buf;
wp = s->s3->wbuf.buf;
@@
-2398,6
+2403,13
@@
SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
j=sk_SSL_CIPHER_find(allow,c);
if (j >= 0)
{
j=sk_SSL_CIPHER_find(allow,c);
if (j >= 0)
{
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+ if ((alg & SSL_kECDHE) && (alg & SSL_aECDSA) && s->s3->is_probably_safari)
+ {
+ if (!ret) ret=sk_SSL_CIPHER_value(allow,j);
+ continue;
+ }
+#endif
ret=sk_SSL_CIPHER_value(allow,j);
break;
}
ret=sk_SSL_CIPHER_value(allow,j);
break;
}